| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.08.2015, 17:02
| #1 |
| |  Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 Hallo, ich bin sehr neu hier, deswegen entschuldigt bitte meine Fehler. Ich habe von 1und1 eine Benachrichtigung bekommen, dass mein Postfach zum Spamversand missbraucht wurde. Außerdem erscheint mir die Internetauslastung während ich meinen Browser (Firefox) geöffnet habe oft sehr hoch. Der Avira EU-Cleaner meldet mir einen Fund von Schafsoftware mit dem Namen "TR/Trustezeb.86528", erkann ihn jedoch nicht entfernen. (Finde leider kein Logfile dazu) Nachdem ich daraufhin ein erstes mal mit Malwarebytes Anti-Malware gescannt habe, meldete es auch einen Fund und konnte ihn entfernen (habe leider kein Logfile dazu gespeichert). Bei einem weiteren Scan von Anti-Malware gab es keinen Fund. Avira EU-Cleaner meldet jedoch immer wieder den Fund von der Schadsoftware "TR/Trustezeb.86528". Während dem Scan mit GMER kam es jedoch zwei mal zu einer Fehermeldung "C:\WINDOWS\system32\config\system: der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird." und daraufhin "C:\User\Marius\ntuser.dat: der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird." (Diese Meldung erscheint auch im abgesicherten Modus) Vielen Dank für eure Hilfe |
|
01.08.2015, 17:34
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.08.2015, 17:15
| #3 |
| | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 okay, danke für den Hinweis.
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015 durchgeführt von Marius (Administrator) auf LENOVO-PC (01-08-2015 16:45:52) Gestartet von C:\Users\Marius\Desktop Geladene Profile: Marius (Verfügbare Profile: Marius) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe (Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe (LG Electronics) C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe (Lenovo) C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe () C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\TestDDCCI.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe () C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\TestDDCCI.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (TODO: <Company name>) C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\SmartHookTestApp.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\wimserv.exe () C:\Users\Marius\Desktop\Defogger.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-02] (Intel Corporation) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-29] (Synaptics Incorporated) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-03-29] (Lenovo) HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-03-29] () HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59923440 2014-03-29] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-03-29] (Lenovo(beijing) Limited) HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-20] (AVAST Software) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-3382090012-743032079-2677054036-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation) HKU\S-1-5-21-3382090012-743032079-2677054036-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-3382090012-743032079-2677054036-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Smart Solution.lnk [2015-07-31] ShortcutTarget: Dual Smart Solution.lnk -> C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe (LG Electronics) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-03-29] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-20] (AVAST Software) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3382090012-743032079-2677054036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3382090012-743032079-2677054036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB HKU\S-1-5-21-3382090012-743032079-2677054036-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-3382090012-743032079-2677054036-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3382090012-743032079-2677054036-1001 -> {9B171314-387A-494B-A223-2CC24C8E72F3} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20] (AVAST Software) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3B5DE7F4-D070-40EE-914A-4B12ACD1EF82}: [DhcpNameServer] 150.201.1.3 Tcpip\..\Interfaces\{7F8841E8-9AF7-45B5-BD73-5B19B5336F1C}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\ogr9tz5j.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-06-28] (Nitro PDF) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Extension: ProxTube - Unblock YouTube - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\ogr9tz5j.default\Extensions\ich@maltegoetz.de.xpi [2015-02-10] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\ogr9tz5j.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-09] FF Extension: SoundCloud Downloader - Technowise - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\ogr9tz5j.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2015-02-18] FF Extension: Adblock Plus - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\ogr9tz5j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-10] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-20] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20] (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-05-02] (Nuance Communications, Inc.) R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-08-02] (Intel Corporation) R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-02] (Intel Corporation) R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-08-02] (Intel Corporation) R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-08-02] (Intel Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-03-29] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-28] (Nitro PDF Software) R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-07] (PointGrab LTD) R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2014-03-29] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2014-03-29] (Lenovo) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-03-29] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [34576 2014-03-29] (Lenovo) R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-20] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-20] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-20] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-20] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-20] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-20] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-20] (AVAST Software) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-02] (Intel Corporation) R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-02] (Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-08-02] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] () R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-01] () R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] () S3 LGDDCDevice; C:\WINDOWS\SysWOW64\LGI2CDriver.sys [16384 2012-10-17] (LG Soft India) [Datei ist nicht signiert] S3 LGII2CDevice; C:\WINDOWS\SysWOW64\LGPII2CDriver.sys [10752 2012-11-23] (LG Soft India) [Datei ist nicht signiert] R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.) R3 SensorsHIDClassDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-29] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-01 16:45 - 2015-08-01 16:46 - 00021092 _____ C:\Users\Marius\Desktop\FRST.txt 2015-08-01 16:45 - 2015-08-01 16:45 - 00000000 ____D C:\FRST 2015-08-01 16:44 - 2015-08-01 16:44 - 00000474 _____ C:\Users\Marius\Desktop\defogger_disable.log 2015-08-01 16:44 - 2015-08-01 16:44 - 00000000 _____ C:\Users\Marius\defogger_reenable 2015-08-01 16:43 - 2015-08-01 16:43 - 00002018 _____ C:\Users\Marius\AppData\Local\recently-used.xbel 2015-08-01 16:39 - 2015-08-01 16:39 - 00380416 _____ C:\Users\Marius\Desktop\Gmer-19357.exe 2015-08-01 16:38 - 2015-08-01 16:38 - 02168832 _____ (Farbar) C:\Users\Marius\Desktop\FRST64.exe 2015-08-01 16:37 - 2015-08-01 16:37 - 00050477 _____ C:\Users\Marius\Desktop\Defogger.exe 2015-08-01 13:11 - 2015-08-01 13:17 - 00019456 ___SH C:\Users\Marius\Thumbs.db 2015-08-01 11:59 - 2015-08-01 12:01 - 00000000 ____D C:\AdwCleaner 2015-08-01 11:59 - 2015-08-01 11:59 - 02248704 _____ C:\Users\Marius\Downloads\adwcleaner_4.208.exe 2015-08-01 11:56 - 2015-08-01 16:43 - 00000146 _____ C:\Users\Marius\Desktop\Virus.txt 2015-08-01 11:23 - 2015-08-01 11:23 - 00002091 _____ C:\Users\Marius\Desktop\Entfernen des Avira EU-Cleaners.lnk 2015-08-01 11:23 - 2015-08-01 11:23 - 00002035 _____ C:\Users\Marius\Desktop\Avira EU-Cleaner.lnk 2015-08-01 11:22 - 2015-08-01 11:22 - 02209056 _____ C:\Users\Marius\Downloads\avira-eu-cleaner_de.exe 2015-08-01 11:22 - 2015-08-01 11:22 - 02209056 _____ C:\Users\Marius\Downloads\avira-eu-cleaner_de (1).exe 2015-08-01 02:39 - 2015-08-01 02:39 - 00003074 _____ C:\WINDOWS\System32\Tasks\{7A3995CA-4960-4BB7-9B55-4E05C078AF75} 2015-08-01 01:10 - 2015-08-01 01:10 - 01198368 _____ C:\Users\Marius\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe 2015-07-31 19:32 - 2015-08-01 01:27 - 00000000 ____D C:\Users\Marius\Desktop\Mastershizzl 2015-07-31 14:23 - 2015-08-01 12:01 - 00002560 _____ C:\WINDOWS\SysWOW64\Xui.trf 2015-07-31 14:21 - 2015-07-31 14:21 - 06160385 _____ (InstallShield Software Corporation) C:\Users\Marius\Downloads\Setup.exe 2015-07-31 14:21 - 2015-07-31 14:21 - 00073728 _____ () C:\Users\Marius\Downloads\Setup(1).exe 2015-07-31 14:21 - 2015-07-31 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Smart Solution 2015-07-31 14:21 - 2015-07-31 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\newfolder2 2015-07-31 14:21 - 2015-07-31 14:21 - 00000000 ____D C:\Program Files (x86)\LG Soft India Pvt Ltd 2015-07-31 14:21 - 2012-11-23 16:11 - 00010752 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGPII2CDriver.sys 2015-07-31 14:21 - 2012-10-17 18:52 - 00192512 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGDeviceManager.dll 2015-07-31 14:21 - 2012-10-17 18:52 - 00114688 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGMonitorDDCCISDK.dll 2015-07-31 14:21 - 2012-10-17 18:52 - 00094208 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGProtocolEngine.dll 2015-07-31 14:21 - 2012-10-17 18:52 - 00049152 _____ () C:\WINDOWS\SysWOW64\LGErrorHandler.dll 2015-07-31 14:21 - 2012-10-17 18:52 - 00016384 _____ (LG Soft India) C:\WINDOWS\SysWOW64\LGI2CDriver.sys 2015-07-31 13:14 - 2015-07-31 13:18 - 00000000 ____D C:\Users\Marius\Desktop\Arbeiten 2015-07-29 20:06 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-07-27 16:09 - 2015-08-01 16:25 - 00005411 _____ C:\WINDOWS\setupact.log 2015-07-27 16:09 - 2015-07-27 16:09 - 00001618 _____ C:\WINDOWS\PFRO.log 2015-07-27 16:09 - 2015-07-27 16:09 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-07-22 13:13 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-07-22 13:13 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-07-22 13:13 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-07-22 13:13 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-07-20 23:32 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-07-20 23:30 - 2015-07-20 23:30 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2015-07-20 23:29 - 2015-07-20 23:29 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2015-07-20 14:17 - 2015-07-20 14:17 - 00000000 ____D C:\Users\Marius\AppData\Local\CEF 2015-07-20 10:13 - 2015-07-20 10:13 - 00000424 _____ C:\Users\Marius\Desktop\Arbeitsplatz.lnk 2015-07-19 11:14 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-07-19 11:14 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-07-19 11:14 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-07-19 11:14 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-07-19 11:14 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-07-19 11:14 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-07-19 11:14 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-07-19 11:14 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2015-07-19 11:14 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-07-19 11:14 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2015-07-19 11:14 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-07-19 11:14 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2015-07-19 11:14 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-07-19 11:14 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2015-07-19 11:14 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll 2015-07-19 11:14 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll 2015-07-19 11:14 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-19 11:14 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2015-07-19 11:14 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-19 11:14 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2015-07-19 11:14 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-07-19 11:14 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-07-19 11:14 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-07-19 11:14 - 2015-05-02 01:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-07-19 11:14 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2015-07-19 11:14 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-07-19 11:14 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls 2015-07-19 11:14 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2015-07-19 11:14 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-07-19 11:14 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-07-19 11:14 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys 2015-07-19 11:14 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys 2015-07-19 11:14 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys 2015-07-19 11:14 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys 2015-07-19 11:14 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2015-07-19 11:14 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys 2015-07-19 01:56 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-07-19 01:56 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2015-07-19 01:56 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-07-19 01:56 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-07-19 01:56 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-07-19 01:56 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-07-19 01:56 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-07-19 01:56 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-07-19 01:56 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-07-19 01:56 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-07-19 01:56 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-07-19 01:56 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-07-19 01:56 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-07-19 01:56 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2015-07-19 01:56 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-07-19 01:56 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-07-19 01:56 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2015-07-19 01:56 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-07-19 01:56 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2015-07-19 01:56 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-07-19 01:56 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2015-07-19 01:56 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2015-07-19 01:56 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-07-19 01:56 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-07-19 01:56 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2015-07-19 01:56 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-07-19 01:56 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-07-19 01:56 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-07-19 01:56 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-07-19 01:56 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-07-19 01:56 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-07-19 01:56 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-07-19 01:56 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-07-19 01:56 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-07-19 01:56 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-07-19 01:56 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-07-19 01:56 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2015-07-19 