| |
| |||||||
Log-Analyse und Auswertung: Telekom Abuse-Meldung BedepWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.11.2015, 18:53
| #1 |
| |  Telekom Abuse-Meldung Bedep Hallo, ich habe von der Telekom eine Email bekommen mit dem Hinweis auf eine Bedep Infektion. Ich kann diese jedoch nicht eindeutig einem Rechner zuordnen, da 3 Windows Rechner im Netzwerk laufen. Keiner zeigt Symptome, die auf Fremdsteuerung hindeuten würden, so dass ich mal einen FRST Logfile poste. Danke für die Hilfe schon mal im Voraus  FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-11-2015
durchgeführt von Armin (Administrator) auf INTELI7-2600 (20-11-2015 18:22:44)
Gestartet von C:\Users\Armin\Desktop\trojaner-board
Geladene Profile: Armin & UpdatusUser (Verfügbare Profile: Armin & Karin & Sandra & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TerraTec Electronic GmbH) C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
(Dropbox, Inc.) C:\Users\Armin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(QNAP Systems, Inc.) C:\Program Files (x86)\QNAP\NetBak\NetBak.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AtherosBtStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2750536 2013-11-11] (CANON INC.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8529152 2015-09-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411840 2015-09-26] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2011-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QNAP_NASNetBak] => C:\Program Files (x86)\QNAP\NetBak\NetBak.exe [720896 2009-07-10] (QNAP Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298504 2014-11-08] (CANON INC.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1836544 2014-08-19] (TerraTec Electronic GmbH)
HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\Run: [Dropbox Update] => C:\Users\Armin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-09] (Dropbox, Inc.)
HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2964241097-260066582-1381924632-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [185616 2015-08-28] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{79ebfa51-b863-45b8-8394-679f9f27fb61}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{b6ebc147-006c-4364-b377-c57cd8f7844f}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2964241097-260066582-1381924632-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2964241097-260066582-1381924632-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2964241097-260066582-1381924632-1000 -> DefaultScope {AC12E8A8-4509-41AD-BB61-11FA47893A72} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2964241097-260066582-1381924632-1000 -> {8634440F-C46D-4A6B-BA98-54378825790A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=38a861ea-c40e-40cb-a308-1ad353b27ccf&apn_sauid=61CBB3D3-B99C-4779-AB7A-4B031F35D3D2
SearchScopes: HKU\S-1-5-21-2964241097-260066582-1381924632-1000 -> {AC12E8A8-4509-41AD-BB61-11FA47893A72} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-26] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-26] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-2964241097-260066582-1381924632-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-720720720720} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Armin\AppData\Roaming\Mozilla\Firefox\Profiles\alije5x5.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-25] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Armin\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-03-05] (Cisco WebEx LLC)
FF Extension: Avira Browser Safety - C:\Users\Armin\AppData\Roaming\Mozilla\Firefox\Profiles\alije5x5.default\Extensions\abs@avira.com [2015-10-23] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2011-12-09] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-09-02] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [227472 2015-09-26] (DTS)
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems GmbH)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] () [Datei ist nicht signiert]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-26] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-26] (Microsoft Corporation)
S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-09-26] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-26] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-09-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-26] (Avira Operations GmbH & Co. KG)
R3 EyeTV_Sat_Free; C:\Windows\system32\DRIVERS\EyeTV_Sat_Free.sys [165616 2012-08-20] (Elgato Systems GmbH)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-26] (Microsoft Corporation)
S0 mv61xx; C:\Windows\System32\drivers\mv61xx.sys [86016 2006-11-14] (Marvell Semiconductor, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2011-02-16] (Western Digital Technologies) [Datei ist nicht signiert]
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-20 18:22 - 2015-11-20 18:22 - 00000000 ____D C:\FRST
2015-11-20 18:21 - 2015-11-20 18:21 - 00000000 _____ C:\Users\Armin\defogger_reenable
2015-11-20 18:19 - 2015-11-20 18:22 - 00000000 ____D C:\Users\Armin\Desktop\trojaner-board
2015-11-20 18:18 - 2015-11-20 18:18 - 00016148 _____ C:\WINDOWS\system32\INTELI7-2600_Armin_HistoryPrediction.bin
2015-11-20 16:25 - 2015-11-20 16:25 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-18 21:09 - 2015-11-18 21:09 - 00000000 ____D C:\Users\Armin\AppData\Local\{DBCC848C-E1EB-4EF1-80AF-CDBA84FDF00F}
2015-11-17 15:00 - 2015-11-17 15:00 - 00000000 ____D C:\Users\Armin\AppData\Local\{9A68236B-59C0-4417-B55D-69FDDE11AE9C}
2015-11-16 20:44 - 2015-11-16 20:44 - 00000000 ____D C:\Users\Armin\AppData\Local\{531A0EB4-FC98-4C74-B05F-81DFCAB87A9E}
2015-11-15 10:01 - 2015-11-15 10:01 - 00000000 ____D C:\Users\Armin\AppData\Local\{C06686E4-4FA9-4E0D-B80B-5F5C2FDC0617}
2015-11-14 16:58 - 2015-11-14 16:58 - 00000000 ____D C:\Users\Armin\AppData\Local\{FB40470C-9199-41FD-865C-9FED327E55B5}
2015-11-13 22:49 - 2015-11-13 22:50 - 00000000 ____D C:\Users\Armin\AppData\Local\{42B9BBFA-D41C-490C-B4D7-0A7637FF1AEE}
2015-11-12 20:52 - 2015-11-12 20:52 - 00000000 ____D C:\Users\Armin\AppData\Local\CEF
2015-11-12 20:51 - 2015-11-16 02:15 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-12 20:22 - 2015-11-12 20:22 - 00000000 ____D C:\Users\Armin\AppData\Local\{3849C43E-4BFE-4CD7-A76D-A4DD675058D0}
2015-11-11 20:11 - 2015-11-11 20:11 - 00000000 ____D C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-10 22:25 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-10 22:25 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-10 22:25 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-10 22:25 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-10 22:25 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-10 22:25 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-10 22:25 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-10 22:24 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-10 22:24 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-10 22:24 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-10 22:24 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-10 22:24 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-10 22:24 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-10 22:24 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-10 22:24 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-10 22:24 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-10 22:24 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-10 22:24 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-10 22:24 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-10 22:24 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-10 22:24 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-10 22:24 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-10 22:24 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-10 22:24 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-10 22:24 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-10 22:24 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-10 22:24 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-10 22:24 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-10 22:24 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-10 22:24 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-10 22:24 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-10 22:24 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-10 22:24 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-10 22:24 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-10 22:24 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-10 22:24 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-10 22:24 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-10 22:24 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-10 22:24 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-10 22:24 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-10 22:24 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-10 22:24 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-10 22:24 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-10 22:24 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-10 22:24 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-10 22:24 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-10 22:24 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-10 22:24 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-10 22:24 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-10 22:24 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-10 22:24 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-10 22:24 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-10 22:24 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 21:14 - 2015-11-10 21:14 - 00000000 ____D C:\Users\Armin\AppData\Local\{B7C082A3-2418-4FA8-B937-8DEBD68A0788}
2015-11-09 20:11 - 2015-11-09 20:11 - 00000000 ____D C:\Users\Armin\AppData\Local\{40FBB38B-05E5-4479-BD14-DD0E6942A44F}
2015-11-08 21:14 - 2015-11-08 21:14 - 00000000 ____D C:\Users\Armin\AppData\Local\{4F981116-34D4-4262-9BB1-64704A696A59}
2015-11-08 16:52 - 2015-11-08 16:52 - 00000000 ____D C:\Users\Armin\AppData\Local\{9A7E2FAF-1E42-4902-B5C9-59B9B5339268}
2015-11-06 18:23 - 2015-11-06 18:24 - 00000000 ____D C:\Users\Armin\AppData\Local\{D959751A-0E2A-4DD9-BDD1-46FF85401521}
2015-11-05 20:46 - 2015-11-05 20:46 - 00000000 ____D C:\Users\Armin\AppData\Local\{B087318B-4842-4285-908D-794296199AF8}
2015-11-04 21:35 - 2015-11-11 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-04 19:27 - 2015-11-04 19:27 - 00000000 ____D C:\Users\Armin\AppData\Local\{1D6F2F03-40B6-45A9-9E6B-E7B917E122B1}
2015-11-03 21:32 - 2015-11-03 21:32 - 00000000 ____D C:\Users\Armin\AppData\Local\{71A82273-970B-46A3-9633-339D4F4979B4}
2015-11-02 19:38 - 2015-11-02 19:39 - 00000000 ____D C:\Users\Armin\AppData\Local\{B96971CB-C979-466F-BFFF-DE75C5BF31B2}
2015-11-01 16:35 - 2015-11-01 16:35 - 00000000 ____D C:\Users\Armin\AppData\Local\{A1A4D266-39CF-4EC7-9339-EE12506B44FF}
2015-11-01 09:11 - 2015-11-01 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-01 09:11 - 2015-11-01 09:11 - 00000000 ____D C:\Program Files\iTunes
2015-11-01 09:11 - 2015-11-01 09:11 - 00000000 ____D C:\Program Files\iPod
2015-11-01 09:11 - 2015-11-01 09:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-31 16:08 - 2015-10-31 16:08 - 00000000 ____D C:\Users\Armin\AppData\Local\{D77528C3-FF9C-423C-A335-6330BAE1DC39}