01:56 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-07-19 01:56 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-07-19 01:55 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-07-19 01:55 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-07-19 01:55 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-07-19 01:55 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-07-19 01:55 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2015-07-19 01:55 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2015-07-19 01:55 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-07-19 01:55 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-07-19 01:55 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-07-19 01:55 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-07-19 01:55 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-07-19 01:55 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-07-19 01:55 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-07-19 01:55 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-07-19 01:55 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-07-19 01:55 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-07-19 01:55 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-07-19 01:55 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-07-19 01:55 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-07-19 01:55 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-07-19 01:55 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2015-07-19 01:55 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2015-07-19 01:55 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-07-19 01:55 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-07-19 01:55 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-07-19 01:55 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-07-19 01:55 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-07-19 01:55 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-07-19 01:55 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-07-19 01:55 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-07-19 01:55 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-07-19 01:55 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-07-19 01:55 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-07-19 01:54 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-07-19 01:54 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-07-19 01:54 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-07-19 01:54 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-07-19 01:53 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-07-19 01:53 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-07-19 01:53 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-07-19 01:53 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-07-19 01:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-07-19 01:53 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-07-19 01:49 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2015-07-19 01:49 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2015-07-19 01:49 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-07-19 01:49 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-07-19 00:49 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2015-07-13 10:26 - 2015-07-13 10:27 - 00000000 ____D C:\Users\Marius\Desktop\Umwelt & Strahlenbiophysik 2015-07-11 18:21 - 2015-07-11 18:21 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information 2015-07-11 18:21 - 2015-07-11 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4700 series 2015-07-11 18:20 - 2015-07-11 18:20 - 00000000 ___HD C:\ProgramData\CanonBJ 2015-07-11 18:19 - 2010-04-24 05:00 - 00336896 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMA1.DLL 2015-07-11 09:47 - 2015-07-18 11:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-07-11 09:47 - 2015-07-18 11:01 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-07-11 09:47 - 2015-07-11 09:47 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-07-11 09:46 - 2015-07-11 09:48 - 00000000 ____D C:\ProgramData\Adobe 2015-07-11 09:46 - 2015-07-11 09:46 - 50629792 _____ (Adobe Systems Incorporated) C:\Users\Marius\Downloads\AcroRdrDC1500720033_de_DE.exe 2015-07-10 19:28 - 2015-08-01 12:29 - 00000000 ___HD C:\$Windows.~BT 2015-07-07 11:41 - 2015-07-19 11:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-01 16:44 - 2015-02-09 23:47 - 00000000 ____D C:\Users\Marius 2015-08-01 16:17 - 2015-05-23 16:18 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-08-01 16:17 - 2015-02-09 23:52 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3382090012-743032079-2677054036-1001 2015-08-01 16:14 - 2015-02-11 14:46 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-08-01 16:02 - 2015-05-23 12:39 - 01429372 _____ C:\WINDOWS\WindowsUpdate.log 2015-08-01 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-08-01 15:57 - 2015-05-23 16:18 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-01 15:32 - 2015-06-16 17:36 - 00000000 ____D C:\Users\Marius\Desktop\Finale Arbeit 2015-08-01 12:35 - 2013-10-07 21:23 - 00000000 ____D C:\WINDOWS\Panther 2015-08-01 12:10 - 2014-03-29 18:47 - 00772278 _____ C:\WINDOWS\system32\perfh007.dat 2015-08-01 12:10 - 2014-03-29 18:47 - 00162264 _____ C:\WINDOWS\system32\perfc007.dat 2015-08-01 12:10 - 2013-10-07 20:27 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-01 12:09 - 2015-02-09 23:49 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3F873864-4D30-4BA6-944C-BAFD0A792329} 2015-08-01 12:02 - 2015-02-11 13:11 - 00000000 ___DO C:\Users\Marius\SkyDrive 2015-08-01 12:01 - 2014-03-29 10:16 - 00006656 _____ C:\WINDOWS\system32\VfService.trf 2015-08-01 12:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-08-01 12:01 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-08-01 11:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-08-01 10:11 - 2015-03-02 12:19 - 00541184 ___SH C:\Users\Marius\Desktop\Thumbs.db 2015-08-01 02:59 - 2015-02-13 02:38 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Skype 2015-08-01 01:34 - 2015-06-08 19:12 - 00000000 ____D C:\Users\Marius\Desktop\Uni 2015-08-01 01:34 - 2015-06-08 19:11 - 00000000 ____D C:\Users\Marius\Desktop\Musik 2015-08-01 01:32 - 2015-05-25 20:21 - 00000000 ____D C:\Users\Marius\Desktop\Handyfotos 2015-08-01 01:28 - 2015-06-16 10:30 - 00000000 ____D C:\Users\Marius\Desktop\Ionenoptik 2015-08-01 01:28 - 2015-06-08 19:10 - 00000000 ____D C:\Users\Marius\Desktop\Programme 2015-08-01 01:11 - 2015-02-11 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-08-01 01:11 - 2015-02-11 14:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-07-31 19:32 - 2015-02-22 17:12 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Nitro PDF 2015-07-31 17:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-07-31 14:21 - 2014-03-29 09:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-29 20:09 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-07-28 19:11 - 2015-05-23 15:58 - 00000000 ____D C:\Program Files (x86)\Opera 2015-07-27 15:49 - 2015-06-17 10:23 - 00000000 ____D C:\Users\Marius\AppData\Roaming\inkscape 2015-07-26 18:45 - 2015-04-06 18:02 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-07-25 21:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-07-23 11:51 - 2015-03-01 01:11 - 00000000 ____D C:\Users\Marius\AppData\Local\CrashDumps 2015-07-23 11:48 - 2015-02-10 16:08 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-07-23 11:43 - 2013-08-22 16:44 - 00351240 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-07-23 11:36 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-07-23 11:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore 2015-07-20 23:34 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2015-07-20 23:30 - 2015-02-10 16:08 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-07-20 23:30 - 2015-02-10 16:08 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-07-20 23:30 - 2015-02-10 16:08 - 00150160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2015-07-20 23:30 - 2015-02-10 16:08 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2015-07-20 23:30 - 2015-02-10 16:08 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-07-20 23:30 - 2015-02-10 16:08 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-07-20 23:30 - 2015-02-10 16:08 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-07-20 23:29 - 2015-02-10 16:08 - 01048856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-07-20 18:08 - 2015-06-02 16:05 - 00001472 _____ C:\Users\Marius\AppData\Local\RecConfig.xml 2015-07-20 11:01 - 2015-03-26 22:09 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-07-20 11:01 - 2015-03-12 03:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-07-20 11:01 - 2015-02-10 16:12 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-07-20 10:59 - 2015-04-06 18:02 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-07-19 11:10 - 2015-02-09 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-18 10:57 - 2015-05-23 16:18 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-07-18 10:57 - 2015-05-23 16:18 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-07-15 17:23 - 2015-05-23 15:58 - 00003854 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1432389506 2015-07-15 17:23 - 2015-05-23 15:58 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-13 01:02 - 2015-06-05 14:06 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Audacity 2015-07-11 18:46 - 2015-02-09 23:47 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Adobe 2015-07-11 09:48 - 2015-02-11 21:18 - 00000000 ____D C:\Users\Marius\AppData\Local\Adobe 2015-07-03 08:43 - 2015-02-10 16:12 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-09 23:48 - 2015-02-11 14:37 - 0005588 _____ () C:\Users\Marius\AppData\Roaming\AbsoluteReminder.xml 2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Marius\AppData\Local\bass.dll 2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Marius\AppData\Local\basscd.dll 2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Marius\AppData\Local\CDRip.dll 2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Marius\AppData\Local\lame_enc.dll 2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Marius\AppData\Local\No23 Recorder.exe 2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Marius\AppData\Local\no23xwrapper.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Marius\AppData\Local\ogg.dll 2015-06-02 16:05 - 2015-07-20 18:08 - 0001472 _____ () C:\Users\Marius\AppData\Local\RecConfig.xml 2015-08-01 16:43 - 2015-08-01 16:43 - 0002018 _____ () C:\Users\Marius\AppData\Local\recently-used.xbel 2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Marius\AppData\Local\vorbis.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Marius\AppData\Local\vorbisenc.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Marius\AppData\Local\vorbisfile.dll 2015-06-05 15:31 - 2015-06-05 15:31 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-03-29 09:59 - 2014-03-29 09:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Marius\AppData\Local\Temp\Quarantine.exe C:\Users\Marius\AppData\Local\Temp\SkypeSetup.exe C:\Users\Marius\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\System32\winlogon.exe => Datei ist digital signiert C:\Windows\System32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\System32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\System32\services.exe => Datei ist digital signiert C:\Windows\System32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\System32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\System32\rpcss.dll => Datei ist digital signiert C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-07-31 17:44 ==================== Ende von log ============================ Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-01 17:50:44
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000033 SAMSUNG_MZMTE256HMHP-000L1 rev.EXT42L0Q 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\Marius\AppData\Local\Temp\fxlyrpog.sys
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [580:616] fffff960008562d0
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.08.2015 Suchlaufzeit: 17:00 Protokolldatei: Malwarebytes Anti-Malware .txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.01.04 Rootkit-Datenbank: v2015.07.30.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Marius Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 347019 Abgelaufene Zeit: 6 Min., 43 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter **************************************************
Zusammenfassung des Suchlaufs:
**************************************************
Zeitstempel des letzten Updates: 01.08.2015 15:09:50
Konfigurationsprofil: sysscan.avp
Plattform : Windows 8.1
Windowsversion : (plain) [6.2.9200]
build.dat : 10.0.0.65 13423 Bytes 07.04.2014 08:37:00
Beginn des Suchlaufs: Samstag, 1. August 2015 17:10
d5aeb2b890bc19f34d18efaacb177a9c6a0cf58aa14e3aed202b279d5d17b93c
[FUND] Ist das Trojanische Pferd TR/Trustezeb.86528
Ende des Suchlaufs: Samstag, 1. August 2015 17:36
Benötigte Zeit: 24:25 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
48979 Verzeichnisse wurden überprüft
952429 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
1 Dateien konnten nicht durchsucht werden
952427 Dateien ohne Befall
7185 Archive wurden durchsucht
2 Warnungen
0 Hinweise
|
|
03.08.2015, 12:00
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 Fehlt noch die Addition.txt von FRST. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.08.2015, 10:53
| #5 |
| | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 vielen Dank für die erste Hilfe. Es wurde leider nichts gefunden und entfernt. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-07-2015
durchgeführt von Marius (2015-08-01 16:46:17)
Gestartet von C:\Users\Marius\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3382090012-743032079-2677054036-500 - Administrator - Disabled)
Gast (S-1-5-21-3382090012-743032079-2677054036-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3382090012-743032079-2677054036-1003 - Limited - Enabled)
Marius (S-1-5-21-3382090012-743032079-2677054036-1001 - Administrator - Enabled) => C:\Users\Marius
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Benutzerhandbuch (x32 Version: 1.0.0.15 - Lenovo) Hidden
Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dragon Assistant Application de-DE Version 1.5.7 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.7 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.10 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.10 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.3 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.3 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.7 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.7 - Nuance Communications, Inc.)
Dual Smart Solution (HKLM-x32\...\{E61F7C73-277C-44CE-87C4-B574BF0F3803}) (Version: 2.5 - LG Soft India Pvt Ltd)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo)
Energy Manager (x32 Version: 1.0.1.51 - Lenovo) Hidden
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{1c7272f2-45cf-469f-b7e9-17c6b212549c}) (Version: 16.5.3 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.0 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.12271 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Nero CoverDesigner (HKLM-x32\...\{79BB6415-00A7-413A-B278-A7EAE69F1753}) (Version: 12.0.02700 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nitro Pro 8 (HKLM\...\{AD21268B-7AA2-45B1-B360-E0CBA12706FE}) (Version: 8.5.5.7 - Nitro)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
Prerequisite installer (x32 Version: 12.0.0005 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
ReminderInstaller (HKLM-x32\...\InstallShield_{48B99BC9-CEB0-485E-96B1-4609BC86D2DE}) (Version: 1.00.0000 - Absolute Software.)
ReminderInstaller (x32 Version: 1.00.0000 - Absolute Software.) Hidden
SketchUp 2015 (HKLM\...\{A83795B9-570F-40FF-ACB4-710B568EBA22}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3520 series Produkten (HKLM\...\{A5BB6A58-BC1A-48A7-BB19-1768A80CF9C9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.7 - Synaptics Incorporated)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
11-07-2015 09:46:58 Installed Adobe Acrobat Reader DC - Deutsch.
18-07-2015 11:35:56 Geplanter Prüfpunkt
20-07-2015 23:29:14 avast! antivirus system restore point
29-07-2015 20:09:36 Windows Update
31-07-2015 14:21:37 Installiert Dual Smart Solution
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A8F68A3-B87B-4B5F-A385-6809387468B5} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {0EA4238C-6141-45ED-BAE2-F759716C228A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {127912A6-3D12-4BB2-BA16-1D5E030DF02F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1B7B70B1-9D09-4CD1-9F80-FE41E7EE5FD7} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3382090012-743032079-2677054036-1001
Task: {1CFB82CE-2247-42DC-BAAD-A31E07932D43} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {283C03A8-B248-4CDD-8AA5-D5B07506FC7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {3694B95B-AACF-4DF0-9BBF-F8A3BA490F70} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {42C5C46E-D481-4232-A337-379421BD9971} - System32\Tasks\{7A3995CA-4960-4BB7-9B55-4E05C078AF75} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.85.105/de/abandoninstall?page=tsMain
Task: {45256E89-CD45-45C6-8F91-849A83A24006} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-03-29] (Lenovo)
Task: {742EADDE-A7D8-45A6-A5E9-F82EBCCB2D60} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-18] (Adobe Systems Incorporated)
Task: {8205E23A-5B11-43B3-9299-96B65C92C7AC} - System32\Tasks\Opera scheduled Autoupdate 1432389506 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {8B66CCF7-2611-4D7F-805E-A61BB62DA27B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)
Task: {E1E49EAD-B87B-424B-972B-0726A30E1C0D} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E2CD7FB9-910A-4612-9BFF-CB7799EBF96D} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-08-01 18:31 - 2013-08-01 18:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 18:31 - 2013-08-01 18:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 18:31 - 2013-08-01 18:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-03-29 10:16 - 2014-03-29 10:16 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-03-29 10:16 - 2014-03-29 10:16 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-03-29 10:16 - 2014-03-29 10:16 - 00062224 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-03-29 10:13 - 2014-01-06 16:14 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2014-03-29 10:16 - 2014-03-29 10:16 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-03-29 10:16 - 2014-03-29 10:16 - 00108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-07-31 14:21 - 2012-10-23 15:25 - 00064512 _____ () C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\MouseHook.dll
2015-07-31 14:21 - 2012-10-17 18:52 - 00005120 _____ () C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\GerRes.dll
2014-03-29 10:13 - 2014-01-06 15:58 - 00044016 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Util.dll
2015-02-13 17:02 - 2015-02-13 17:02 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2015-02-13 17:02 - 2015-02-13 17:02 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2015-02-13 17:02 - 2015-02-13 17:02 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2015-07-31 14:21 - 2012-12-14 20:10 - 00036864 _____ () C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\TestDDCCI.exe
2015-08-01 16:37 - 2015-08-01 16:37 - 00050477 _____ () C:\Users\Marius\Desktop\Defogger.exe
2015-07-20 23:29 - 2015-07-20 23:29 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 23:29 - 2015-07-20 23:29 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-01 01:36 - 2015-08-01 01:36 - 02959872 _____ () C:\Program Files\AVAST Software\Avast\defs\15073103\algo.dll
2015-08-01 12:02 - 2015-08-01 12:02 - 02959872 _____ () C:\Program Files\AVAST Software\Avast\defs\15080100\algo.dll
2014-03-29 10:15 - 2013-05-02 12:26 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-03-29 10:15 - 2013-05-02 12:26 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-03-29 10:15 - 2013-05-02 12:26 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-03-29 10:15 - 2013-05-02 12:26 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-03-29 10:15 - 2013-05-02 12:26 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-03-29 10:15 - 2013-05-02 12:26 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-03-29 10:15 - 2013-05-02 12:25 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2014-03-29 10:16 - 2014-03-29 10:16 - 00102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
2014-03-29 10:16 - 2014-03-29 10:16 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2015-07-20 23:29 - 2015-07-20 23:29 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-31 14:21 - 2012-10-17 18:52 - 00061952 _____ () C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Proxy32dll.dll
2014-03-29 10:16 - 2014-03-29 10:16 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2014-03-29 09:57 - 2013-08-08 22:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Marius\SkyDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3382090012-743032079-2677054036-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marius\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Yoga PhoneCompanion"
HKU\S-1-5-21-3382090012-743032079-2677054036-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B6F0947D-4A21-4D9B-91D8-1527992FD928}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8BE8096C-B6CF-49E7-83F9-028A4383E0AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4D6150BF-ADA8-49F0-B049-3AA230477879}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1028A97D-BD7E-4356-8B5A-DB6B78AD46EF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{22440720-7A1D-4F01-BB94-AF5271C25E95}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2145FA6C-DE50-4853-AAE5-57AC0298C365}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5A8238B9-FC00-4DB2-9D8A-7C86A0A5D38B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4451A521-8956-4FB6-8D7A-9ADB00819A31}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6BD2754D-C579-4398-95E2-991D6D008D7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9E2DDFD4-F59F-49F4-89F6-3800AEA5FC20}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{22040C56-15C3-47A7-82A4-95BE6F040DCF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{716EBCBE-F96B-4A84-8132-1285DFD5182E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{02F5314B-FF08-4DC1-8B0E-D52DFF2C0F12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{408C1390-57E0-4541-BD5F-398D5996E9D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EE714E88-AC24-472C-821F-8391E3370A14}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{7A026703-AD83-4EBB-90C3-6982D4A1FE6C}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{003AB41C-2E6A-4C8C-B748-A621941FD2A9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/01/2015 12:01:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/01/2015 12:01:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/01/2015 12:01:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (07/31/2015 05:52:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927150. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/31/2015 05:44:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRE_DRV" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/31/2015 02:22:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (07/31/2015 02:22:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (07/31/2015 02:22:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (07/29/2015 09:07:58 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=6792), GLE=31.
Error: (07/28/2015 07:37:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GWXUX.exe, Version 6.3.9600.17924 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 26c0
Startzeit: 01d0c95c0de48bf4
Endzeit: 15
Anwendungspfad: C:\WINDOWS\System32\GWX\GWXUX.exe
Berichts-ID: 4f6f35e4-354f-11e5-8270-7c7a91bc1181
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (08/01/2015 12:01:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Fehlercode: 126
Error: (08/01/2015 12:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/01/2015 12:01:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dragon Assistant Core" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/01/2015 12:01:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/01/2015 12:01:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/01/2015 12:01:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706be fehlgeschlagen: Upgrade auf Windows 10 Home
Error: (08/01/2015 12:01:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/01/2015 12:01:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Device Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/01/2015 12:01:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/01/2015 12:01:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (08/01/2015 12:01:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path43900
Error: (08/01/2015 12:01:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path25900
Error: (08/01/2015 12:01:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path17900
Error: (07/31/2015 05:52:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO-PC)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927150
Error: (07/31/2015 05:44:35 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRE_DRVFalscher Parameter. (0x80070057)
Error: (07/31/2015 02:22:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path43900
Error: (07/31/2015 02:22:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path25900
Error: (07/31/2015 02:22:58 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path17900
Error: (07/29/2015 09:07:58 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=6792), GLE=31.
Error: (07/28/2015 07:37:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GWXUX.exe6.3.9600.1792426c001d0c95c0de48bf415C:\WINDOWS\System32\GWX\GWXUX.exe4f6f35e4-354f-11e5-8270-7c7a91bc1181
CodeIntegrity:
===================================
Date: 2015-06-04 15:05:21.453
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 44%
Total physical RAM: 8104.27 MB
Available physical RAM: 4525.35 MB
Total Virtual: 9384.27 MB
Available Virtual: 5164.57 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:219.21 GB) (Free:97.91 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:4 GB) (Free:1.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 8D23FB16)
Partition: GPT Partition Type.
==================== Ende von log ============================
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.08.04.02
rootkit: v2015.08.03.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17905
:: [administrator]
04.08.2015 11:29:51
mbar-log-2015-08-04 (11-29-51).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 350109
Time elapsed: 6 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
1. Teil Code:
ATTFilter 11:38:09.0333 0x18c8 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:38:09.0333 0x18c8 UEFI system
11:38:35.0273 0x18c8 ============================================================
11:38:35.0273 0x18c8 Current date / time: 2015/08/04 11:38:35.0273
11:38:35.0273 0x18c8 SystemInfo:
11:38:35.0273 0x18c8
11:38:35.0273 0x18c8 OS Version: 6.3.9600 ServicePack: 0.0
11:38:35.0273 0x18c8 Product type: Workstation
11:38:35.0273 0x18c8 ComputerName: LENOVO-PC
11:38:35.0274 0x18c8 UserName: Marius
11:38:35.0274 0x18c8 Windows directory: C:\WINDOWS
11:38:35.0274 0x18c8 System windows directory: C:\WINDOWS
11:38:35.0274 0x18c8 Running under WOW64
11:38:35.0274 0x18c8 Processor architecture: Intel x64
11:38:35.0274 0x18c8 Number of processors: 4
11:38:35.0274 0x18c8 Page size: 0x1000
11:38:35.0274 0x18c8 Boot type: Normal boot
11:38:35.0274 0x18c8 ============================================================
11:38:35.0639 0x18c8 KLMD registered as C:\WINDOWS\system32\drivers\41508230.sys
11:38:35.0878 0x18c8 System UUID: {658F3C62-2FFE-8952-7ADD-40F7230C93D2}
11:38:36.0529 0x18c8 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:38:36.0533 0x18c8 ============================================================
11:38:36.0533 0x18c8 \Device\Harddisk0\DR0:
11:38:36.0534 0x18c8 GPT partitions:
11:38:36.0536 0x18c8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {67AD0107-46AA-4EF2-BC00-4ADF13804727}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
11:38:36.0536 0x18c8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {9EEFE0E2-8B6C-4A8D-B78F-F11BDDCB65FA}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
11:38:36.0536 0x18c8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {EB09FAF2-29EA-4AF1-A98A-2BC65418CA70}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
11:38:36.0536 0x18c8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {53304B72-97E4-459A-9CB2-5D0E7E704F0C}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
11:38:36.0537 0x18c8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7213C3E7-4DDA-4325-91CB-AE7213B59DB8}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x1B66B800
11:38:36.0537 0x18c8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6CE5D5BD-EB1C-4A11-B6E6-D0CA4B2FBED6}, Name: Basic data partition, StartLBA 0x1BB16000, BlocksNum 0x800000
11:38:36.0537 0x18c8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4D11E0D6-1EEA-4D8D-992F-A7AFE2330BF4}, Name: Basic data partition, StartLBA 0x1C316000, BlocksNum 0x19DD000
11:38:36.0537 0x18c8 MBR partitions:
11:38:36.0537 0x18c8 ============================================================
11:38:36.0538 0x18c8 C: <-> \Device\Harddisk0\DR0\Partition5
11:38:36.0539 0x18c8 D: <-> \Device\Harddisk0\DR0\Partition6
11:38:36.0539 0x18c8 ============================================================
11:38:36.0539 0x18c8 Initialize success
11:38:36.0539 0x18c8 ============================================================
11:39:50.0214 0x27cc ============================================================
11:39:50.0214 0x27cc Scan started
11:39:50.0214 0x27cc Mode: Manual; SigCheck; TDLFS;
11:39:50.0214 0x27cc ============================================================
11:39:50.0214 0x27cc KSN ping started
11:39:52.0511 0x27cc KSN ping finished: true
11:39:53.0058 0x27cc ================ Scan system memory ========================
11:39:53.0058 0x27cc System memory - ok