2015-10-30 19:13 - 2015-10-30 19:13 - 00000000 ____D C:\Users\Armin\AppData\Local\{99BE22C8-C93C-42BD-8D7A-A97A846BB1AE}
2015-10-29 17:36 - 2015-10-29 17:36 - 00000000 ____D C:\Users\Armin\AppData\Local\{89A51C37-EE2F-4B3B-AFED-A8E18BEFDCAB}
2015-10-28 19:10 - 2015-10-28 19:11 - 00000000 ____D C:\Users\Armin\AppData\Local\{45CE76DB-C82D-4311-A1AF-11BC6EF0AB6E}
2015-10-27 20:20 - 2015-10-27 20:20 - 00000000 ____D C:\Users\Armin\AppData\Local\{B5A3071E-503B-438C-A420-84B6BD183611}
2015-10-26 20:22 - 2015-10-26 20:22 - 00000000 ____D C:\Users\Armin\AppData\Local\{B299C4A0-8D48-4C1E-A5A3-D21BCD854E33}
2015-10-25 22:09 - 2015-10-25 22:10 - 00000000 ____D C:\Users\Armin\AppData\Local\{0290D2E7-B246-4066-BE9D-02674B246B9F}
2015-10-24 16:53 - 2015-10-24 16:53 - 00000000 ____D C:\Users\Armin\AppData\Local\{D675F6A0-2688-4295-859C-E5A192826E38}
2015-10-23 19:59 - 2015-10-23 19:59 - 00000743 _____ C:\Users\Armin\Documents\Daten1.lnk
2015-10-23 16:35 - 2015-10-23 16:35 - 00000000 ____D C:\Users\Armin\AppData\Local\{B6BB9CDC-32CF-4EE3-A045-3F564721A8CF}
2015-10-22 18:59 - 2015-10-22 18:59 - 00000000 ____D C:\Users\Armin\AppData\Local\{C1D57CCB-A036-43B2-B12B-A56F825634D4}
2015-10-21 18:48 - 2015-10-21 18:48 - 00000000 ____D C:\Users\Armin\AppData\Local\{D2DA5126-24C7-44D4-8BB7-855097CB8CDE}
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-20 18:21 - 2015-09-26 08:25 - 00000000 ____D C:\Users\Armin
2015-11-20 18:19 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-20 18:19 - 2015-07-30 22:50 - 00029718 _____ C:\WINDOWS\setupact.log
2015-11-20 18:14 - 2012-08-29 20:37 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 17:42 - 2015-06-18 17:30 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2964241097-260066582-1381924632-1000UA.job
2015-11-20 17:15 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-20 16:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-20 16:28 - 2015-09-26 09:22 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-20 16:17 - 2015-09-26 08:25 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-20 16:17 - 2015-09-10 06:10 - 00883584 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-20 16:17 - 2015-09-10 06:10 - 00195718 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-20 16:15 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-20 16:15 - 2012-08-29 20:37 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 16:15 - 2011-11-25 18:13 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-18 21:04 - 2012-03-03 12:31 - 00000000 ___RD C:\Users\Armin\Dropbox
2015-11-18 21:04 - 2012-03-03 12:29 - 00000000 ____D C:\Users\Armin\AppData\Roaming\Dropbox
2015-11-18 21:01 - 2015-09-26 08:24 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-18 21:01 - 2015-09-09 21:33 - 00009306 _____ C:\WINDOWS\PFRO.log
2015-11-18 21:01 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-18 21:00 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-18 21:00 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-18 20:59 - 2015-09-26 11:27 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{546F33C2-C140-4167-9D20-1B47F0EF804E}
2015-11-17 18:42 - 2015-06-18 17:30 - 00001172 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2964241097-260066582-1381924632-1000Core.job
2015-11-16 22:00 - 2012-05-16 21:40 - 00000000 ____D C:\Users\Armin\AppData\Roaming\vlc
2015-11-12 20:52 - 2014-08-17 15:19 - 00000000 ____D C:\Users\Armin\AppData\Local\Adobe
2015-11-12 20:51 - 2015-06-04 21:26 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-12 20:51 - 2011-12-08 19:50 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-12 20:02 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-12 20:02 - 2011-12-08 20:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-12 19:57 - 2013-08-25 23:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 19:55 - 2011-11-25 18:42 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 19:51 - 2012-06-26 17:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-10 21:02 - 2014-08-14 18:50 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 21:02 - 2013-08-05 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-09 18:48 - 2011-12-29 18:48 - 00000000 ____D C:\Users\Armin\AppData\Roaming\NetBak
2015-11-04 21:32 - 2015-09-26 11:04 - 00002404 _____ C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-04 21:32 - 2015-09-26 11:04 - 00000000 ___RD C:\Users\Armin\OneDrive
2015-11-04 21:32 - 2012-02-08 21:27 - 00000000 ____D C:\Users\Armin\Downloads\xxx
2015-11-03 19:20 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 09:10 - 2012-02-17 19:37 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-31 21:45 - 2015-07-10 04:24 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-10-31 21:45 - 2015-07-10 04:24 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-10-31 21:45 - 2015-07-10 04:24 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-10-31 21:45 - 2015-07-10 04:24 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-10-31 21:45 - 2015-07-10 04:14 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-10-31 21:45 - 2015-07-10 04:14 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-10-31 21:45 - 2015-07-10 04:14 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-10-31 21:45 - 2015-07-10 04:13 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-10-31 21:45 - 2015-07-10 04:12 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-10-31 21:45 - 2015-07-10 04:12 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-10-31 21:45 - 2015-07-10 04:12 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-10-29 17:24 - 2015-09-26 09:21 - 00000000 ____D C:\Windows.old
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-12-08 21:17 - 2014-10-09 17:00 - 0007608 _____ () C:\Users\Armin\AppData\Local\resmon.resmoncfg
2015-09-26 12:15 - 2015-09-26 12:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Armin\AppData\Local\Temp\avgnt.exe
C:\Users\Armin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw2pcjp.dll
C:\Users\Armin\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Armin\AppData\Local\Temp\{381EBF56-9D8D-449B-AE39-CB8F987798F8}-DropboxClient_3.10.11.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-20 16:25
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von Armin (2015-11-20 18:23:09)
Gestartet von C:\Users\Armin\Desktop\trojaner-board
Windows 10 Pro (X64) (2015-09-26 10:02:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2964241097-260066582-1381924632-500 - Administrator - Disabled)
Armin (S-1-5-21-2964241097-260066582-1381924632-1000 - Administrator - Enabled) => C:\Users\Armin
DefaultAccount (S-1-5-21-2964241097-260066582-1381924632-503 - Limited - Disabled)
Gast (S-1-5-21-2964241097-260066582-1381924632-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2964241097-260066582-1381924632-1002 - Limited - Enabled)
Karin (S-1-5-21-2964241097-260066582-1381924632-1004 - Limited - Enabled) => C:\Users\Karin
Sandra (S-1-5-21-2964241097-260066582-1381924632-1005 - Limited - Enabled) => C:\Users\Sandra
UpdatusUser (S-1-5-21-2964241097-260066582-1381924632-1006 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Web Premium (HKLM-x32\...\Adobe_4db064343401efd6449f33f8411c14b) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.0 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.51.1 - Canon Inc.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.3.0.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.2.20.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.2.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.4 - Fomanu AG)
Dropbox (HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.0.0.8086p) (Version: 16.0.15910 - Landesfinanzdirektion Thüringen)
EOS MOVIE Utility (HKLM-x32\...\EOS MOVIE Utility) (Version: 1.3.0.0 - Canon Inc.)
EyeTV Netstream for Windows Media Center (HKLM-x32\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
EyeTV Sat Free v1.13.00.69 (HKLM-x32\...\EyeTV Sat Free v1.13.00.69) (Version: 1.13.00.69 - Elgato Systems)
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
FreeFileSync 7.3 (HKLM-x32\...\FreeFileSync) (Version: 7.3 - www.FreeFileSync.org)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iPhone Backup Extractor (HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\iPhone Backup Extractor) (Version: 4.0.8.0 - Reincubate Ltd)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.62.0 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.1.0.6 - Marvell)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PIXMA Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 3.4.3.0523 - QNAP Systems, Inc.)
QNAP NetBak Replicator (HKLM-x32\...\QNAP_NASNetBak) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - )
Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version: - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.31.2 - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Voltcraft - Voltsoft System Version (HKLM-x32\...\{27383738-D10F-4186-A784-7AB19733654D}_is1) (Version: - Voltcraft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Armin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2964241097-260066582-1381924632-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04833F65-22F8-4241-B3E3-F7518E4A63C2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {0493825A-AB0B-4FB7-B710-50114277F7AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {15862FD2-E116-467E-82DF-FD83ECCAF684} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2049DB0E-ADD6-41C6-B3C1-4B4828A75A1F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {2180D5A7-FD43-476B-B539-AA1B41891137} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {31B8C96B-CC00-4F7F-ADC8-DC74225AD0CE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {32CB5B7D-9807-4CA9-8E02-9323520FDD1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {332C6DDF-E45B-4982-8A85-E74B271473E7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {33BC6020-C7BD-466A-873B-E557AAD15366} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {3D183741-655F-4975-AA94-CB5AEA1D9E66} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {47320A60-33EE-4C2B-BC64-5C8D49C9F6A0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4764E3B4-0416-49AE-8FE9-47E84216413C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {4804504E-7392-4F9A-99F3-60A7415A21C6} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2008-06-27] ()
Task: {4D040B64-7DE3-4258-877D-20F778DD14EC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {505C4131-C5AF-42F7-A3EB-2BA19FEB436D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {54B8A753-DF1F-4A4C-A2E6-8C1C5783CC6D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {5D5B50A4-79AD-4740-AF56-E7F94E75DF90} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {6906DC6A-93E7-47FE-8121-F51FFF92F116} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {6EE52F95-9995-4CFB-915F-874BF6899DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {6FB9D260-542A-4731-B2D0-7D2EE9E1E264} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {6FCFB0B0-00A3-43FC-B6EE-C9D7572E8EAF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7449AA76-84E6-4B10-B3F1-92D2C29286E4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2964241097-260066582-1381924632-1000Core => C:\Users\Armin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-10-09] (Dropbox, Inc.)
Task: {748FF306-A285-4713-83C5-4DD3AD789F52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8B14C381-DFDF-4359-AE56-C477B02D0D58} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {960ED741-FEAF-4695-8C7B-D697264D3845} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {980C5846-F242-49F3-A7D2-03EBE6AF2F8B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9C0C4CAF-B0FE-47E4-AA98-21153D4CD4C3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A10CD64E-79EA-468B-B99D-E353A25C18DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A2311DEC-447F-4851-8609-5E3C347D9D25} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A9BDA7C0-2FEE-405E-8729-971634C42EBE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {AD968688-A56B-42F8-BCD9-2B8C47AA86E7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2964241097-260066582-1381924632-1000UA => C:\Users\Armin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-10-09] (Dropbox, Inc.)
Task: {AE3B3FEC-99D7-4DFB-B0FD-4B3535B01690} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {AF6E2E5C-980B-4D14-808B-9425B8389534} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {BF60CB86-A28D-48E2-9D4D-42E1777AB417} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {CA078875-AA00-4D0C-8A8E-151D06EB3421} - System32\Tasks\{509C8211-A389-4704-853A-CD1B2D6EC777} => pcalua.exe -a F:\Autorun.exe -d F:\
Task: {D1A12D3A-F0CF-4D43-9C7F-2DE9278BB18D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DA8A32A7-916C-4953-843F-213C2CF88372} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {DC2461F0-DF24-4561-9DF2-53431C19DD23} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {DE61193B-562E-47B5-9561-4FA5FB0BBDAA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {F26ABAF0-AE35-4D7D-BE97-769A3EB9F575} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {FA9CADC9-E3BC-49B2-BB9C-2AC83E99C28B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {FBD8F947-B126-4039-8988-4DB125F83889} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {FD0B7BEE-F961-47B0-AA1D-FFDFFB3BD1B3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FDF532FB-B663-43A8-89C6-5C4D7E7F3C00} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2964241097-260066582-1381924632-1000Core.job => C:\Users\Armin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2964241097-260066582-1381924632-1000UA.job => C:\Users\Armin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2011-12-18 17:45 - 2007-04-13 07:49 - 00101528 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-26 08:24 - 2015-08-07 01:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-30 20:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 20:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-09-30 20:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 20:24 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 20:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 20:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 20:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-27 20:34 - 2015-10-27 20:36 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-27 20:34 - 2015-10-27 20:36 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-27 20:34 - 2015-10-27 20:37 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-10-22 19:03 - 2015-10-22 19:03 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-11-04 20:31 - 2015-11-04 20:31 - 00172544 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\80248fc6df8396505c531b53dc2cd79e\IsdiInterop.ni.dll
2011-11-25 18:41 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-10-02 17:54 - 2015-11-05 00:44 - 00166416 _____ () C:\Users\Armin\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-11-20 16:15 - 2015-11-20 16:15 - 00071168 _____ () c:\users\armin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw2pcjp.dll
2013-05-19 14:06 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\telekom-dienste.de -> telekom-dienste.de
IE trusted site: HKU\S-1-5-21-2964241097-260066582-1381924632-1000\...\telekom.de -> telekom.de
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2964241097-260066582-1381924632-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2964241097-260066582-1381924632-1006\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CB101484-B8EF-494C-A023-62AC0F1BA0D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E4AFE131-B857-499E-9DE1-2E74B33FAA95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{92ECDA03-D921-4C91-86AC-E25FA047F5CB}C:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe] => (Block) C:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe
FirewallRules: [TCP Query User{2053F015-8066-4925-9513-0D89E01A84B4}C:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe] => (Block) C:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe
FirewallRules: [{59974900-AC13-4A7F-AA26-B6D97C94E099}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe
FirewallRules: [{EF0F48D4-ED98-4F95-B4BA-29F3081D7084}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe
FirewallRules: [{B9E0386C-8D54-4E7F-B56D-3A2B18A44146}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{C43BAAEA-9F72-4FED-8B19-4CD463F71D5D}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{58EAC33C-1057-490C-A2B3-15DD9481DAC7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BC628995-7A44-4695-9C30-3928137970E0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [UDP Query User{BBEB96E2-8161-434C-BAEC-0647FD3D023D}C:\program files (x86)\microsoft office\office14\powerpnt.exe] => (Allow) C:\program files (x86)\microsoft office\office14\powerpnt.exe
FirewallRules: [TCP Query User{F1EC0C89-1F2F-48D0-8B1A-7DA084A86ADF}C:\program files (x86)\microsoft office\office14\powerpnt.exe] => (Allow) C:\program files (x86)\microsoft office\office14\powerpnt.exe
FirewallRules: [UDP Query User{09B0F9C7-3879-4C6D-BC74-F5A8648A498A}C:\users\armin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\armin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D5B6A9B3-F0BE-47B6-AA5B-5CC0FEDCA8B5}C:\users\armin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\armin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1E43891F-E762-4CB1-ADB1-BF7CBB7B35AB}] => (Allow) C:\Users\Armin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{60319BE0-208E-4A7F-8BDE-8B1DC746B3EA}] => (Allow) C:\Users\Armin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{5E4C55C5-EAAC-4388-9A5F-38CACF7183C6}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [TCP Query User{453F0FAD-3C2D-406A-8B0D-F5292F2E16D6}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [UDP Query User{B81FED37-11B3-4FAE-AD3C-9C12AB6E7C60}C:\program files (x86)\qnap\netbak\netbak.exe] => (Allow) C:\program files (x86)\qnap\netbak\netbak.exe
FirewallRules: [TCP Query User{D5F896AF-922F-447D-86D1-B1EF293D3EE4}C:\program files (x86)\qnap\netbak\netbak.exe] => (Allow) C:\program files (x86)\qnap\netbak\netbak.exe
FirewallRules: [{63715546-0446-42D1-9C47-07366C02EF52}] => (Allow) LPort=1900
FirewallRules: [{A5D1AF45-4D57-408A-8FA3-6FBC5AC359DD}] => (Allow) LPort=2869
FirewallRules: [{BF6354B0-8D22-450D-824A-136CFCC6607C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{827EABB2-0800-42CE-9F4D-E323C5B52C58}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{2E31F542-6B70-4FF0-8E79-8E14C63D15C6}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{D285F955-FA1A-41D7-88A6-68CAF1298E66}] => (Allow) LPort=51001
FirewallRules: [{ECB63120-4B0A-4057-83F9-2111940BA1C0}] => (Allow) LPort=51000
FirewallRules: [{96150E14-EE41-40A0-B603-B15690D3FDD7}] => (Allow) LPort=3704
FirewallRules: [{2AF18555-C550-48DC-A135-37D025A50406}] => (Allow) LPort=3703
FirewallRules: [{16EB5EEC-9323-4848-A693-E655B5712DB1}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{C7C3E23B-FCE8-47EA-8347-1C1C7796F89E}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{BE1AAF57-D182-4189-BD79-243F2EF6B880}] => (Allow) LPort=5353