11:39:53.0058 0x27cc ================ Scan services =============================
11:39:53.0105 0x27cc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
11:39:53.0168 0x27cc 1394ohci - ok
11:39:53.0183 0x27cc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
11:39:53.0183 0x27cc 3ware - ok
11:39:53.0214 0x27cc [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
11:39:53.0246 0x27cc ACPI - ok
11:39:53.0246 0x27cc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
11:39:53.0261 0x27cc acpiex - ok
11:39:53.0261 0x27cc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
11:39:53.0277 0x27cc acpipagr - ok
11:39:53.0277 0x27cc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
11:39:53.0293 0x27cc AcpiPmi - ok
11:39:53.0293 0x27cc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
11:39:53.0308 0x27cc acpitime - ok
11:39:53.0308 0x27cc [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
11:39:53.0324 0x27cc ACPIVPC - ok
11:39:53.0339 0x27cc [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:39:53.0339 0x27cc AdobeARMservice - ok
11:39:53.0371 0x27cc [ 011BD8A49AF856E8A8EE32652D1CFC05, 7E45CD5ED185DFCA94069640C19D3079879FD1F3069873D0302ACC372F756F90 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:39:53.0386 0x27cc AdobeFlashPlayerUpdateSvc - ok
11:39:53.0402 0x27cc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
11:39:53.0433 0x27cc ADP80XX - ok
11:39:53.0449 0x27cc [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
11:39:53.0464 0x27cc AeLookupSvc - ok
11:39:53.0480 0x27cc [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
11:39:53.0511 0x27cc AFD - ok
11:39:53.0511 0x27cc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
11:39:53.0527 0x27cc agp440 - ok
11:39:53.0527 0x27cc [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
11:39:53.0543 0x27cc ahcache - ok
11:39:53.0543 0x27cc [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
11:39:53.0558 0x27cc ALG - ok
11:39:53.0574 0x27cc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
11:39:53.0589 0x27cc AmdK8 - ok
11:39:53.0589 0x27cc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
11:39:53.0605 0x27cc AmdPPM - ok
11:39:53.0605 0x27cc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
11:39:53.0621 0x27cc amdsata - ok
11:39:53.0636 0x27cc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
11:39:53.0636 0x27cc amdsbs - ok
11:39:53.0652 0x27cc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
11:39:53.0652 0x27cc amdxata - ok
11:39:53.0668 0x27cc [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
11:39:53.0683 0x27cc AppID - ok
11:39:53.0683 0x27cc [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
11:39:53.0699 0x27cc AppIDSvc - ok
11:39:53.0699 0x27cc [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
11:39:53.0714 0x27cc Appinfo - ok
11:39:53.0746 0x27cc [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
11:39:53.0777 0x27cc AppReadiness - ok
11:39:53.0808 0x27cc [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
11:39:53.0839 0x27cc AppXSvc - ok
11:39:53.0855 0x27cc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
11:39:53.0855 0x27cc arcsas - ok
11:39:53.0871 0x27cc [ 25863B5A3AC02DD35063D77C1F1415FF, F3F61F83CCF78F2FB3CD3DC66C28C1BE4D6D6F3C7440B6E5F7EEAC3739DB80DD ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
11:39:53.0871 0x27cc aswHwid - ok
11:39:53.0886 0x27cc [ 2894AC8C6159201940C8CD5B33CC5203, 4717301395100BD71B49451109AA29A58F702AF1E24C816CE5CC4320B6F3CA67 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
11:39:53.0886 0x27cc aswMonFlt - ok
11:39:53.0902 0x27cc [ C384DC3DDF65F3E011DFBDFDB500F89A, 0B15E09AE0DA51000B2AAF5DE6C5BBD7EBE4EB1DACB680A159AD9369CDA6D7D1 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
11:39:53.0902 0x27cc aswRdr - ok
11:39:53.0918 0x27cc [ 7F5ADFD9CA8EF06D020273B81BFFD731, 04A47F26DA3E507D9C984D7C737EC29B04AA88F68222FB4538BEA80D4D07D7FB ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
11:39:53.0918 0x27cc aswRvrt - ok
11:39:53.0949 0x27cc [ 441FF83841FEF24969A28B6971C061D5, 2183810CC9F1113B6A1795BF604183555174EBE5E0384182432DFBCB19CDB157 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
11:39:53.0964 0x27cc aswSnx - ok
11:39:53.0980 0x27cc [ 13E75FA8BF6403DC0F4248C648234D20, 70A3E176CEA71F961032DD65E8431A049C087A910C3470637759F78F7374C09E ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:39:54.0011 0x27cc aswSP - ok
11:39:54.0027 0x27cc [ 82F2525A22A380AA977428490AA849E3, 457F3D58B23BB61ED1BFA84B4CB2E12EE54C4BA7F9286F952E6632477EE9B548 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
11:39:54.0043 0x27cc aswStm - ok
11:39:54.0043 0x27cc [ 2F3F0B08EBF741FE22745BECC794CE34, 969C12129C9C9981BF20656057C05290E050B410E4ECF8405C020F9A23728099 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
11:39:54.0058 0x27cc aswVmm - ok
11:39:54.0074 0x27cc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
11:39:54.0074 0x27cc atapi - ok
11:39:54.0089 0x27cc [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
11:39:54.0105 0x27cc AudioEndpointBuilder - ok
11:39:54.0121 0x27cc [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
11:39:54.0152 0x27cc Audiosrv - ok
11:39:54.0168 0x27cc [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:39:54.0168 0x27cc avast! Antivirus - ok
11:39:54.0183 0x27cc [ 943B743BEA5AE4EEA43250FFCC99C522, 387966A350796EFB6682A975D66F057B622296F6ADF4AFCEECD9F775BA97BFE6 ] AX88772 C:\WINDOWS\system32\DRIVERS\ax88772.sys
11:39:54.0199 0x27cc AX88772 - ok
11:39:54.0199 0x27cc [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
11:39:54.0214 0x27cc AxInstSV - ok
11:39:54.0230 0x27cc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
11:39:54.0246 0x27cc b06bdrv - ok
11:39:54.0261 0x27cc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
11:39:54.0261 0x27cc BasicDisplay - ok
11:39:54.0277 0x27cc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
11:39:54.0293 0x27cc BasicRender - ok
11:39:54.0293 0x27cc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
11:39:54.0308 0x27cc bcmfn2 - ok
11:39:54.0308 0x27cc [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
11:39:54.0339 0x27cc BDESVC - ok
11:39:54.0339 0x27cc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:39:54.0355 0x27cc Beep - ok
11:39:54.0371 0x27cc [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
11:39:54.0402 0x27cc BFE - ok
11:39:54.0418 0x27cc [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
11:39:54.0464 0x27cc BITS - ok
11:39:54.0496 0x27cc [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:39:54.0527 0x27cc Bluetooth Device Monitor - ok
11:39:54.0558 0x27cc [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:39:54.0589 0x27cc Bluetooth OBEX Service - ok
11:39:54.0589 0x27cc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
11:39:54.0605 0x27cc bowser - ok
11:39:54.0621 0x27cc [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:39:54.0636 0x27cc BrokerInfrastructure - ok
11:39:54.0636 0x27cc [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
11:39:54.0652 0x27cc Browser - ok
11:39:54.0668 0x27cc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
11:39:54.0668 0x27cc BthAvrcpTg - ok
11:39:54.0683 0x27cc [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
11:39:54.0699 0x27cc BthEnum - ok
11:39:54.0699 0x27cc [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
11:39:54.0714 0x27cc BthHFEnum - ok
11:39:54.0714 0x27cc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
11:39:54.0730 0x27cc bthhfhid - ok
11:39:54.0746 0x27cc [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
11:39:54.0761 0x27cc BthHFSrv - ok
11:39:54.0777 0x27cc [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
11:39:54.0793 0x27cc BthLEEnum - ok
11:39:54.0808 0x27cc [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
11:39:54.0808 0x27cc BTHMODEM - ok
11:39:54.0824 0x27cc [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
11:39:54.0839 0x27cc BthPan - ok
11:39:54.0855 0x27cc [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
11:39:54.0902 0x27cc BTHPORT - ok
11:39:54.0902 0x27cc [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
11:39:54.0918 0x27cc bthserv - ok
11:39:54.0918 0x27cc [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
11:39:54.0933 0x27cc BTHUSB - ok
11:39:54.0949 0x27cc [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\WINDOWS\system32\DRIVERS\btmaux.sys
11:39:54.0964 0x27cc btmaux - ok
11:39:54.0996 0x27cc [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
11:39:55.0043 0x27cc btmhsf - ok
11:39:55.0058 0x27cc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:39:55.0074 0x27cc cdfs - ok
11:39:55.0089 0x27cc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
11:39:55.0089 0x27cc cdrom - ok
11:39:55.0105 0x27cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
11:39:55.0121 0x27cc CertPropSvc - ok
11:39:55.0121 0x27cc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
11:39:55.0136 0x27cc circlass - ok
11:39:55.0152 0x27cc [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
11:39:55.0168 0x27cc CLFS - ok
11:39:55.0183 0x27cc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
11:39:55.0183 0x27cc CmBatt - ok
11:39:55.0199 0x27cc [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
11:39:55.0230 0x27cc CNG - ok
11:39:55.0230 0x27cc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
11:39:55.0246 0x27cc CompositeBus - ok
11:39:55.0246 0x27cc COMSysApp - ok
11:39:55.0246 0x27cc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
11:39:55.0261 0x27cc condrv - ok
11:39:55.0293 0x27cc [ 56D1D35F12F9A07803F6108D4EDCEB78, A947CE92E3E73FCEB4F2B02C789EFAD7E300614E917633F42668CCE9E2F7EE56 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:39:55.0308 0x27cc cphs - ok
11:39:55.0324 0x27cc [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
11:39:55.0339 0x27cc CryptSvc - ok
11:39:55.0355 0x27cc [ 1345C3DAFB5E61357761B6264364AD0E, 2E0843A0936597BF29DECF58EE9F023B1166979B7B8F1EDC9C46B6DB70E811E2 ] DACoreService C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
11:39:55.0371 0x27cc DACoreService - ok
11:39:55.0371 0x27cc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
11:39:55.0371 0x27cc dam - ok
11:39:55.0402 0x27cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:39:55.0433 0x27cc DcomLaunch - ok
11:39:55.0449 0x27cc [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
11:39:55.0480 0x27cc defragsvc - ok
11:39:55.0496 0x27cc [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:39:55.0511 0x27cc DeviceAssociationService - ok
11:39:55.0527 0x27cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
11:39:55.0543 0x27cc DeviceInstall - ok
11:39:55.0543 0x27cc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
11:39:55.0558 0x27cc Dfsc - ok
11:39:55.0574 0x27cc [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
11:39:55.0589 0x27cc Dhcp - ok
11:39:55.0621 0x27cc [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
11:39:55.0668 0x27cc DiagTrack - ok
11:39:55.0668 0x27cc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
11:39:55.0683 0x27cc disk - ok
11:39:55.0683 0x27cc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
11:39:55.0699 0x27cc dmvsc - ok
11:39:55.0714 0x27cc [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:39:55.0730 0x27cc Dnscache - ok
11:39:55.0746 0x27cc [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
11:39:55.0761 0x27cc dot3svc - ok
11:39:55.0761 0x27cc [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:39:55.0777 0x27cc dot4 - ok
11:39:55.0777 0x27cc [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
11:39:55.0793 0x27cc Dot4Print - ok
11:39:55.0793 0x27cc [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
11:39:55.0793 0x27cc dot4usb - ok
11:39:55.0808 0x27cc [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
11:39:55.0824 0x27cc DPS - ok
11:39:55.0824 0x27cc [ E87CD3E4F9AC0A2C181990CB781DD4BA, 693F30DF8D4AE732BBB36D250D89DEC05C291B0A0998CBE87677E4F019253432 ] DptfDevPch C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys
11:39:55.0839 0x27cc DptfDevPch - ok
11:39:55.0855 0x27cc [ 1C3C798B4150F7A047853838EBE2A95B, 8A44147DAB1FCBD5F23B5D427D12D0D5CA4A8260216ECE155CD849D09328069A ] DptfDevProc C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys
11:39:55.0871 0x27cc DptfDevProc - ok
11:39:55.0886 0x27cc [ 133C04EDB13A8A7740FFA3D7DD397C80, 56A28AF194354A6AA48A9204F13C845A4B3FE4E3139BBDE31DDDE318F3FB20C9 ] DptfManager C:\WINDOWS\system32\DRIVERS\DptfManager.sys
11:39:55.0902 0x27cc DptfManager - ok
11:39:55.0918 0x27cc [ 8A18176B5108C2FBB23ADA9D548BDD3A, 204E39EE27B6FEDB75E97950B1608DEB0641248857FF0FDD2B66168929967043 ] DptfParticipantProcessorService C:\WINDOWS\system32\DptfParticipantProcessorService.exe
11:39:55.0933 0x27cc DptfParticipantProcessorService - ok
11:39:55.0933 0x27cc [ 82239362B0C3CDA6C2E69EAB73FA8A97, 73ADB64C365E5C1F2DF92B91982E65577ADC58DE84ECF0399F0C1C380602E630 ] DptfPolicyConfigTDPService C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
11:39:55.0949 0x27cc DptfPolicyConfigTDPService - ok
11:39:55.0949 0x27cc [ FAFA22CD7FD7B0A195239E738F7B7030, 9DF3810F814ACD4A694F25482E57ADEA01F1072CEAA4AC14ED5D383A4D2DE385 ] DptfPolicyCriticalService C:\WINDOWS\system32\DptfPolicyCriticalService.exe
11:39:55.0964 0x27cc DptfPolicyCriticalService - ok
11:39:55.0964 0x27cc [ 06B40DF90D494E2242C63DCACB354B8E, A10EB3EF74EDA33CF710B74E52D97A2B3B7874F3C5212016ED1FB89F8070D6A9 ] DptfPolicyLpmService C:\WINDOWS\system32\DptfPolicyLpmService.exe
11:39:55.0980 0x27cc DptfPolicyLpmService - ok
11:39:55.0980 0x27cc [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:39:55.0996 0x27cc drmkaud - ok
11:39:55.0996 0x27cc [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
11:39:56.0011 0x27cc DsmSvc - ok
11:39:56.0043 0x27cc [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:39:56.0105 0x27cc DXGKrnl - ok
11:39:56.0121 0x27cc [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
11:39:56.0136 0x27cc e1iexpress - ok
11:39:56.0152 0x27cc [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
11:39:56.0168 0x27cc Eaphost - ok
11:39:56.0261 0x27cc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
11:39:56.0371 0x27cc ebdrv - ok
11:39:56.0386 0x27cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
11:39:56.0402 0x27cc EFS - ok
11:39:56.0402 0x27cc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