FirewallRules: [{5FC6977A-C27D-472B-976B-1A2A74E23B31}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{2B1D7539-1648-4467-A943-172783B75FB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{74A574FD-4BE8-497C-9B6F-786C9EFC3BF4}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe
FirewallRules: [{FB4BA209-2548-44D2-88C8-DA4E9C2BB537}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe
FirewallRules: [{3D8FD6B8-B431-4D84-A835-BC7A076949EC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B6E48BBF-1155-47DE-9D55-F57CA41C7EB8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E3EA9C15-C388-4FF9-8175-D2F145D6B7FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6CBC89D0-914D-45FD-BDF0-FDC3FB6D66F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A40ACA46-03F6-4018-BEB0-0BCBA8D5CAB6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{29FA25FA-C05B-4755-B7F1-DCDDBC7147C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{74A62165-B350-4EF4-B7DF-44FFE746BE25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5DCD97B1-5D6E-45E6-8F5D-FAC1EAA59963}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe] => Designer.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/20/2015 06:14:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0xed4
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Vollständiger Name des fehlerhaften Pakets: jucheck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: jucheck.exe5
Error: (11/20/2015 04:15:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/18/2015 09:03:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/18/2015 08:56:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/17/2015 02:59:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/16/2015 08:50:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(04:54:53:38:11:c3@fe80::654:53ff:fe38:11c3._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (11/16/2015 08:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0x1924
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Vollständiger Name des fehlerhaften Pakets: jucheck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: jucheck.exe5
Error: (11/16/2015 08:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 10
Error: (11/16/2015 08:44:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/16/2015 02:15:10 AM) (Source: MsiInstaller) (EventID: 1024) (User: INTELI7-2600)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6D00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Systemfehler:
=============
Error: (11/20/2015 04:28:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Upgrade auf Windows 10 Pro, Version 1511, 10586
Error: (11/20/2015 04:14:44 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (11/18/2015 10:22:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/18/2015 09:05:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/18/2015 09:01:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (11/18/2015 08:59:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/17/2015 10:17:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/16/2015 10:01:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/16/2015 07:25:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/14/2015 11:13:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-11-20 16:27:04.622
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:27:04.595
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:27:04.562
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:27:04.517
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:27:04.500
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:27:04.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:27:03.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:27:03.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:26:13.633
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-11-20 16:26:13.607
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 12192.96 MB
Verfügbarer physikalischer RAM: 9849.52 MB
Summe virtueller Speicher: 24480.96 MB
Verfügbarer virtueller Speicher: 21937.16 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:111.26 GB) (Free:45.66 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:233.21 GB) NTFS
Drive h: (VERBATIM) (Removable) (Total:117.16 GB) (Free:117.06 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 6FD91AD3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 403893C9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 117.2 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
20.11.2015, 19:20
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Abuse-Meldung Bedep hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
20.11.2015, 20:59
| #3 |
| | Telekom Abuse-Meldung Bedep Hallo,
__________________anbei mbar-log-2015-11-20 (20-37-42).txt: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.11.20.05
rootkit: v2015.11.14.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16590
Armin :: INTELI7-2600 [administrator]
20.11.2015 20:37:42
mbar-log-2015-11-20 (20-37-42).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 550152
Time elapsed: 7 minute(s), 54 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 20:49:12.0089 0x1508 TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
20:49:17.0308 0x1508 ============================================================
20:49:17.0308 0x1508 Current date / time: 2015/11/20 20:49:17.0308
20:49:17.0308 0x1508 SystemInfo:
20:49:17.0308 0x1508
20:49:17.0308 0x1508 OS Version: 10.0.10240 ServicePack: 0.0
20:49:17.0308 0x1508 Product type: Workstation
20:49:17.0308 0x1508 ComputerName: INTELI7-2600
20:49:17.0308 0x1508 UserName: Armin
20:49:17.0308 0x1508 Windows directory: C:\WINDOWS
20:49:17.0308 0x1508 System windows directory: C:\WINDOWS
20:49:17.0308 0x1508 Running under WOW64
20:49:17.0308 0x1508 Processor architecture: Intel x64
20:49:17.0308 0x1508 Number of processors: 8
20:49:17.0308 0x1508 Page size: 0x1000
20:49:17.0308 0x1508 Boot type: Normal boot
20:49:17.0308 0x1508 ============================================================
20:49:18.0027 0x1508 KLMD registered as C:\WINDOWS\system32\drivers\91379416.sys
20:49:18.0074 0x1508 System UUID: {6A811D3F-15E5-7FEF-BEDB-EDDCE3E6D103}
20:49:18.0340 0x1508 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:49:18.0340 0x1508 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2F00000 ( 111.80 Gb ), SectorSize: 0x200, Cylinders: 0x3902, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:49:18.0340 0x1508 Drive \Device\Harddisk3\DR6 - Size: 0x1D4C000000 ( 117.19 Gb ), SectorSize: 0x200, Cylinders: 0x3BC1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:49:18.0340 0x1508 ============================================================
20:49:18.0340 0x1508 \Device\Harddisk1\DR1:
20:49:18.0340 0x1508 MBR partitions:
20:49:18.0340 0x1508 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
20:49:18.0340 0x1508 \Device\Harddisk0\DR0:
20:49:18.0340 0x1508 MBR partitions:
20:49:18.0340 0x1508 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:49:18.0340 0x1508 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE83800
20:49:18.0340 0x1508 \Device\Harddisk3\DR6:
20:49:18.0340 0x1508 MBR partitions:
20:49:18.0340 0x1508 \Device\Harddisk3\DR6\Partition1: MBR, Type 0xC, StartLBA 0x80, BlocksNum 0xEA5FF80
20:49:18.0340 0x1508 ============================================================
20:49:18.0340 0x1508 C: <-> \Device\Harddisk0\DR0\Partition2
20:49:18.0371 0x1508 D: <-> \Device\Harddisk1\DR1\Partition1
20:49:18.0371 0x1508 ============================================================
20:49:18.0371 0x1508 Initialize success
20:49:18.0371 0x1508 ============================================================
20:49:42.0248 0x1604 ============================================================
20:49:42.0248 0x1604 Scan started
20:49:42.0248 0x1604 Mode: Manual; SigCheck; TDLFS;
20:49:42.0248 0x1604 ============================================================
20:49:42.0248 0x1604 KSN ping started
20:49:44.0748 0x1604 KSN ping finished: true