11:39:56.0418 0x27cc EhStorClass - ok
11:39:56.0418 0x27cc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
11:39:56.0433 0x27cc EhStorTcgDrv - ok
11:39:56.0433 0x27cc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
11:39:56.0449 0x27cc ErrDev - ok
11:39:56.0464 0x27cc [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
11:39:56.0480 0x27cc EventSystem - ok
11:39:56.0496 0x27cc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
11:39:56.0527 0x27cc exfat - ok
11:39:56.0543 0x27cc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
11:39:56.0558 0x27cc fastfat - ok
11:39:56.0574 0x27cc [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
11:39:56.0589 0x27cc Fax - ok
11:39:56.0605 0x27cc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
11:39:56.0605 0x27cc fdc - ok
11:39:56.0621 0x27cc [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
11:39:56.0636 0x27cc fdPHost - ok
11:39:56.0636 0x27cc [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
11:39:56.0652 0x27cc FDResPub - ok
11:39:56.0652 0x27cc [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
11:39:56.0668 0x27cc fhsvc - ok
11:39:56.0668 0x27cc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
11:39:56.0683 0x27cc FileInfo - ok
11:39:56.0683 0x27cc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
11:39:56.0699 0x27cc Filetrace - ok
11:39:56.0714 0x27cc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
11:39:56.0730 0x27cc flpydisk - ok
11:39:56.0746 0x27cc [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:39:56.0761 0x27cc FltMgr - ok
11:39:56.0793 0x27cc [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
11:39:56.0839 0x27cc FontCache - ok
11:39:56.0839 0x27cc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:39:56.0855 0x27cc FontCache3.0.0.0 - ok
11:39:56.0871 0x27cc [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
11:39:56.0871 0x27cc FsDepends - ok
11:39:56.0871 0x27cc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:39:56.0886 0x27cc Fs_Rec - ok
11:39:56.0902 0x27cc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:39:56.0933 0x27cc fvevol - ok
11:39:56.0933 0x27cc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
11:39:56.0949 0x27cc FxPPM - ok
11:39:56.0949 0x27cc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
11:39:56.0964 0x27cc gagp30kx - ok
11:39:56.0964 0x27cc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
11:39:56.0980 0x27cc gencounter - ok
11:39:56.0980 0x27cc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:39:56.0996 0x27cc GPIOClx0101 - ok
11:39:57.0027 0x27cc [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
11:39:57.0074 0x27cc gpsvc - ok
11:39:57.0089 0x27cc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
11:39:57.0105 0x27cc HdAudAddService - ok
11:39:57.0105 0x27cc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
11:39:57.0121 0x27cc HDAudBus - ok
11:39:57.0136 0x27cc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
11:39:57.0136 0x27cc HidBatt - ok
11:39:57.0152 0x27cc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
11:39:57.0152 0x27cc HidBth - ok
11:39:57.0168 0x27cc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
11:39:57.0168 0x27cc hidi2c - ok
11:39:57.0183 0x27cc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
11:39:57.0183 0x27cc HidIr - ok
11:39:57.0199 0x27cc [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
11:39:57.0199 0x27cc hidserv - ok
11:39:57.0214 0x27cc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
11:39:57.0230 0x27cc HidUsb - ok
11:39:57.0230 0x27cc [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
11:39:57.0246 0x27cc hkmsvc - ok
11:39:57.0246 0x27cc [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
11:39:57.0277 0x27cc HomeGroupListener - ok
11:39:57.0277 0x27cc [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
11:39:57.0308 0x27cc HomeGroupProvider - ok
11:39:57.0308 0x27cc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
11:39:57.0324 0x27cc HpSAMD - ok
11:39:57.0324 0x27cc [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
11:39:57.0339 0x27cc HPSupportSolutionsFrameworkService - ok
11:39:57.0355 0x27cc [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
11:39:57.0386 0x27cc HTTP - ok
11:39:57.0402 0x27cc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
11:39:57.0402 0x27cc hwpolicy - ok
11:39:57.0402 0x27cc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
11:39:57.0418 0x27cc hyperkbd - ok
11:39:57.0418 0x27cc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
11:39:57.0433 0x27cc HyperVideo - ok
11:39:57.0433 0x27cc [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
11:39:57.0449 0x27cc i8042prt - ok
11:39:57.0449 0x27cc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
11:39:57.0464 0x27cc iaLPSSi_GPIO - ok
11:39:57.0464 0x27cc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
11:39:57.0480 0x27cc iaLPSSi_I2C - ok
11:39:57.0511 0x27cc [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
11:39:57.0527 0x27cc iaStorA - ok
11:39:57.0543 0x27cc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
11:39:57.0574 0x27cc iaStorAV - ok
11:39:57.0574 0x27cc [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:39:57.0589 0x27cc IAStorDataMgrSvc - ok
11:39:57.0605 0x27cc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
11:39:57.0621 0x27cc iaStorV - ok
11:39:57.0636 0x27cc [ CAAC69A001E1A5878D2F050F57F93DA4, 0A4263501F2C1C9E4B3764A2EF27607DF07810A10A2F23F3E389EA3E1E1ACA8A ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
11:39:57.0636 0x27cc ibtusb - ok
11:39:57.0636 0x27cc IEEtwCollectorService - ok
11:39:57.0730 0x27cc [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:39:57.0871 0x27cc igfx - ok
11:39:57.0871 0x27cc [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent C:\WINDOWS\system32\DRIVERS\ikbevent.sys
11:39:57.0886 0x27cc ikbevent - ok
11:39:57.0902 0x27cc [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
11:39:57.0949 0x27cc IKEEXT - ok
11:39:57.0949 0x27cc [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent C:\WINDOWS\system32\DRIVERS\imsevent.sys
11:39:57.0949 0x27cc imsevent - ok
11:39:57.0964 0x27cc [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\WINDOWS\System32\Drivers\INETMON.sys
11:39:57.0964 0x27cc INETMON - ok
11:39:57.0964 0x27cc [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
11:39:57.0980 0x27cc intaud_WaveExtensible - ok
11:39:58.0089 0x27cc [ 4C60B08DFC8E2543075FF13C9E68DD55, C8314F957102DD843763C9CC9A2356AB390FC79E4E636CC43AC80BA6431D2F76 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:39:58.0199 0x27cc IntcAzAudAddService - ok
11:39:58.0214 0x27cc [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:39:58.0246 0x27cc IntcDAud - ok
11:39:58.0261 0x27cc [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:39:58.0293 0x27cc Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:40:00.0730 0x27cc Detect skipped due to KSN trusted
11:40:00.0730 0x27cc Intel(R) Capability Licensing Service Interface - ok
11:40:00.0777 0x27cc [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:40:00.0808 0x27cc Intel(R) Capability Licensing Service TCP IP Interface - ok
11:40:00.0824 0x27cc [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
11:40:00.0824 0x27cc Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
11:40:00.0824 0x27cc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
11:40:00.0840 0x27cc intelide - ok
11:40:00.0840 0x27cc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
11:40:00.0855 0x27cc intelpep - ok
11:40:00.0871 0x27cc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
11:40:00.0871 0x27cc intelppm - ok
11:40:00.0886 0x27cc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:40:00.0902 0x27cc IpFilterDriver - ok
11:40:00.0933 0x27cc [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
11:40:00.0965 0x27cc iphlpsvc - ok
11:40:00.0965 0x27cc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:40:00.0980 0x27cc IPMIDRV - ok
11:40:00.0996 0x27cc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
11:40:01.0011 0x27cc IPNAT - ok
11:40:01.0011 0x27cc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
11:40:01.0027 0x27cc IRENUM - ok
11:40:01.0027 0x27cc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
11:40:01.0043 0x27cc isapnp - ok
11:40:01.0058 0x27cc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
11:40:01.0074 0x27cc iScsiPrt - ok
11:40:01.0090 0x27cc [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
11:40:01.0090 0x27cc ISCT - ok
11:40:01.0105 0x27cc [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
11:40:01.0121 0x27cc ISCTAgent - ok
11:40:01.0121 0x27cc [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
11:40:01.0121 0x27cc iwdbus - ok
11:40:01.0136 0x27cc [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:40:01.0152 0x27cc jhi_service - ok
11:40:01.0152 0x27cc [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
11:40:01.0168 0x27cc kbdclass - ok
11:40:01.0168 0x27cc [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
11:40:01.0183 0x27cc kbdhid - ok
11:40:01.0183 0x27cc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
11:40:01.0199 0x27cc kdnic - ok
11:40:01.0199 0x27cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
11:40:01.0215 0x27cc KeyIso - ok
11:40:01.0230 0x27cc [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
11:40:01.0246 0x27cc KSecDD - ok
11:40:01.0246 0x27cc [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:40:01.0261 0x27cc KSecPkg - ok
11:40:01.0261 0x27cc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
11:40:01.0277 0x27cc ksthunk - ok
11:40:01.0293 0x27cc [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
11:40:01.0308 0x27cc KtmRm - ok
11:40:01.0324 0x27cc [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
11:40:01.0355 0x27cc LanmanServer - ok
11:40:01.0355 0x27cc [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:40:01.0386 0x27cc LanmanWorkstation - ok
11:40:01.0418 0x27cc [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
11:40:01.0433 0x27cc lfsvc - ok
11:40:01.0433 0x27cc LGDDCDevice - ok
11:40:01.0449 0x27cc LGII2CDevice - ok
11:40:01.0449 0x27cc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
11:40:01.0465 0x27cc lltdio - ok
11:40:01.0465 0x27cc [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
11:40:01.0496 0x27cc lltdsvc - ok
11:40:01.0496 0x27cc [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
11:40:01.0511 0x27cc lmhosts - ok
11:40:01.0527 0x27cc [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:40:01.0543 0x27cc LMS - ok
11:40:01.0543 0x27cc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
11:40:01.0558 0x27cc LSI_SAS - ok
11:40:01.0558 0x27cc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
11:40:01.0574 0x27cc LSI_SAS2 - ok
11:40:01.0590 0x27cc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
11:40:01.0590 0x27cc LSI_SAS3 - ok
11:40:01.0605 0x27cc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
11:40:01.0605 0x27cc LSI_SSS - ok
11:40:01.0636 0x27cc [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
11:40:01.0668 0x27cc LSM - ok
11:40:01.0668 0x27cc [ B9D6F27D06565CEFF51FD012B74822CB, D6526314DC2F58745969B7132722C60DB33442CB55ADAB28E7EF64EB088E32DF ] LsvUIService C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
11:40:01.0683 0x27cc LsvUIService - ok
11:40:01.0683 0x27cc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
11:40:01.0699 0x27cc luafv - ok
11:40:01.0699 0x27cc [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:40:01.0715 0x27cc MBAMProtector - ok
11:40:01.0746 0x27cc [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:40:01.0793 0x27cc MBAMScheduler - ok
11:40:01.0824 0x27cc [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:40:01.0855 0x27cc MBAMService - ok
11:40:01.0871 0x27cc [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
11:40:01.0871 0x27cc MBAMSwissArmy - ok
11:40:01.0871 0x27cc [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
11:40:01.0886 0x27cc MBAMWebAccessControl - ok
11:40:01.0886 0x27cc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
11:40:01.0902 0x27cc megasas - ok
11:40:01.0918 0x27cc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
11:40:01.0949 0x27cc megasr - ok
11:40:01.0949 0x27cc [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
11:40:01.0965 0x27cc MEIx64 - ok
11:40:01.0965 0x27cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
11:40:01.0980 0x27cc MMCSS - ok
11:40:01.0996 0x27cc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
11:40:02.0011 0x27cc Modem - ok
11:40:02.0011 0x27cc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
11:40:02.0027 0x27cc monitor - ok
11:40:02.0027 0x27cc [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
11:40:02.0043 0x27cc mouclass - ok
11:40:02.0043 0x27cc [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
11:40:02.0058 0x27cc mouhid - ok
11:40:02.0058 0x27cc [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
11:40:02.0074 0x27cc mountmgr - ok
11:40:02.0074 0x27cc [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:40:02.0090 0x27cc MozillaMaintenance - ok
11:40:02.0090 0x27cc [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
11:40:02.0105 0x27cc mpsdrv - ok
11:40:02.0136 0x27cc [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
11:40:02.0168 0x27cc MpsSvc - ok
11:40:02.0168 0x27cc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
11:40:02.0183 0x27cc MRxDAV - ok
11:40:02.0199 0x27cc [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:40:02.0215 0x27cc mrxsmb - ok
11:40:02.0230 0x27cc [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
11:40:02.0246 0x27cc mrxsmb10 - ok
11:40:02.0261 0x27cc [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:40:02.0261 0x27cc mrxsmb20 - ok
11:40:02.0277 0x27cc [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
11:40:02.0293 0x27cc MsBridge - ok
11:40:02.0293 0x27cc [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:40:02.0308 0x27cc MSDTC - ok
11:40:02.0324 0x27cc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:40:02.0324 0x27cc Msfs - ok
11:40:02.0340 0x27cc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:40:02.0340 0x27cc msgpiowin32 - ok
11:40:02.0340 0x27cc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:40:02.0355 0x27cc mshidkmdf - ok
11:40:02.0355 0x27cc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
11:40:02.0371 0x27cc mshidumdf - ok
11:40:02.0371 0x27cc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
11:40:02.0386 0x27cc msisadrv - ok
11:40:02.0386 0x27cc [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
11:40:02.0402 0x27cc MSiSCSI - ok
11:40:02.0418 0x27cc msiserver - ok
11:40:02.0418 0x27cc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:40:02.0433 0x27cc MSKSSRV - ok
11:40:02.0433 0x27cc [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
11:40:02.0449 0x27cc MsLldp - ok
11:40:02.0449 0x27cc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:40:02.0465 0x27cc MSPCLOCK - ok
11:40:02.0465 0x27cc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:40:02.0480 0x27cc MSPQM - ok
11:40:02.0496 0x27cc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
11:40:02.0511 0x27cc MsRPC - ok
11:40:02.0511 0x27cc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
11:40:02.0527 0x27cc mssmbios - ok
11:40:02.0527 0x27cc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:40:02.0543 0x27cc MSTEE - ok
11:40:02.0543 0x27cc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
11:40:02.0558 0x27cc MTConfig - ok
11:40:02.0558 0x27cc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
11:40:02.0574 0x27cc Mup - ok
11:40:02.0574 0x27cc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
11:40:02.0590 0x27cc mvumis - ok
|
|
04.08.2015, 10:54
| #6 |
| | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 2. Teil TDSKiller Logfile: Code:
ATTFilter 11:40:02.0605 0x27cc [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
11:40:02.0621 0x27cc napagent - ok
11:40:02.0636 0x27cc [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:40:02.0668 0x27cc NativeWifiP - ok
11:40:02.0668 0x27cc [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
11:40:02.0683 0x27cc NcaSvc - ok
11:40:02.0699 0x27cc [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
11:40:02.0715 0x27cc NcbService - ok
11:40:02.0715 0x27cc [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
11:40:02.0730 0x27cc NcdAutoSetup - ok
11:40:02.0761 0x27cc [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
11:40:02.0808 0x27cc NDIS - ok
11:40:02.0808 0x27cc [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
11:40:02.0824 0x27cc NdisCap - ok
11:40:02.0824 0x27cc [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
11:40:02.0840 0x27cc NdisImPlatform - ok
11:40:02.0840 0x27cc [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:40:02.0855 0x27cc NdisTapi - ok
11:40:02.0855 0x27cc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:40:02.0871 0x27cc Ndisuio - ok
11:40:02.0886 0x27cc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
11:40:02.0886 0x27cc NdisVirtualBus - ok
11:40:02.0902 0x27cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:40:02.0918 0x27cc NdisWan - ok
11:40:02.0933 0x27cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:40:02.0949 0x27cc NdisWanLegacy - ok
11:40:02.0949 0x27cc [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:40:02.0965 0x27cc NDProxy - ok
11:40:02.0965 0x27cc [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
11:40:02.0980 0x27cc Ndu - ok
11:40:02.0996 0x27cc [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:40:02.0996 0x27cc NetBIOS - ok
11:40:03.0011 0x27cc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:40:03.0027 0x27cc NetBT - ok
11:40:03.0043 0x27cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
11:40:03.0043 0x27cc Netlogon - ok
11:40:03.0058 0x27cc [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
11:40:03.0074 0x27cc Netman - ok
11:40:03.0090 0x27cc [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
11:40:03.0105 0x27cc netprofm - ok
11:40:03.0121 0x27cc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:03.0136 0x27cc NetTcpPortSharing - ok
11:40:03.0152 0x27cc [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
11:40:03.0168 0x27cc netvsc - ok
11:40:03.0293 0x27cc [ 31D3E4959C410A7DEC2109CA8BF369AD, C62EFB02E950BCAC104051603DEDD9A497ED4FA81D3236008C15AFACE6CBE092 ] NETwNb64 C:\WINDOWS\system32\DRIVERS\NETwbw02.sys
11:40:03.0433 0x27cc NETwNb64 - ok
11:40:03.0543 0x27cc [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew02.sys
11:40:03.0668 0x27cc NETwNe64 - ok
11:40:03.0683 0x27cc [ 16D554B750B93034A3D89EC07895E414, F3BB2CF8E0EA07D50C2E99221AF0B2A0BDB6D835C0249D479DE8AFD94ADED674 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
11:40:03.0699 0x27cc NitroDriverReadSpool8 - ok
11:40:03.0699 0x27cc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
11:40:03.0730 0x27cc NlaSvc - ok
11:40:03.0761 0x27cc [ 4EE0410161B7BE586302AFBEBBEB8AD6, A9A228C5B62D8DDC11F40FACB09540FE53D01F8882E7A4935152F60F04EA2DE3 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
11:40:03.0761 0x27cc nlsX86cc - ok
11:40:03.0761 0x27cc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:40:03.0777 0x27cc Npfs - ok
11:40:03.0793 0x27cc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
11:40:03.0793 0x27cc npsvctrig - ok
11:40:03.0808 0x27cc [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
11:40:03.0824 0x27cc nsi - ok
11:40:03.0824 0x27cc [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
11:40:03.0840 0x27cc nsiproxy - ok
11:40:03.0871 0x27cc [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:40:03.0933 0x27cc Ntfs - ok
11:40:03.0949 0x27cc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
11:40:03.0965 0x27cc Null - ok
11:40:03.0965 0x27cc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
11:40:03.0980 0x27cc nvraid - ok
11:40:03.0996 0x27cc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
11:40:04.0011 0x27cc nvstor - ok
11:40:04.0011 0x27cc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
11:40:04.0027 0x27cc nv_agp - ok
11:40:04.0043 0x27cc [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:04.0043 0x27cc ose - ok
11:40:04.0058 0x27cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
11:40:04.0074 0x27cc p2pimsvc - ok
11:40:04.0090 0x27cc [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
11:40:04.0121 0x27cc p2psvc - ok
11:40:04.0121 0x27cc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
11:40:04.0136 0x27cc Parport - ok
11:40:04.0152 0x27cc [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
11:40:04.0152 0x27cc partmgr - ok
11:40:04.0168 0x27cc [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
11:40:04.0199 0x27cc PcaSvc - ok
11:40:04.0215 0x27cc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
11:40:04.0230 0x27cc pci - ok
11:40:04.0230 0x27cc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
11:40:04.0246 0x27cc pciide - ok
11:40:04.0261 0x27cc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
11:40:04.0261 0x27cc pcmcia - ok
11:40:04.0277 0x27cc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
11:40:04.0277 0x27cc pcw - ok
11:40:04.0293 0x27cc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
11:40:04.0293 0x27cc pdc - ok
11:40:04.0308 0x27cc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
11:40:04.0340 0x27cc PEAUTH - ok
11:40:04.0355 0x27cc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
11:40:04.0355 0x27cc PerfHost - ok
11:40:04.0371 0x27cc [ A91278E963B3EAC251665B413BBCB33E, B2FF83E045B4883BBB6C6CAEC1038402D6A3766DF7CA2CD23A3DFD54B42559F0 ] PGService C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
11:40:04.0386 0x27cc PGService - ok
11:40:04.0402 0x27cc [ 3A6D56E0E072AB0F022FE03ED8C2693A, 8AA5823F68FEDEDB5E8916BD35832BC438A781142CF1672983D593B903083A68 ] PhoneCompanionPusher C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
11:40:04.0402 0x27cc PhoneCompanionPusher - ok
11:40:04.0418 0x27cc [ 0B2E100645AFAB3204313148DFE42322, C28FA6EF4FD8001E8F3367A7CB32E44F5D6A3E1EFBEC3C947A2FD3C3B0AF3568 ] PhoneCompanionVap C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe
11:40:04.0433 0x27cc PhoneCompanionVap - ok
11:40:04.0480 0x27cc [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
11:40:04.0527 0x27cc pla - ok
11:40:04.0527 0x27cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
11:40:04.0543 0x27cc PlugPlay - ok
11:40:04.0543 0x27cc [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
11:40:04.0558 0x27cc PNRPAutoReg - ok
11:40:04.0574 0x27cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
11:40:04.0590 0x27cc PNRPsvc - ok
11:40:04.0605 0x27cc [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
11:40:04.0621 0x27cc PolicyAgent - ok
11:40:04.0636 0x27cc [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
11:40:04.0652 0x27cc Power - ok
11:40:04.0746 0x27cc [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:40:04.0824 0x27cc PrintNotify - ok
11:40:04.0840 0x27cc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
11:40:04.0855 0x27cc Processor - ok
11:40:04.0871 0x27cc [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
11:40:04.0886 0x27cc ProfSvc - ok
11:40:04.0886 0x27cc [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
11:40:04.0902 0x27cc Psched - ok
11:40:04.0918 0x27cc [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
11:40:04.0933 0x27cc QWAVE - ok
11:40:04.0933 0x27cc [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
11:40:04.0949 0x27cc QWAVEdrv - ok
11:40:04.0949 0x27cc [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:40:04.0965 0x27cc RasAcd - ok
11:40:04.0980 0x27cc [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:40:04.0996 0x27cc RasAuto - ok
11:40:05.0011 0x27cc [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:40:05.0027 0x27cc RasMan - ok
11:40:05.0043 0x27cc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:40:05.0058 0x27cc RasPppoe - ok
11:40:05.0058 0x27cc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:40:05.0090 0x27cc rdbss - ok
11:40:05.0090 0x27cc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
11:40:05.0105 0x27cc rdpbus - ok
11:40:05.0121 0x27cc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
11:40:05.0136 0x27cc RDPDR - ok
11:40:05.0136 0x27cc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:40:05.0152 0x27cc RdpVideoMiniport - ok
11:40:05.0168 0x27cc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
11:40:05.0183 0x27cc rdyboost - ok
11:40:05.0215 0x27cc [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
11:40:05.0246 0x27cc ReFS - ok
11:40:05.0261 0x27cc [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:40:05.0277 0x27cc RemoteAccess - ok
11:40:05.0293 0x27cc [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:40:05.0308 0x27cc RemoteRegistry - ok
11:40:05.0308 0x27cc [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
11:40:05.0324 0x27cc RFCOMM - ok
11:40:05.0340 0x27cc [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
11:40:05.0355 0x27cc RpcEptMapper - ok
11:40:05.0355 0x27cc [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
11:40:05.0371 0x27cc RpcLocator - ok
11:40:05.0386 0x27cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:40:05.0418 0x27cc RpcSs - ok
11:40:05.0418 0x27cc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
11:40:05.0433 0x27cc rspndr - ok
11:40:05.0449 0x27cc [ 9CF8593B62102545CB1652A1D8748FDD, 818639795720A7567CCE01EBC24A0119BFDCEA1B7A5ED4A11B5012D763C1B5CC ] RSUSBSTOR C:\WINDOWS\System32\Drivers\RtsUStor.sys
11:40:05.0465 0x27cc RSUSBSTOR - ok
11:40:05.0480 0x27cc [ 6CBF283C7EBD07B7BB01D3E33B11BB28, 90B7AF25EFDBC71FDDD48D668BF410DB828ABD512FC02146E76962A8FF053DE9 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
11:40:05.0496 0x27cc RtkAudioService - ok
11:40:05.0694 0x27cc [ 993E6A15FD3EAFC280B8EBB396FA31B2, F268BEE5FFA81A42314DEA4E209FA9D737E50EBE49F76C64B23554F90499A334 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
11:40:05.0910 0x27cc rtsuvc - ok
11:40:05.0925 0x27cc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
11:40:05.0941 0x27cc s3cap - ok
11:40:05.0941 0x27cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
11:40:05.0956 0x27cc SamSs - ok
11:40:05.0956 0x27cc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
11:40:05.0972 0x27cc sbp2port - ok
11:40:05.0988 0x27cc [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
11:40:06.0003 0x27cc SCardSvr - ok
11:40:06.0003 0x27cc [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
11:40:06.0019 0x27cc ScDeviceEnum - ok
11:40:06.0035 0x27cc [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:40:06.0035 0x27cc scfilter - ok
11:40:06.0066 0x27cc [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:40:06.0113 0x27cc Schedule - ok
11:40:06.0128 0x27cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
11:40:06.0128 0x27cc SCPolicySvc - ok
11:40:06.0144 0x27cc [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
11:40:06.0160 0x27cc sdbus - ok
11:40:06.0175 0x27cc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
11:40:06.0191 0x27cc sdstor - ok
11:40:06.0206 0x27cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
11:40:06.0222 0x27cc secdrv - ok
11:40:06.0222 0x27cc [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
11:40:06.0238 0x27cc seclogon - ok
11:40:06.0238 0x27cc [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
11:40:06.0253 0x27cc SENS - ok
11:40:06.0269 0x27cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsHIDClassDriver C:\WINDOWS\System32\drivers\WUDFRd.sys
11:40:06.0285 0x27cc SensorsHIDClassDriver - ok
11:40:06.0285 0x27cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsServiceDriver C:\WINDOWS\System32\drivers\WUDFRd.sys
11:40:06.0300 0x27cc SensorsServiceDriver - ok
11:40:06.0316 0x27cc [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
11:40:06.0331 0x27cc SensrSvc - ok
11:40:06.0331 0x27cc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
11:40:06.0347 0x27cc SerCx - ok
11:40:06.0347 0x27cc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
11:40:06.0363 0x27cc SerCx2 - ok
11:40:06.0363 0x27cc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
11:40:06.0378 0x27cc Serenum - ok
11:40:06.0394 0x27cc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
11:40:06.0394 0x27cc Serial - ok
11:40:06.0410 0x27cc [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
11:40:06.0410 0x27cc sermouse - ok
11:40:06.0425 0x27cc [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
11:40:06.0456 0x27cc SessionEnv - ok