20:49:45.0717 0x1604 ================ Scan system memory ========================
20:49:45.0717 0x1604 System memory - ok
20:49:45.0717 0x1604 ================ Scan services =============================
20:49:45.0764 0x1604 1394ohci - ok
20:49:45.0764 0x1604 3ware - ok
20:49:45.0764 0x1604 ACPI - ok
20:49:45.0764 0x1604 acpiex - ok
20:49:45.0764 0x1604 acpipagr - ok
20:49:45.0764 0x1604 AcpiPmi - ok
20:49:45.0779 0x1604 acpitime - ok
20:49:45.0779 0x1604 [ D44BCAF639E4E45307C2BC80715273D5, 1E1CDE13C39D835447096CBEC104A2EDDCE15D94288DB3FBB02421B8B8307989 ] adfs C:\WINDOWS\system32\drivers\adfs.sys
20:49:45.0795 0x1604 adfs - ok
20:49:45.0811 0x1604 [ 9444A3530C2E88B7ED96A566FF9CCC13, B6372B557715279A03063FD0A30512A5938A689A950B9C6AF7BBC66C15FA87A6 ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
20:49:45.0826 0x1604 Adobe Version Cue CS4 - ok
20:49:45.0826 0x1604 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:49:45.0842 0x1604 AdobeARMservice - ok
20:49:45.0842 0x1604 ADP80XX - ok
20:49:45.0842 0x1604 AFD - ok
20:49:45.0842 0x1604 agp440 - ok
20:49:45.0842 0x1604 ahcache - ok
20:49:45.0858 0x1604 AJRouter - ok
20:49:45.0858 0x1604 ALG - ok
20:49:45.0858 0x1604 AmdK8 - ok
20:49:45.0858 0x1604 AmdPPM - ok
20:49:45.0858 0x1604 amdsata - ok
20:49:45.0858 0x1604 amdsbs - ok
20:49:45.0858 0x1604 amdxata - ok
20:49:45.0889 0x1604 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:49:45.0904 0x1604 AntiVirMailService - ok
20:49:45.0920 0x1604 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:49:45.0936 0x1604 AntiVirSchedulerService - ok
20:49:45.0951 0x1604 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:49:45.0967 0x1604 AntiVirService - ok
20:49:45.0983 0x1604 [ B667AB46FA82FC246F9069D81BB1065C, CC3ADE01E745B6A4F425E41C5C380BF0D06121B3823BDF0A8DF2973DA59F86EA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:49:46.0014 0x1604 AntiVirWebService - ok
20:49:46.0014 0x1604 AppHostSvc - ok
20:49:46.0014 0x1604 AppID - ok
20:49:46.0014 0x1604 AppIDSvc - ok
20:49:46.0014 0x1604 Appinfo - ok
20:49:46.0030 0x1604 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:49:46.0030 0x1604 Apple Mobile Device Service - ok
20:49:46.0030 0x1604 AppMgmt - ok
20:49:46.0030 0x1604 AppReadiness - ok
20:49:46.0045 0x1604 AppXSvc - ok
20:49:46.0045 0x1604 arcsas - ok
20:49:46.0045 0x1604 aspnet_state - ok
20:49:46.0061 0x1604 AsyncMac - ok
20:49:46.0061 0x1604 atapi - ok
20:49:46.0061 0x1604 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] AthDfu C:\WINDOWS\System32\Drivers\AthDfu.sys
20:49:46.0076 0x1604 AthDfu - ok
20:49:46.0076 0x1604 AudioEndpointBuilder - ok
20:49:46.0076 0x1604 Audiosrv - ok
20:49:46.0092 0x1604 [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:49:46.0092 0x1604 avgntflt - ok
20:49:46.0092 0x1604 [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:49:46.0108 0x1604 avipbb - ok
20:49:46.0108 0x1604 [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:49:46.0123 0x1604 Avira.ServiceHost - ok
20:49:46.0123 0x1604 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:49:46.0139 0x1604 avkmgr - ok
20:49:46.0139 0x1604 [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
20:49:46.0139 0x1604 avnetflt - ok
20:49:46.0139 0x1604 AxInstSV - ok
20:49:46.0155 0x1604 b06bdrv - ok
20:49:46.0155 0x1604 BasicDisplay - ok
20:49:46.0155 0x1604 BasicRender - ok
20:49:46.0155 0x1604 bcmfn2 - ok
20:49:46.0155 0x1604 BDESVC - ok
20:49:46.0155 0x1604 Beep - ok
20:49:46.0155 0x1604 BFE - ok
20:49:46.0170 0x1604 BITS - ok
20:49:46.0170 0x1604 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:49:46.0186 0x1604 Bonjour Service - ok
20:49:46.0186 0x1604 bowser - ok
20:49:46.0186 0x1604 BrokerInfrastructure - ok
20:49:46.0186 0x1604 Browser - ok
20:49:46.0201 0x1604 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
20:49:46.0201 0x1604 BTATH_BUS - ok
20:49:46.0217 0x1604 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:49:46.0233 0x1604 BtFilter - ok
20:49:46.0233 0x1604 BthAvrcpTg - ok
20:49:46.0233 0x1604 BthEnum - ok
20:49:46.0248 0x1604 BthHFEnum - ok
20:49:46.0248 0x1604 bthhfhid - ok
20:49:46.0248 0x1604 BthHFSrv - ok
20:49:46.0248 0x1604 BTHMODEM - ok
20:49:46.0248 0x1604 BthPan - ok
20:49:46.0248 0x1604 BTHPORT - ok
20:49:46.0248 0x1604 bthserv - ok
20:49:46.0264 0x1604 BTHUSB - ok
20:49:46.0264 0x1604 buttonconverter - ok
20:49:46.0264 0x1604 CapImg - ok
20:49:46.0264 0x1604 cdfs - ok
20:49:46.0264 0x1604 CDPSvc - ok
20:49:46.0264 0x1604 cdrom - ok
20:49:46.0264 0x1604 CertPropSvc - ok
20:49:46.0264 0x1604 circlass - ok
20:49:46.0280 0x1604 CLFS - ok
20:49:46.0280 0x1604 ClipSVC - ok
20:49:46.0280 0x1604 CmBatt - ok
20:49:46.0280 0x1604 CNG - ok
20:49:46.0280 0x1604 cnghwassist - ok
20:49:46.0295 0x1604 CompositeBus - ok
20:49:46.0295 0x1604 COMSysApp - ok
20:49:46.0311 0x1604 condrv - ok
20:49:46.0311 0x1604 CoreMessagingRegistrar - ok
20:49:46.0342 0x1604 [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:49:46.0358 0x1604 cphs - ok
20:49:46.0358 0x1604 CryptSvc - ok
20:49:46.0358 0x1604 CSC - ok
20:49:46.0358 0x1604 CscService - ok
20:49:46.0358 0x1604 dam - ok
20:49:46.0373 0x1604 DcomLaunch - ok
20:49:46.0373 0x1604 DcpSvc - ok
20:49:46.0373 0x1604 defragsvc - ok
20:49:46.0373 0x1604 DeviceAssociationService - ok
20:49:46.0373 0x1604 DeviceInstall - ok
20:49:46.0373 0x1604 DevQueryBroker - ok
20:49:46.0373 0x1604 Dfsc - ok
20:49:46.0389 0x1604 Dhcp - ok
20:49:46.0389 0x1604 diagnosticshub.standardcollector.service - ok
20:49:46.0389 0x1604 DiagTrack - ok
20:49:46.0389 0x1604 disk - ok
20:49:46.0389 0x1604 DmEnrollmentSvc - ok
20:49:46.0389 0x1604 dmvsc - ok
20:49:46.0389 0x1604 dmwappushservice - ok
20:49:46.0405 0x1604 Dnscache - ok
20:49:46.0405 0x1604 dot3svc - ok
20:49:46.0405 0x1604 DPS - ok
20:49:46.0405 0x1604 drmkaud - ok
20:49:46.0405 0x1604 DsmSvc - ok
20:49:46.0405 0x1604 DsSvc - ok
20:49:46.0420 0x1604 [ 1C894CE2570E8ACB2E5791D24E75BD7B, 1273DA3C9496A24279642E12B1BBE3C271DA0602BDE57AD168B1FEFCB343E4FF ] DTSAudioService C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
20:49:46.0420 0x1604 DTSAudioService - ok
20:49:46.0436 0x1604 DXGKrnl - ok
20:49:46.0436 0x1604 e1iexpress - ok
20:49:46.0436 0x1604 Eaphost - ok
20:49:46.0436 0x1604 ebdrv - ok
20:49:46.0436 0x1604 EFS - ok
20:49:46.0436 0x1604 EhStorClass - ok
20:49:46.0436 0x1604 EhStorTcgDrv - ok
20:49:46.0451 0x1604 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
20:49:46.0451 0x1604 ElbyCDIO - ok
20:49:46.0451 0x1604 embeddedmode - ok
20:49:46.0451 0x1604 EntAppSvc - ok
20:49:46.0451 0x1604 ErrDev - ok
20:49:46.0467 0x1604 EventSystem - ok
20:49:46.0467 0x1604 exfat - ok
20:49:46.0483 0x1604 [ 4DB4B4F470FBFC974E647B6A9A27D576, CAE4BEF5BCEE4CA0D107D1868F7001D60D959E985941748762A98B9FA6140808 ] EyeTV Netstream C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
20:49:46.0483 0x1604 EyeTV Netstream - ok
20:49:46.0498 0x1604 [ 827B751004EECA17DED6E4E505D6E4DC, A85B1919A5AE2FD9F5A40DAEDB93CD521333A5673A6BAA5FE22E92D2B35D0544 ] EyeTV_Sat_Free C:\WINDOWS\system32\DRIVERS\EyeTV_Sat_Free.sys
20:49:46.0498 0x1604 EyeTV_Sat_Free - ok
20:49:46.0498 0x1604 fastfat - ok
20:49:46.0514 0x1604 Fax - ok
20:49:46.0514 0x1604 fdc - ok
20:49:46.0514 0x1604 fdPHost - ok
20:49:46.0514 0x1604 FDResPub - ok
20:49:46.0514 0x1604 fhsvc - ok
20:49:46.0514 0x1604 FileCrypt - ok
20:49:46.0514 0x1604 FileInfo - ok
20:49:46.0514 0x1604 Filetrace - ok
20:49:46.0530 0x1604 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:49:46.0545 0x1604 FLEXnet Licensing Service - ok
20:49:46.0576 0x1604 [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:49:46.0592 0x1604 FLEXnet Licensing Service 64 - ok
20:49:46.0592 0x1604 flpydisk - ok
20:49:46.0608 0x1604 FltMgr - ok
20:49:46.0608 0x1604 FontCache - ok
20:49:46.0608 0x1604 FontCache3.0.0.0 - ok
20:49:46.0608 0x1604 FsDepends - ok
20:49:46.0608 0x1604 Fs_Rec - ok
20:49:46.0608 0x1604 fvevol - ok
20:49:46.0608 0x1604 gagp30kx - ok
20:49:46.0623 0x1604 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:49:46.0623 0x1604 GEARAspiWDM - ok
20:49:46.0623 0x1604 gencounter - ok
20:49:46.0623 0x1604 genericusbfn - ok
20:49:46.0623 0x1604 GPIOClx0101 - ok
20:49:46.0639 0x1604 gpsvc - ok
20:49:46.0639 0x1604 GpuEnergyDrv - ok
20:49:46.0639 0x1604 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:49:46.0639 0x1604 gupdate - ok
20:49:46.0655 0x1604 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:49:46.0655 0x1604 gupdatem - ok
20:49:46.0655 0x1604 HdAudAddService - ok
20:49:46.0655 0x1604 HDAudBus - ok
20:49:46.0670 0x1604 HidBatt - ok
20:49:46.0670 0x1604 HidBth - ok
20:49:46.0670 0x1604 hidi2c - ok
20:49:46.0670 0x1604 hidinterrupt - ok
20:49:46.0670 0x1604 HidIr - ok
20:49:46.0670 0x1604 hidserv - ok
20:49:46.0670 0x1604 HidUsb - ok
20:49:46.0686 0x1604 HomeGroupListener - ok
20:49:46.0686 0x1604 HomeGroupProvider - ok
20:49:46.0686 0x1604 HpSAMD - ok
20:49:46.0686 0x1604 HTTP - ok
20:49:46.0686 0x1604 hwpolicy - ok
20:49:46.0686 0x1604 hyperkbd - ok
20:49:46.0686 0x1604 HyperVideo - ok
20:49:46.0686 0x1604 i8042prt - ok
20:49:46.0701 0x1604 iaLPSSi_GPIO - ok
20:49:46.0701 0x1604 iaLPSSi_I2C - ok
20:49:46.0701 0x1604 iaStorAV - ok
20:49:46.0701 0x1604 [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:49:46.0701 0x1604 IAStorDataMgrSvc - ok
20:49:46.0717 0x1604 iaStorV - ok
20:49:46.0717 0x1604 ibbus - ok
20:49:46.0717 0x1604 icssvc - ok
20:49:46.0717 0x1604 IEEtwCollectorService - ok
20:49:46.0811 0x1604 [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:49:46.0920 0x1604 igfx - ok
20:49:46.0936 0x1604 [ 51516252DBBFED36F70B341DBA263167, 69F19C877AA64ABE9ADDE21CD9E3DE5E5F2E924A59217D3F0A558CF38CF1EDFD ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
20:49:46.0936 0x1604 IJPLMSVC - detected UnsignedFile.Multi.Generic ( 1 )
20:49:49.0498 0x1604 Detect skipped due to KSN trusted
20:49:49.0498 0x1604 IJPLMSVC - ok
20:49:49.0514 0x1604 IKEEXT - ok
20:49:49.0592 0x1604 [ CFF7673A716876C03AED20B2000EF0A6, 4FCE213852801DB1E5C43BD165D591A0F69DB1DFB320F8BBE7C1FF04CAEE4111 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:49:49.0670 0x1604 IntcAzAudAddService - ok
20:49:49.0670 0x1604 intelide - ok
20:49:49.0670 0x1604 intelpep - ok
20:49:49.0670 0x1604 intelppm - ok
20:49:49.0686 0x1604 IoQos - ok
20:49:49.0686 0x1604 IpFilterDriver - ok
20:49:49.0686 0x1604 iphlpsvc - ok
20:49:49.0686 0x1604 IPMIDRV - ok
20:49:49.0686 0x1604 IPNAT - ok
20:49:49.0702 0x1604 [ 043A93A498B3C4A88CACA3BCBC9B54C7, C08C5A03940806C6CB75ADDCBE6183145AD2AFE84D77BC85E620E7C1542F0893 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:49:49.0717 0x1604 iPod Service - ok
20:49:49.0717 0x1604 IRENUM - ok
20:49:49.0717 0x1604 isapnp - ok
20:49:49.0717 0x1604 iScsiPrt - ok
20:49:49.0733 0x1604 [ 79A55E8907F34AB569029505418C35EF, 2B97AD5800AD3F4467D30DC2F3E4A1614570D267231FBBD7C0251A2DC73402EF ] JRAID C:\WINDOWS\system32\drivers\jraid.sys
20:49:49.0733 0x1604 JRAID - ok
20:49:49.0733 0x1604 kbdclass - ok
20:49:49.0733 0x1604 kbdhid - ok
20:49:49.0748 0x1604 kdnic - ok
20:49:49.0748 0x1604 KeyIso - ok
20:49:49.0748 0x1604 KSecDD - ok
20:49:49.0748 0x1604 KSecPkg - ok
20:49:49.0748 0x1604 ksthunk - ok
20:49:49.0748 0x1604 KtmRm - ok
20:49:49.0748 0x1604 LanmanServer - ok
20:49:49.0764 0x1604 LanmanWorkstation - ok
20:49:49.0764 0x1604 lfsvc - ok
20:49:49.0764 0x1604 LicenseManager - ok
20:49:49.0764 0x1604 lltdio - ok
20:49:49.0764 0x1604 lltdsvc - ok
20:49:49.0764 0x1604 lmhosts - ok
20:49:49.0764 0x1604 LSI_SAS - ok
20:49:49.0780 0x1604 LSI_SAS2i - ok
20:49:49.0780 0x1604 LSI_SAS3i - ok
20:49:49.0780 0x1604 LSI_SSS - ok
20:49:49.0780 0x1604 LSM - ok
20:49:49.0780 0x1604 luafv - ok
20:49:49.0780 0x1604 MapsBroker - ok
20:49:49.0780 0x1604 megasas - ok
20:49:49.0795 0x1604 megasr - ok
20:49:49.0795 0x1604 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
20:49:49.0795 0x1604 MEIx64 - ok
20:49:49.0795 0x1604 mlx4_bus - ok
20:49:49.0795 0x1604 MMCSS - ok
20:49:49.0811 0x1604 Modem - ok
20:49:49.0811 0x1604 monitor - ok
20:49:49.0811 0x1604 mouclass - ok
20:49:49.0811 0x1604 mouhid - ok
20:49:49.0811 0x1604 mountmgr - ok
20:49:49.0811 0x1604 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:49:49.0827 0x1604 MozillaMaintenance - ok
20:49:49.0827 0x1604 mpsdrv - ok
20:49:49.0827 0x1604 MpsSvc - ok
20:49:49.0827 0x1604 MQAC - ok
20:49:49.0842 0x1604 MRxDAV - ok
20:49:49.0842 0x1604 mrxsmb - ok
20:49:49.0842 0x1604 mrxsmb10 - ok
20:49:49.0842 0x1604 mrxsmb20 - ok
20:49:49.0842 0x1604 MsBridge - ok
20:49:49.0842 0x1604 MSDTC - ok
20:49:49.0842 0x1604 Msfs - ok
20:49:49.0858 0x1604 msgpiowin32 - ok
20:49:49.0858 0x1604 mshidkmdf - ok
20:49:49.0858 0x1604 mshidumdf - ok
20:49:49.0858 0x1604 msisadrv - ok
20:49:49.0858 0x1604 MSiSCSI - ok
20:49:49.0858 0x1604 msiserver - ok
20:49:49.0858 0x1604 MSKSSRV - ok
20:49:49.0873 0x1604 MsLldp - ok
20:49:49.0873 0x1604 MSMQ - ok
20:49:49.0873 0x1604 MSPCLOCK - ok
20:49:49.0873 0x1604 MSPQM - ok
20:49:49.0873 0x1604 MsRPC - ok
20:49:49.0873 0x1604 mssmbios - ok
20:49:49.0873 0x1604 MSTEE - ok
20:49:49.0889 0x1604 MTConfig - ok
20:49:49.0889 0x1604 Mup - ok
20:49:49.0889 0x1604 [ 64E2336100283CB4054EB174E195ACEC, 666C5189A920FDB30D209ECB856D875F4752D1B70C666E831D538DE6EB380332 ] mv61xx C:\WINDOWS\system32\drivers\mv61xx.sys
20:49:49.0905 0x1604 mv61xx - ok
20:49:49.0905 0x1604 [ A986DC81534582FA478C286E8F57A877, E4605C0F95474C9CEB7630A1DB4D62D810A4D4797FFFAC2D175693DA5C76DEC5 ] mvs91xx C:\WINDOWS\system32\drivers\mvs91xx.sys
20:49:49.0920 0x1604 mvs91xx - ok
20:49:49.0920 0x1604 mvumis - ok
20:49:49.0920 0x1604 NativeWifiP - ok
20:49:49.0920 0x1604 NcaSvc - ok
20:49:49.0936 0x1604 NcbService - ok
20:49:49.0936 0x1604 NcdAutoSetup - ok
20:49:49.0936 0x1604 ndfltr - ok
20:49:49.0936 0x1604 NDIS - ok
20:49:49.0936 0x1604 NdisCap - ok
20:49:49.0936 0x1604 NdisImPlatform - ok
20:49:49.0936 0x1604 NdisTapi - ok
20:49:49.0936 0x1604 Ndisuio - ok
20:49:49.0952 0x1604 NdisVirtualBus - ok
20:49:49.0952 0x1604 NdisWan - ok
20:49:49.0952 0x1604 ndiswanlegacy - ok
20:49:49.0952 0x1604 ndproxy - ok
20:49:49.0952 0x1604 Ndu - ok
20:49:49.0952 0x1604 NetBIOS - ok
20:49:49.0967 0x1604 NetBT - ok
20:49:49.0967 0x1604 Netlogon - ok
20:49:49.0967 0x1604 Netman - ok
20:49:49.0967 0x1604 NetMsmqActivator - ok
20:49:49.0967 0x1604 NetPipeActivator - ok
20:49:49.0967 0x1604 netprofm - ok
20:49:49.0967 0x1604 NetSetupSvc - ok
20:49:49.0983 0x1604 NetTcpActivator - ok
20:49:49.0983 0x1604 NetTcpPortSharing - ok
20:49:49.0983 0x1604 netvsc - ok
20:49:49.0983 0x1604 NgcCtnrSvc - ok
20:49:49.0983 0x1604 NgcSvc - ok
20:49:49.0983 0x1604 NlaSvc - ok
20:49:49.0983 0x1604 Npfs - ok
20:49:49.0999 0x1604 npsvctrig - ok
20:49:49.0999 0x1604 nsi - ok
20:49:49.0999 0x1604 nsiproxy - ok
20:49:49.0999 0x1604 NTFS - ok
20:49:49.0999 0x1604 Null - ok
20:49:50.0014 0x1604 [ 598E707D7053535D2BCD9F7779D15AB7, A8709F1123758D73C9C616003F7502CCE485A6DD23EF82B211AA7AE4FCC3C314 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
20:49:50.0014 0x1604 NVHDA - ok
20:49:50.0186 0x1604 [ 1BAA8D6913574F87F5983294A076631D, 9B6D4E9E8DECC6A2D788ED1CF629A0713708BB3788B4AC43902B8B5E180166C8 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:49:50.0374 0x1604 nvlddmkm - ok
20:49:50.0389 0x1604 nvraid - ok
20:49:50.0389 0x1604 nvstor - ok
20:49:50.0405 0x1604 [ 90566025EFD5BA4005A5C9A2773B230B, 9075981E7020250E38D25C046E39C69B252B46888A9F6F749FF50FB442907E37 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
20:49:50.0436 0x1604 nvsvc - ok
20:49:50.0467 0x1604 [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:49:50.0483 0x1604 nvUpdatusService - ok
20:49:50.0499 0x1604 nv_agp - ok
20:49:50.0499 0x1604 OneSyncSvc - ok
20:49:50.0499 0x1604 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:49:50.0514 0x1604 ose - ok
20:49:50.0608 0x1604 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:49:50.0686 0x1604 osppsvc - ok
20:49:50.0702 0x1604 p2pimsvc - ok
20:49:50.0702 0x1604 p2psvc - ok
20:49:50.0702 0x1604 Parport - ok