11:40:06.0456 0x27cc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
11:40:06.0472 0x27cc sfloppy - ok
11:40:06.0488 0x27cc [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:40:06.0503 0x27cc SharedAccess - ok
11:40:06.0519 0x27cc [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:40:06.0550 0x27cc ShellHWDetection - ok
11:40:06.0550 0x27cc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:40:06.0566 0x27cc SiSRaid2 - ok
11:40:06.0566 0x27cc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
11:40:06.0581 0x27cc SiSRaid4 - ok
11:40:06.0597 0x27cc [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:40:06.0613 0x27cc SkypeUpdate - ok
11:40:06.0613 0x27cc [ 7F7580EB77F2F95ED67C8046C69D1242, 81CF1A440EA40FCE6B28E275BEFB5C743F3473DCF05ACBE517ECD7E904DD0A1C ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
11:40:06.0628 0x27cc SmbDrvI - ok
11:40:06.0628 0x27cc [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
11:40:06.0644 0x27cc smphost - ok
11:40:06.0644 0x27cc [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:40:06.0660 0x27cc SNMPTRAP - ok
11:40:06.0675 0x27cc [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
11:40:06.0691 0x27cc spaceport - ok
11:40:06.0706 0x27cc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
11:40:06.0706 0x27cc SpbCx - ok
11:40:06.0738 0x27cc [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
11:40:06.0769 0x27cc Spooler - ok
11:40:06.0894 0x27cc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
11:40:07.0081 0x27cc sppsvc - ok
11:40:07.0097 0x27cc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:40:07.0113 0x27cc srv - ok
11:40:07.0144 0x27cc [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
11:40:07.0160 0x27cc srv2 - ok
11:40:07.0175 0x27cc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:40:07.0191 0x27cc srvnet - ok
11:40:07.0206 0x27cc [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:40:07.0222 0x27cc SSDPSRV - ok
11:40:07.0222 0x27cc [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
11:40:07.0238 0x27cc SstpSvc - ok
11:40:07.0253 0x27cc [ 0398BF35F898BA77033E678609AAB64F, E48D2E1E1C8FD314340BA1AA69E8942F630139B1E7019C8828BA5525444320D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:40:07.0285 0x27cc Steam Client Service - ok
11:40:07.0285 0x27cc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
11:40:07.0300 0x27cc stexstor - ok
11:40:07.0300 0x27cc [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
11:40:07.0316 0x27cc StillCam - ok
11:40:07.0331 0x27cc [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
11:40:07.0363 0x27cc stisvc - ok
11:40:07.0363 0x27cc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
11:40:07.0378 0x27cc storahci - ok
11:40:07.0394 0x27cc [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
11:40:07.0394 0x27cc storflt - ok
11:40:07.0410 0x27cc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
11:40:07.0410 0x27cc stornvme - ok
11:40:07.0425 0x27cc [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
11:40:07.0441 0x27cc StorSvc - ok
11:40:07.0441 0x27cc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
11:40:07.0441 0x27cc storvsc - ok
11:40:07.0456 0x27cc [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
11:40:07.0472 0x27cc svsvc - ok
11:40:07.0472 0x27cc [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
11:40:07.0488 0x27cc swenum - ok
11:40:07.0503 0x27cc [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
11:40:07.0535 0x27cc swprv - ok
11:40:07.0550 0x27cc [ F3FD427B1C036E060047B920887ACAE8, C5965F957D4D09FA5D579512251F14E7329B84C08B1A234636E750ED520AFF9E ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
11:40:07.0581 0x27cc SynTP - ok
11:40:07.0613 0x27cc [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
11:40:07.0644 0x27cc SysMain - ok
11:40:07.0660 0x27cc [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:40:07.0675 0x27cc SystemEventsBroker - ok
11:40:07.0691 0x27cc [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:40:07.0712 0x27cc TabletInputService - ok
11:40:07.0732 0x27cc [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:40:07.0754 0x27cc TapiSrv - ok
11:40:07.0801 0x27cc [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
11:40:07.0879 0x27cc Tcpip - ok
11:40:07.0926 0x27cc [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:40:08.0004 0x27cc TCPIP6 - ok
11:40:08.0004 0x27cc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
11:40:08.0020 0x27cc tcpipreg - ok
11:40:08.0035 0x27cc [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
11:40:08.0035 0x27cc tdx - ok
11:40:08.0051 0x27cc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
11:40:08.0051 0x27cc terminpt - ok
11:40:08.0082 0x27cc [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
11:40:08.0113 0x27cc TermService - ok
11:40:08.0129 0x27cc [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
11:40:08.0145 0x27cc Themes - ok
11:40:08.0145 0x27cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
11:40:08.0160 0x27cc THREADORDER - ok
11:40:08.0160 0x27cc [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
11:40:08.0192 0x27cc TimeBroker - ok
11:40:08.0192 0x27cc [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
11:40:08.0207 0x27cc TPM - ok
11:40:08.0223 0x27cc [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
11:40:08.0238 0x27cc TrkWks - ok
11:40:08.0238 0x27cc [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:40:08.0254 0x27cc TrustedInstaller - ok
11:40:08.0254 0x27cc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
11:40:08.0270 0x27cc TsUsbFlt - ok
11:40:08.0270 0x27cc [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:40:08.0285 0x27cc TsUsbGD - ok
11:40:08.0301 0x27cc [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
11:40:08.0317 0x27cc tunnel - ok
11:40:08.0317 0x27cc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
11:40:08.0332 0x27cc uagp35 - ok
11:40:08.0332 0x27cc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
11:40:08.0348 0x27cc UASPStor - ok
11:40:08.0363 0x27cc [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
11:40:08.0379 0x27cc UCX01000 - ok
11:40:08.0379 0x27cc [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
11:40:08.0395 0x27cc udfs - ok
11:40:08.0410 0x27cc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
11:40:08.0410 0x27cc UEFI - ok
11:40:08.0426 0x27cc [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
11:40:08.0442 0x27cc UI0Detect - ok
11:40:08.0442 0x27cc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
11:40:08.0457 0x27cc uliagpkx - ok
11:40:08.0457 0x27cc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
11:40:08.0473 0x27cc umbus - ok
11:40:08.0473 0x27cc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
11:40:08.0488 0x27cc UmPass - ok
11:40:08.0488 0x27cc [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
11:40:08.0520 0x27cc UmRdpService - ok
11:40:08.0520 0x27cc [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:40:08.0551 0x27cc upnphost - ok
11:40:08.0551 0x27cc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
11:40:08.0567 0x27cc usbccgp - ok
11:40:08.0582 0x27cc [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
11:40:08.0598 0x27cc usbcir - ok
11:40:08.0598 0x27cc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
11:40:08.0613 0x27cc usbehci - ok
11:40:08.0629 0x27cc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
11:40:08.0660 0x27cc usbhub - ok
11:40:08.0676 0x27cc [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
11:40:08.0707 0x27cc USBHUB3 - ok
11:40:08.0707 0x27cc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
11:40:08.0723 0x27cc usbohci - ok
11:40:08.0723 0x27cc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
11:40:08.0739 0x27cc usbprint - ok
11:40:08.0754 0x27cc [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:40:08.0754 0x27cc usbscan - ok
11:40:08.0770 0x27cc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:40:08.0785 0x27cc USBSTOR - ok
11:40:08.0785 0x27cc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
11:40:08.0817 0x27cc usbuhci - ok
11:40:08.0817 0x27cc [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
11:40:08.0832 0x27cc usbvideo - ok
11:40:08.0848 0x27cc [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:40:08.0864 0x27cc USBXHCI - ok
11:40:08.0879 0x27cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
11:40:08.0879 0x27cc VaultSvc - ok
11:40:08.0895 0x27cc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
11:40:08.0895 0x27cc vdrvroot - ok
11:40:08.0926 0x27cc [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
11:40:08.0973 0x27cc vds - ok
11:40:08.0973 0x27cc [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
11:40:08.0989 0x27cc VeriFaceSrv - ok
11:40:08.0989 0x27cc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
11:40:09.0004 0x27cc VerifierExt - ok
11:40:09.0035 0x27cc [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
11:40:09.0067 0x27cc vhdmp - ok
11:40:09.0067 0x27cc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
11:40:09.0082 0x27cc viaide - ok
11:40:09.0082 0x27cc [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
11:40:09.0098 0x27cc vmbus - ok
11:40:09.0098 0x27cc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
11:40:09.0114 0x27cc VMBusHID - ok
11:40:09.0129 0x27cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
11:40:09.0145 0x27cc vmicguestinterface - ok
11:40:09.0160 0x27cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
11:40:09.0176 0x27cc vmicheartbeat - ok
11:40:09.0192 0x27cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
11:40:09.0223 0x27cc vmickvpexchange - ok
11:40:09.0223 0x27cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
11:40:09.0254 0x27cc vmicrdv - ok
11:40:09.0270 0x27cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
11:40:09.0285 0x27cc vmicshutdown - ok
11:40:09.0301 0x27cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
11:40:09.0317 0x27cc vmictimesync - ok
11:40:09.0332 0x27cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
11:40:09.0364 0x27cc vmicvss - ok
11:40:09.0364 0x27cc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
11:40:09.0379 0x27cc volmgr - ok
11:40:09.0395 0x27cc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
11:40:09.0410 0x27cc volmgrx - ok
11:40:09.0426 0x27cc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
11:40:09.0442 0x27cc volsnap - ok
11:40:09.0442 0x27cc [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
11:40:09.0457 0x27cc vpci - ok
11:40:09.0473 0x27cc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
11:40:09.0473 0x27cc vsmraid - ok
11:40:09.0520 0x27cc [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
11:40:09.0567 0x27cc VSS - ok
11:40:09.0582 0x27cc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
11:40:09.0598 0x27cc VSTXRAID - ok
11:40:09.0598 0x27cc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
11:40:09.0614 0x27cc vwifibus - ok
11:40:09.0629 0x27cc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
11:40:09.0629 0x27cc vwififlt - ok
11:40:09.0645 0x27cc [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
11:40:09.0645 0x27cc vwifimp - ok
11:40:09.0660 0x27cc [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
11:40:09.0692 0x27cc W32Time - ok
11:40:09.0692 0x27cc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
11:40:09.0707 0x27cc WacomPen - ok
11:40:09.0739 0x27cc [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
11:40:09.0801 0x27cc wbengine - ok
11:40:09.0817 0x27cc [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
11:40:09.0832 0x27cc WbioSrvc - ok
11:40:09.0848 0x27cc [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
11:40:09.0864 0x27cc Wcmsvc - ok
11:40:09.0879 0x27cc [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
11:40:09.0910 0x27cc wcncsvc - ok
11:40:09.0910 0x27cc [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
11:40:09.0926 0x27cc WcsPlugInService - ok
11:40:09.0926 0x27cc [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
11:40:09.0942 0x27cc WdBoot - ok
11:40:09.0957 0x27cc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
11:40:09.0989 0x27cc Wdf01000 - ok
11:40:10.0004 0x27cc [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
11:40:10.0020 0x27cc WdFilter - ok
11:40:10.0020 0x27cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
11:40:10.0035 0x27cc WdiServiceHost - ok
11:40:10.0051 0x27cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
11:40:10.0067 0x27cc WdiSystemHost - ok
11:40:10.0067 0x27cc [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
11:40:10.0082 0x27cc WdNisDrv - ok
11:40:10.0082 0x27cc WdNisSvc - ok
11:40:10.0098 0x27cc [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:40:10.0114 0x27cc WebClient - ok
11:40:10.0129 0x27cc [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
11:40:10.0145 0x27cc Wecsvc - ok
11:40:10.0145 0x27cc [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
11:40:10.0160 0x27cc WEPHOSTSVC - ok
11:40:10.0160 0x27cc [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
11:40:10.0192 0x27cc wercplsupport - ok
11:40:10.0192 0x27cc [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
11:40:10.0207 0x27cc WerSvc - ok
11:40:10.0223 0x27cc [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
11:40:10.0239 0x27cc WFPLWFS - ok
11:40:10.0254 0x27cc [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
11:40:10.0270 0x27cc WiaRpc - ok
11:40:10.0285 0x27cc [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
11:40:10.0301 0x27cc WIMMount - ok
11:40:10.0301 0x27cc WinDefend - ok
11:40:10.0332 0x27cc [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:40:10.0379 0x27cc WinHttpAutoProxySvc - ok
11:40:10.0379 0x27cc [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:40:10.0410 0x27cc Winmgmt - ok
11:40:10.0473 0x27cc [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:40:10.0551 0x27cc WinRM - ok
11:40:10.0567 0x27cc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
11:40:10.0582 0x27cc WinUsb - ok
11:40:10.0614 0x27cc [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
11:40:10.0660 0x27cc WlanSvc - ok
11:40:10.0713 0x27cc [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
11:40:10.0755 0x27cc wlidsvc - ok
11:40:10.0755 0x27cc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