20:49:50.0702 0x1604 partmgr - ok
20:49:50.0702 0x1604 PcaSvc - ok
20:49:50.0717 0x1604 pci - ok
20:49:50.0717 0x1604 pciide - ok
20:49:50.0717 0x1604 pcmcia - ok
20:49:50.0717 0x1604 pcw - ok
20:49:50.0717 0x1604 pdc - ok
20:49:50.0717 0x1604 PEAUTH - ok
20:49:50.0717 0x1604 PeerDistSvc - ok
20:49:50.0733 0x1604 percsas2i - ok
20:49:50.0733 0x1604 percsas3i - ok
20:49:50.0749 0x1604 PerfHost - ok
20:49:50.0749 0x1604 PimIndexMaintenanceSvc - ok
20:49:50.0749 0x1604 pla - ok
20:49:50.0764 0x1604 PlugPlay - ok
20:49:50.0764 0x1604 PNRPAutoReg - ok
20:49:50.0764 0x1604 PNRPsvc - ok
20:49:50.0764 0x1604 PolicyAgent - ok
20:49:50.0764 0x1604 Power - ok
20:49:50.0764 0x1604 PptpMiniport - ok
20:49:50.0780 0x1604 PrintNotify - ok
20:49:50.0780 0x1604 Processor - ok
20:49:50.0780 0x1604 ProfSvc - ok
20:49:50.0780 0x1604 Psched - ok
20:49:50.0795 0x1604 QWAVE - ok
20:49:50.0795 0x1604 QWAVEdrv - ok
20:49:50.0795 0x1604 RasAcd - ok
20:49:50.0795 0x1604 RasAgileVpn - ok
20:49:50.0795 0x1604 RasAuto - ok
20:49:50.0795 0x1604 Rasl2tp - ok
20:49:50.0795 0x1604 RasMan - ok
20:49:50.0795 0x1604 RasPppoe - ok
20:49:50.0811 0x1604 RasSstp - ok
20:49:50.0811 0x1604 rdbss - ok
20:49:50.0811 0x1604 rdpbus - ok
20:49:50.0811 0x1604 RDPDR - ok
20:49:50.0811 0x1604 RdpVideoMiniport - ok
20:49:50.0827 0x1604 rdyboost - ok
20:49:50.0827 0x1604 ReFSv1 - ok
20:49:50.0827 0x1604 RemoteAccess - ok
20:49:50.0827 0x1604 RemoteRegistry - ok
20:49:50.0827 0x1604 RetailDemo - ok
20:49:50.0827 0x1604 RFCOMM - ok
20:49:50.0827 0x1604 RpcEptMapper - ok
20:49:50.0842 0x1604 RpcLocator - ok
20:49:50.0842 0x1604 RpcSs - ok
20:49:50.0842 0x1604 rspndr - ok
20:49:50.0842 0x1604 rt640x64 - ok
20:49:50.0842 0x1604 s3cap - ok
20:49:50.0842 0x1604 SamSs - ok
20:49:50.0842 0x1604 sbp2port - ok
20:49:50.0842 0x1604 SCardSvr - ok
20:49:50.0858 0x1604 ScDeviceEnum - ok
20:49:50.0858 0x1604 scfilter - ok
20:49:50.0858 0x1604 Schedule - ok
20:49:50.0858 0x1604 SCPolicySvc - ok
20:49:50.0858 0x1604 sdbus - ok
20:49:50.0858 0x1604 SDRSVC - ok
20:49:50.0858 0x1604 sdstor - ok
20:49:50.0874 0x1604 seclogon - ok
20:49:50.0874 0x1604 SENS - ok
20:49:50.0874 0x1604 SensorDataService - ok
20:49:50.0874 0x1604 SensorService - ok
20:49:50.0874 0x1604 SensrSvc - ok
20:49:50.0874 0x1604 SerCx - ok
20:49:50.0874 0x1604 SerCx2 - ok
20:49:50.0874 0x1604 Serenum - ok
20:49:50.0889 0x1604 Serial - ok
20:49:50.0889 0x1604 sermouse - ok
20:49:50.0889 0x1604 SessionEnv - ok
20:49:50.0889 0x1604 sfloppy - ok
20:49:50.0889 0x1604 SharedAccess - ok
20:49:50.0905 0x1604 ShellHWDetection - ok
20:49:50.0905 0x1604 SiSRaid2 - ok
20:49:50.0905 0x1604 SiSRaid4 - ok
20:49:50.0905 0x1604 smphost - ok
20:49:50.0905 0x1604 SmsRouter - ok
20:49:50.0920 0x1604 SNMPTRAP - ok
20:49:50.0920 0x1604 spaceport - ok
20:49:50.0920 0x1604 SpbCx - ok
20:49:50.0920 0x1604 Spooler - ok
20:49:50.0920 0x1604 sppsvc - ok
20:49:50.0920 0x1604 srv - ok
20:49:50.0920 0x1604 srv2 - ok
20:49:50.0920 0x1604 srvnet - ok
20:49:50.0936 0x1604 SSDPSRV - ok
20:49:50.0936 0x1604 SstpSvc - ok
20:49:50.0936 0x1604 StateRepository - ok
20:49:50.0952 0x1604 [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:49:50.0952 0x1604 Stereo Service - ok
20:49:50.0967 0x1604 stexstor - ok
20:49:50.0967 0x1604 [ 7C4D2F167FA6153B4FE7145FE6D3DF15, F39ED9CDF323DDC57D0F64F9CC121E911EA53819A3A941A2F6EA557C35FCB372 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
20:49:50.0983 0x1604 StillCam - ok
20:49:50.0983 0x1604 stisvc - ok
20:49:50.0983 0x1604 storahci - ok
20:49:50.0983 0x1604 storflt - ok
20:49:50.0983 0x1604 stornvme - ok
20:49:50.0983 0x1604 storqosflt - ok
20:49:50.0983 0x1604 StorSvc - ok
20:49:50.0999 0x1604 storufs - ok
20:49:50.0999 0x1604 storvsc - ok
20:49:50.0999 0x1604 svsvc - ok
20:49:51.0014 0x1604 swenum - ok
20:49:51.0014 0x1604 swprv - ok
20:49:51.0014 0x1604 Synth3dVsc - ok
20:49:51.0014 0x1604 SysMain - ok
20:49:51.0014 0x1604 SystemEventsBroker - ok
20:49:51.0014 0x1604 TabletInputService - ok
20:49:51.0030 0x1604 TapiSrv - ok
20:49:51.0030 0x1604 Tcpip - ok
20:49:51.0030 0x1604 Tcpip6 - ok
20:49:51.0030 0x1604 tcpipreg - ok
20:49:51.0030 0x1604 tdx - ok
20:49:51.0030 0x1604 terminpt - ok
20:49:51.0045 0x1604 TermService - ok
20:49:51.0045 0x1604 Themes - ok
20:49:51.0045 0x1604 tiledatamodelsvc - ok
20:49:51.0045 0x1604 TimeBroker - ok
20:49:51.0045 0x1604 TPM - ok
20:49:51.0045 0x1604 TrkWks - ok
20:49:51.0045 0x1604 TrustedInstaller - ok
20:49:51.0061 0x1604 TsUsbFlt - ok
20:49:51.0061 0x1604 TsUsbGD - ok
20:49:51.0061 0x1604 tunnel - ok
20:49:51.0061 0x1604 uagp35 - ok
20:49:51.0061 0x1604 UASPStor - ok
20:49:51.0061 0x1604 UcmCx0101 - ok
20:49:51.0061 0x1604 UcmUcsi - ok
20:49:51.0061 0x1604 Ucx01000 - ok
20:49:51.0077 0x1604 UdeCx - ok
20:49:51.0077 0x1604 udfs - ok
20:49:51.0077 0x1604 UEFI - ok
20:49:51.0077 0x1604 Ufx01000 - ok
20:49:51.0077 0x1604 UfxChipidea - ok
20:49:51.0077 0x1604 ufxsynopsys - ok
20:49:51.0092 0x1604 UI0Detect - ok
20:49:51.0092 0x1604 uliagpkx - ok
20:49:51.0092 0x1604 umbus - ok
20:49:51.0092 0x1604 UmPass - ok
20:49:51.0092 0x1604 UmRdpService - ok
20:49:51.0092 0x1604 UnistoreSvc - ok
20:49:51.0092 0x1604 upnphost - ok
20:49:51.0108 0x1604 UrsChipidea - ok
20:49:51.0108 0x1604 UrsCx01000 - ok
20:49:51.0108 0x1604 UrsSynopsys - ok
20:49:51.0108 0x1604 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:49:51.0124 0x1604 USBAAPL64 - ok
20:49:51.0124 0x1604 usbccgp - ok
20:49:51.0124 0x1604 usbcir - ok
20:49:51.0124 0x1604 usbehci - ok
20:49:51.0124 0x1604 usbhub - ok
20:49:51.0139 0x1604 USBHUB3 - ok
20:49:51.0139 0x1604 usbohci - ok
20:49:51.0139 0x1604 usbprint - ok
20:49:51.0139 0x1604 [ 923CA145CD0A9DFBA4CBBA60AB684C2C, EFAA1E730802490E9A53718D70484832A38345FE0A670937FC546FD245DF2CC9 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:49:51.0155 0x1604 usbscan - ok
20:49:51.0155 0x1604 usbser - ok
20:49:51.0155 0x1604 USBSTOR - ok
20:49:51.0155 0x1604 usbuhci - ok
20:49:51.0170 0x1604 USBXHCI - ok
20:49:51.0170 0x1604 UserDataSvc - ok
20:49:51.0170 0x1604 UserManager - ok
20:49:51.0170 0x1604 UsoSvc - ok
20:49:51.0170 0x1604 VaultSvc - ok
20:49:51.0170 0x1604 [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\WINDOWS\System32\drivers\VClone.sys
20:49:51.0186 0x1604 VClone - ok
20:49:51.0186 0x1604 vdrvroot - ok
20:49:51.0186 0x1604 vds - ok
20:49:51.0186 0x1604 VerifierExt - ok
20:49:51.0186 0x1604 vhdmp - ok
20:49:51.0202 0x1604 vhf - ok
20:49:51.0202 0x1604 vmbus - ok
20:49:51.0202 0x1604 VMBusHID - ok
20:49:51.0202 0x1604 vmicguestinterface - ok
20:49:51.0202 0x1604 vmicheartbeat - ok
20:49:51.0202 0x1604 vmickvpexchange - ok
20:49:51.0202 0x1604 vmicrdv - ok
20:49:51.0217 0x1604 vmicshutdown - ok
20:49:51.0217 0x1604 vmictimesync - ok
20:49:51.0217 0x1604 vmicvmsession - ok
20:49:51.0217 0x1604 vmicvss - ok
20:49:51.0217 0x1604 volmgr - ok
20:49:51.0217 0x1604 volmgrx - ok
20:49:51.0217 0x1604 volsnap - ok
20:49:51.0217 0x1604 vpci - ok
20:49:51.0233 0x1604 vsmraid - ok
20:49:51.0233 0x1604 VSS - ok
20:49:51.0233 0x1604 VSTXRAID - ok
20:49:51.0233 0x1604 vwifibus - ok
20:49:51.0233 0x1604 vwififlt - ok
20:49:51.0233 0x1604 W32Time - ok
20:49:51.0233 0x1604 w3logsvc - ok
20:49:51.0249 0x1604 W3SVC - ok
20:49:51.0249 0x1604 WacomPen - ok
20:49:51.0249 0x1604 WalletService - ok
20:49:51.0249 0x1604 wanarp - ok
20:49:51.0249 0x1604 wanarpv6 - ok
20:49:51.0249 0x1604 WAS - ok
20:49:51.0249 0x1604 wbengine - ok
20:49:51.0264 0x1604 WbioSrvc - ok
20:49:51.0264 0x1604 Wcmsvc - ok
20:49:51.0264 0x1604 wcncsvc - ok
20:49:51.0264 0x1604 WcsPlugInService - ok
20:49:51.0264 0x1604 WdBoot - ok
20:49:51.0264 0x1604 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam64.sys
20:49:51.0280 0x1604 WDC_SAM - detected UnsignedFile.Multi.Generic ( 1 )
20:49:53.0858 0x1604 Detect skipped due to KSN trusted
20:49:53.0858 0x1604 WDC_SAM - ok
20:49:53.0858 0x1604 Wdf01000 - ok
20:49:53.0858 0x1604 WdFilter - ok
20:49:53.0874 0x1604 WdiServiceHost - ok
20:49:53.0874 0x1604 WdiSystemHost - ok