11:40:10.0771 0x27cc WmiAcpi - ok
11:40:10.0786 0x27cc [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:40:10.0802 0x27cc wmiApSrv - ok
11:40:10.0802 0x27cc WMPNetworkSvc - ok
11:40:10.0802 0x27cc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
11:40:10.0818 0x27cc Wof - ok
11:40:10.0865 0x27cc [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
11:40:10.0911 0x27cc workfolderssvc - ok
11:40:10.0911 0x27cc [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
11:40:10.0927 0x27cc wpcfltr - ok
11:40:10.0927 0x27cc [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
11:40:10.0943 0x27cc WPCSvc - ok
11:40:10.0958 0x27cc [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
11:40:10.0974 0x27cc WPDBusEnum - ok
11:40:10.0974 0x27cc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:40:10.0990 0x27cc WpdUpFltr - ok
11:40:10.0990 0x27cc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:40:11.0005 0x27cc ws2ifsl - ok
11:40:11.0005 0x27cc [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
11:40:11.0021 0x27cc wscsvc - ok
11:40:11.0036 0x27cc [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
11:40:11.0036 0x27cc WSDPrintDevice - ok
11:40:11.0052 0x27cc [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
11:40:11.0052 0x27cc WSDScan - ok
11:40:11.0068 0x27cc WSearch - ok
11:40:11.0130 0x27cc [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
11:40:11.0240 0x27cc WSService - ok
11:40:11.0255 0x27cc [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
11:40:11.0271 0x27cc wsvd - ok
11:40:11.0349 0x27cc [ 50CEC061C6D6FD2B9C89BECD08991CCB, 31EB1601426223E712C4E4AA29410EDFC81E020996A402BD3E850A2EAF127286 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
11:40:11.0443 0x27cc wuauserv - ok
11:40:11.0443 0x27cc [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
11:40:11.0458 0x27cc WudfPf - ok
11:40:11.0474 0x27cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
11:40:11.0474 0x27cc WUDFRd - ok
11:40:11.0490 0x27cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
11:40:11.0505 0x27cc WUDFSensorLP - ok
11:40:11.0505 0x27cc [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
11:40:11.0521 0x27cc wudfsvc - ok
11:40:11.0521 0x27cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
11:40:11.0536 0x27cc WUDFWpdFs - ok
11:40:11.0552 0x27cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
11:40:11.0552 0x27cc WUDFWpdMtp - ok
11:40:11.0568 0x27cc [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
11:40:11.0599 0x27cc WwanSvc - ok
11:40:11.0599 0x27cc [ 17BFB2EE1B300127071ED386E9B8F47D, E485768AD6B356DAF565A958BB8E4DCFD6C2BF69D7938EFE065A99E81993F36F ] ymc C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
11:40:11.0615 0x27cc ymc - ok
11:40:11.0615 0x27cc [ D4518D2080B3D29FCCDFAEC61529F537, 4941F4835283BD7F7A66F7C19501D7A6BB38C54C90EF59437681D7F02AAA385D ] YogaPicks.AppService C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
11:40:11.0630 0x27cc YogaPicks.AppService - ok
11:40:11.0630 0x27cc ================ Scan global ===============================
11:40:11.0630 0x27cc [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
11:40:11.0646 0x27cc [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
11:40:11.0661 0x27cc [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
11:40:11.0677 0x27cc [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
11:40:11.0693 0x27cc [ Global ] - ok
11:40:11.0693 0x27cc ================ Scan MBR ==================================
11:40:11.0693 0x27cc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:40:11.0786 0x27cc \Device\Harddisk0\DR0 - ok
11:40:11.0786 0x27cc ================ Scan VBR ==================================
11:40:11.0786 0x27cc [ B36250C050324B1B57DE501F03D8ADB7 ] \Device\Harddisk0\DR0\Partition1
11:40:11.0786 0x27cc \Device\Harddisk0\DR0\Partition1 - ok
11:40:11.0786 0x27cc [ 7095662C27BCF1E6213084A20A20715B ] \Device\Harddisk0\DR0\Partition2
11:40:11.0802 0x27cc \Device\Harddisk0\DR0\Partition2 - ok
11:40:11.0802 0x27cc [ 8191D0EE69DB449C3A2B7D8E50DEEFA7 ] \Device\Harddisk0\DR0\Partition3
11:40:11.0802 0x27cc \Device\Harddisk0\DR0\Partition3 - ok
11:40:11.0802 0x27cc [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
11:40:11.0802 0x27cc \Device\Harddisk0\DR0\Partition4 - ok
11:40:11.0802 0x27cc [ 26B93C55982EC760D34F336A8E16D1E1 ] \Device\Harddisk0\DR0\Partition5
11:40:11.0802 0x27cc \Device\Harddisk0\DR0\Partition5 - ok
11:40:11.0802 0x27cc [ FED7EFADADA4E1661C5B90AAD290A6A4 ] \Device\Harddisk0\DR0\Partition6
11:40:11.0802 0x27cc \Device\Harddisk0\DR0\Partition6 - ok
11:40:11.0818 0x27cc [ 972023E13D68A6A905A596DD925C2218 ] \Device\Harddisk0\DR0\Partition7
11:40:11.0818 0x27cc \Device\Harddisk0\DR0\Partition7 - ok
11:40:11.0818 0x27cc ================ Scan generic autorun ======================
11:40:12.0224 0x27cc [ 2A7EAF9A5DCC6DF4DFA1162AE69A2AA7, DA2BEC60E08748774B38B727FF83850B64F8C39A17FD7559EE8318683C2E672E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:40:12.0474 0x27cc RtHDVCpl - ok
11:40:12.0536 0x27cc [ 2BFBD5FB7B6EFFF59AD79BB8A8796926, BBD0BC11B9BAA0691BAAE7C7960F51183A6D5ACD322B7092E436900FA495FBDB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:40:12.0568 0x27cc RtHDVBg_Dolby - ok
11:40:12.0583 0x27cc [ E50C263D8AB38DBD77D11263C8151708, 71ACC055C9D12BD6470DBF0C5E2D60DBE625565D729080EB59114979599A0CAF ] C:\WINDOWS\system32\igfxtray.exe
11:40:12.0599 0x27cc IgfxTray - ok
11:40:12.0630 0x27cc [ FADB06BC300A16A112D3B3949C2614D3, 13ECA5CC382148B8F5BF5F9208B449913E5A23BA95ED23FAB573C31A3AE95414 ] C:\WINDOWS\system32\hkcmd.exe
11:40:12.0646 0x27cc HotKeysCmds - ok
11:40:12.0661 0x27cc [ 293F44F1834FE2F7A99D746424167CA7, DBFDAE61824068DA23DDBD14B82E7B5D77E812A90BA60621C134ACB15AC6F5DA ] C:\WINDOWS\system32\igfxpers.exe
11:40:12.0693 0x27cc Persistence - ok
11:40:12.0693 0x27cc [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:40:12.0693 0x27cc IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:40:14.0995 0x27cc Detect skipped due to KSN trusted
11:40:14.0995 0x27cc IAStorIcon - ok
11:40:15.0011 0x27cc [ 92BED6F62FBAC9E327A3BF599CE9AB32, 6ED9BB1B97AB0BDC64CE07FB8757651A83C918320320B84AB823933B8ACFDEB6 ] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
11:40:15.0042 0x27cc DptfPolicyLpmServiceHelper - ok
11:40:15.0230 0x27cc [ 6546BB9B4B32BE17C66479EBCF6F34BF, 79FF9DD229C8218499FE10ECE258CCAFF3FF258790840769948E4D05B017E9B8 ] C:\WINDOWS\RTFTrack.exe
11:40:15.0355 0x27cc RtsFT - ok
11:40:15.0355 0x27cc SynTPEnh - ok
11:40:15.0355 0x27cc BTMTrayAgent - ok
11:40:15.0386 0x27cc [ 5689BB0DB40DC712CC87A4F27925F939, 57164AEC7101BBB1E1321B1BD8CF91453F4A9AC549851885087B42E23D777DB2 ] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
11:40:15.0433 0x27cc Yoga PhoneCompanion - ok
11:40:15.0449 0x27cc [ 7ECEA25EAF0AE3333FF5B4449FBDB6D4, 2C35D9F85A968F4305B945D66B234955BA7F9D4A8FCBEAF085313E3413CC1C0F ] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
11:40:15.0449 0x27cc AutoStartTransition - ok
11:40:15.0464 0x27cc Energy Manager - ok
11:40:15.0464 0x27cc [ ACFA436C851BC9204A6E2B8EBC8B888D, F895E7A77C2C04E61FD8D09909E08172FFEBF039D6DCF7C3D84FF1992D5FFFD3 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
11:40:15.0480 0x27cc Lenovo Utility - ok
11:40:15.0480 0x27cc [ 58D4F708D35E07139D62F32A31FAE7AE, 45C6E4ED441B655BB0185689CEB57EFCFF0F00970C074534BC05A4B43448F17F ] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
11:40:15.0495 0x27cc Yoga Picks - ok
11:40:15.0605 0x27cc [ 799450710D1B09FAF0D220B4DA3BF431, EE77DE14BC91D9A26D08AF4507071BB13F9D7F835AE6616B7D313F4FAF877793 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
11:40:15.0730 0x27cc AvastUI.exe - ok
11:40:15.0745 0x27cc [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
11:40:15.0761 0x27cc HP Software Update - ok
11:40:15.0808 0x27cc [ 38FFE94BC02E5E7525AEB654CF7A4F55, 426D35DC84B59ECECCFC21ACA74A3A11682BC95232939A5EFFECFCC8FE492A70 ] C:\Program Files (x86)\Steam\steam.exe
11:40:15.0870 0x27cc Steam - ok
11:40:16.0027 0x27cc [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
11:40:16.0195 0x27cc CCleaner Monitoring - ok
11:40:16.0248 0x27cc [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
11:40:16.0310 0x27cc HP Deskjet 3520 series (NET) - ok
11:40:16.0310 0x27cc Waiting for KSN requests completion. In queue: 121
11:40:17.0326 0x27cc Waiting for KSN requests completion. In queue: 121
11:40:18.0332 0x27cc Waiting for KSN requests completion. In queue: 121
11:40:19.0379 0x27cc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
11:40:19.0394 0x27cc AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
11:40:19.0441 0x27cc Win FW state via NFP2: enabled ( trusted )
11:40:21.0802 0x27cc ============================================================
11:40:21.0802 0x27cc Scan finished
11:40:21.0802 0x27cc ============================================================
11:40:21.0818 0x18f4 Detected object count: 0
11:40:21.0818 0x18f4 Actual detected object count: 0
|
|
04.08.2015, 15:31
| #7 |
| /// the machine /// TB-Ausbilder | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 hi, ESET Online Scanner
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.08.2015, 17:16
| #8 |
| | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 Hi, vielen Dank für deine Hilfe. Hier das Logfile von Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1810b58c248fa348b6188ec2bbf7fd37
# end=init
# utc_time=2015-08-04 03:22:24
# local_time=2015-08-04 05:22:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25118
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1810b58c248fa348b6188ec2bbf7fd37
# end=updated
# utc_time=2015-08-04 03:25:08
# local_time=2015-08-04 05:25:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1810b58c248fa348b6188ec2bbf7fd37
# engine=25118
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-04 04:07:58
# local_time=2015-08-04 06:07:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 698337 15130790 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1276439 15786870 0 0
# scanned=349075
# found=9
# cleaned=0
# scan_time=2567
sh=FF6FD97BCC603890C9BDFFEBE992A8B95D4F2686 ft=1 fh=6c2a9be43d49c952 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\AppData\Local\Temp\DMR\dmr_72.exe"
sh=0DC85FF2B7234DAF6E9702CEC0E5E592C1AEA84D ft=1 fh=4dc8ff811c4f80fc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\Audiograbber - CHIP-Installer.exe"
sh=7DDC48DE088F19B42202DA268E8444A296921BFD ft=1 fh=893536079bf353a7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\Inkscape - CHIP-Installer.exe"
sh=49F38D3A87A99E66B4C77F1F1E765027AD8C7751 ft=1 fh=d1e6878ec9b91def vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=EE32EB1E011779125B954353F24945DC2DF71F43 ft=1 fh=8ca199b3c81066dc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\No23 Recorder - CHIP-Installer.exe"
sh=D42E5DAB94C8CBFE85652874DACC25AB5628AAB7 ft=1 fh=a568c4bbfe1e79e0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\Opera - CHIP-Installer.exe"
sh=FAD97B114CA4B245E6AA2F421998996C37B23CD6 ft=1 fh=d3b6a96277b7ea43 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\PowerPoint Viewer - CHIP-Installer.exe"
sh=279B54F05A7A6E0B94B5FB9FA9A613A0952049AE ft=1 fh=a4811b95d7e555ff vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\TestDisk PhotoRec - CHIP-Installer.exe"
sh=F64C707F7B7FBC7ED9F024BB1EB4755C51615E89 ft=1 fh=71143ac73e89e1ea vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marius\Downloads\Texmaker - CHIP-Installer.exe"
|
|
05.08.2015, 08:07
| #9 |
| /// the machine /// TB-Ausbilder | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Marius\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Marius\Downloads\Audiograbber - CHIP-Installer.exe
C:\Users\Marius\Downloads\Inkscape - CHIP-Installer.exe
C:\Users\Marius\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
C:\Users\Marius\Downloads\No23 Recorder - CHIP-Installer.exe
C:\Users\Marius\Downloads\Opera - CHIP-Installer.exe
C:\Users\Marius\Downloads\PowerPoint Viewer - CHIP-Installer.exe
C:\Users\Marius\Downloads\TestDisk PhotoRec - CHIP-Installer.exe
C:\Users\Marius\Downloads\Texmaker - CHIP-Installer.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Ansonsten seh ich da nix, keine Ahnung was Avira da anmeckert.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.08.2015, 13:35
| #10 |
| | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 Okay, vielen Dank für deine Unterstützung.. Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Marius (2015-08-05 14:29:05) Run:1
Gestartet von C:\Users\Marius\Desktop\TrojanerBoard
Geladene Profile: Marius (Verfügbare Profile: Marius)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Marius\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Marius\Downloads\Audiograbber - CHIP-Installer.exe
C:\Users\Marius\Downloads\Inkscape - CHIP-Installer.exe
C:\Users\Marius\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
C:\Users\Marius\Downloads\No23 Recorder - CHIP-Installer.exe
C:\Users\Marius\Downloads\Opera - CHIP-Installer.exe
C:\Users\Marius\Downloads\PowerPoint Viewer - CHIP-Installer.exe
C:\Users\Marius\Downloads\TestDisk PhotoRec - CHIP-Installer.exe
C:\Users\Marius\Downloads\Texmaker - CHIP-Installer.exe
*****************
C:\Users\Marius\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\Audiograbber - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\Inkscape - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\No23 Recorder - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\Opera - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\PowerPoint Viewer - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\TestDisk PhotoRec - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Marius\Downloads\Texmaker - CHIP-Installer.exe => erfolgreich verschoben.
==== Ende von Fixlog 14:29:08 ====
|
|
06.08.2015, 05:41
| #11 |
| /// the machine /// TB-Ausbilder | Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 gerne 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1, Avira EU-Cleaner findet TR/Trustezeb.86528 |
| 1und1, abgesicherten, anderen, anti-malware, auslastung, avira, benachrichtigung, browser, c:\windows, config, datei, firefox, fund, gmer, logfile, malwarebytes, meldet, missbraucht, modus, namen, neu, prozess, system, system32, windows |
Linear-Darstellung