20:49:53.0874 0x1604 wdiwifi - ok
20:49:53.0874 0x1604 WdNisDrv - ok
20:49:53.0874 0x1604 WdNisSvc - ok
20:49:53.0874 0x1604 WebClient - ok
20:49:53.0889 0x1604 Wecsvc - ok
20:49:53.0889 0x1604 WEPHOSTSVC - ok
20:49:53.0889 0x1604 wercplsupport - ok
20:49:53.0889 0x1604 WerSvc - ok
20:49:53.0889 0x1604 wfpcapture - ok
20:49:53.0889 0x1604 WFPLWFS - ok
20:49:53.0889 0x1604 WiaRpc - ok
20:49:53.0905 0x1604 WIMMount - ok
20:49:53.0905 0x1604 WinDefend - ok
20:49:53.0905 0x1604 WindowsTrustedRT - ok
20:49:53.0905 0x1604 WindowsTrustedRTProxy - ok
20:49:53.0905 0x1604 WinHttpAutoProxySvc - ok
20:49:53.0905 0x1604 WinMad - ok
20:49:53.0921 0x1604 Winmgmt - ok
20:49:53.0921 0x1604 WinRM - ok
20:49:53.0921 0x1604 WINUSB - ok
20:49:53.0921 0x1604 WinVerbs - ok
20:49:53.0921 0x1604 WlanSvc - ok
20:49:53.0936 0x1604 wlidsvc - ok
20:49:53.0936 0x1604 WmiAcpi - ok
20:49:53.0936 0x1604 wmiApSrv - ok
20:49:53.0936 0x1604 WMPNetworkSvc - ok
20:49:53.0936 0x1604 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
20:49:53.0952 0x1604 Wof - ok
20:49:53.0952 0x1604 workfolderssvc - ok
20:49:53.0968 0x1604 wpcfltr - ok
20:49:53.0968 0x1604 WPDBusEnum - ok
20:49:53.0968 0x1604 WpdUpFltr - ok
20:49:53.0968 0x1604 WpnService - ok
20:49:53.0968 0x1604 ws2ifsl - ok
20:49:53.0968 0x1604 wscsvc - ok
20:49:53.0983 0x1604 WSDPrintDevice - ok
20:49:53.0983 0x1604 WSDScan - ok
20:49:53.0983 0x1604 WSearch - ok
20:49:53.0983 0x1604 WSService - ok
20:49:53.0983 0x1604 wuauserv - ok
20:49:53.0983 0x1604 WudfPf - ok
20:49:53.0983 0x1604 WUDFRd - ok
20:49:53.0999 0x1604 wudfsvc - ok
20:49:53.0999 0x1604 WUDFWpdFs - ok
20:49:53.0999 0x1604 WUDFWpdMtp - ok
20:49:53.0999 0x1604 WwanSvc - ok
20:49:53.0999 0x1604 XblAuthManager - ok
20:49:53.0999 0x1604 XblGameSave - ok
20:49:53.0999 0x1604 xboxgip - ok
20:49:54.0014 0x1604 XboxNetApiSvc - ok
20:49:54.0014 0x1604 xinputhid - ok
20:49:54.0014 0x1604 ================ Scan global ===============================
20:49:54.0014 0x1604 [ Global ] - ok
20:49:54.0014 0x1604 ================ Scan MBR ==================================
20:49:54.0030 0x1604 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:49:54.0077 0x1604 \Device\Harddisk1\DR1 - ok
20:49:54.0093 0x1604 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:49:54.0139 0x1604 \Device\Harddisk0\DR0 - ok
20:49:54.0139 0x1604 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk3\DR6
20:49:56.0436 0x08a8 Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost
20:49:59.0046 0x08a8 Object send P2P result: true
20:50:09.0328 0x1604 \Device\Harddisk3\DR6 - ok
20:50:09.0328 0x1604 ================ Scan VBR ==================================
20:50:09.0328 0x1604 [ 973DDF31079870D593DC55370A3CB556 ] \Device\Harddisk1\DR1\Partition1
20:50:09.0391 0x1604 \Device\Harddisk1\DR1\Partition1 - ok
20:50:09.0391 0x1604 [ EBBC691C6069DC9B364010CF52A544AD ] \Device\Harddisk0\DR0\Partition1
20:50:09.0391 0x1604 \Device\Harddisk0\DR0\Partition1 - ok
20:50:09.0406 0x1604 [ 1AB3A1643810DD57038726C815B7C13E ] \Device\Harddisk0\DR0\Partition2
20:50:09.0406 0x1604 \Device\Harddisk0\DR0\Partition2 - ok
20:50:09.0406 0x1604 [ DDE13821C97AA8CDAE7690EC527D80CE ] \Device\Harddisk3\DR6\Partition1
20:50:09.0406 0x1604 \Device\Harddisk3\DR6\Partition1 - ok
20:50:09.0406 0x1604 ================ Scan generic autorun ======================
20:50:09.0406 0x1604 [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\WINDOWS\system32\igfxtray.exe
20:50:09.0422 0x1604 IgfxTray - ok
20:50:09.0438 0x1604 [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\WINDOWS\system32\hkcmd.exe
20:50:09.0453 0x1604 HotKeysCmds - ok
20:50:09.0453 0x1604 [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\WINDOWS\system32\igfxpers.exe
20:50:09.0469 0x1604 Persistence - ok
20:50:09.0469 0x1604 AtherosBtStack - ok
20:50:09.0484 0x1604 [ A1D17BD52F1A2E387EEE1C6543AC2671, AC33526CD009790C2EC229F1F87C8B7BDCEF12A281953CC92B124014B00361B1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
20:50:09.0500 0x1604 AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
20:50:12.0063 0x1604 Detect skipped due to KSN trusted
20:50:12.0063 0x1604 AthBtTray - ok
20:50:12.0125 0x1604 [ C902E1F9ADE0A77B4AA6BB124A9589C8, EA4F9B234780241248AE3AB791A0DBD44B8C96F75A44C9B6856B4E94068B2C47 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
20:50:12.0172 0x1604 CanonMyPrinter - ok
20:50:12.0313 0x1604 [ 7B9FC09115322E2F781B80592CF24CE4, 4CA9565667695E940A48CD08675F25969485491FBABF4073D7A181C1C4AD33A1 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:50:12.0469 0x1604 RTHDVCPL - ok
20:50:12.0500 0x1604 [ 4FE3D28F99BCA7976C04E7985BAE7BC2, 3371734E66FB55F4E9883D7DEAE9429938724D8B576726298E524F3787E180F1 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:50:12.0532 0x1604 RtHDVBg_DTS - ok
20:50:12.0532 0x1604 [ 1BF113E377E570DB915EE7D228E594D6, FF4D198D412CA21C49E0A3E6FE52EAD69786B305429095B5BD25CB4FAFD33B51 ] C:\Program Files\iTunes\iTunesHelper.exe
20:50:12.0547 0x1604 iTunesHelper - ok
20:50:12.0547 0x1604 [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
20:50:12.0563 0x1604 IAStorIcon - ok
20:50:12.0563 0x1604 [ FC77F245431D4DA5A9E2A53F3A14B162, 5D45F1AD5492703861873A38FE87F4B8EBBD2DEE3DCFB075D35A362212DF9B04 ] C:\Windows\RaidTool\xInsIDE.exe
20:50:12.0563 0x1604 JMB36X IDE Setup - ok
20:50:12.0563 0x1604 [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
20:50:12.0579 0x1604 NUSB3MON - ok
20:50:12.0594 0x1604 [ A3A9E5888143F3DAB803B007393D791F, 42435F0AF4C942F4F05EB80B36188951A8BEAB3E50F67FCDB1FF8B52A04890C0 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
20:50:12.0610 0x1604 AdobeCS4ServiceManager - ok
20:50:12.0610 0x1604 [ AEB3E8A6308604C3490A36D06D6685DC, CAFAE7697261CDA6934E324FC45D893BB452F23A1196FECC6930B72FFA8A2738 ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
20:50:12.0625 0x1604 Adobe Acrobat Speed Launcher - ok
20:50:12.0641 0x1604 [ B41D1BDB8673873AB25B7540E9B433F1, 846D9541C1260FB9425AF22C1753FD3C9F27D369DD43E51EBE5C8BBB02633E4A ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
20:50:12.0641 0x1604 Acrobat Assistant 8.0 - ok
20:50:12.0657 0x1604 [ 5E5637173FDD195AD51F0C7223CA1D29, 4D2A3CFF3273F0074540F4AFD957742F76D3F01C35272A42985A825651BA17E4 ] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
20:50:12.0672 0x1604 Adobe_ID0ENQBO - ok
20:50:12.0688 0x1604 [ EE476C51FE76EAAA1496446B97ED7F5E, 1ECF454A38A6BDE5DD93AD3F09DCCBD36F748F23094F31FC2EB50A1FA7D9BED1 ] C:\Program Files (x86)\QNAP\NetBak\NetBak.exe
20:50:12.0704 0x1604 QNAP_NASNetBak - detected UnsignedFile.Multi.Generic ( 1 )
20:50:15.0266 0x1604 Detect skipped due to KSN trusted
20:50:15.0266 0x1604 QNAP_NASNetBak - ok
20:50:15.0282 0x1604 [ 9F3B239443E7AF5840454D8D3A0772CF, 82E135AA844B3170D030CE27259BF7BACBA1FA18670C10B74BD3F402CA9AD29E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:50:15.0282 0x1604 APSDaemon - ok
20:50:15.0298 0x1604 [ 2A21FE60A9BC5247BD8C57409A2B97F8, 6C9851684FB90AB6038A326F4B362C1948DF2173063CA198DCEAEA6BFAC636E0 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
20:50:15.0298 0x1604 VirtualCloneDrive - ok
20:50:15.0313 0x1604 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:50:15.0344 0x1604 avgnt - ok
20:50:15.0344 0x1604 [ A8E69DA21AEEB9DAA55D90E87AC1A549, 175AF750A1DF53555D0CB6C61312CEE37E2CB182873041A8AE38C57EA01DC2F5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
20:50:15.0344 0x1604 Avira SystrayStartTrigger - ok
20:50:15.0360 0x1604 [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:50:15.0376 0x1604 SunJavaUpdateSched - ok
20:50:15.0391 0x1604 [ 247FD3171B3E08CFCC8ACB540818CA15, 7F1195A40187C04CEE532B258421A3422AACA16BE54FD55F12966DC00FDBDCC4 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
20:50:15.0407 0x1604 IJNetworkScannerSelectorEX - ok
20:50:15.0423 0x1604 [ 363D0C08A159AE50E38F662E16483B50, 340010E6CF05B274D53730642B96F6A83045501D5E276A88D3AA7FB465B955E1 ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
20:50:15.0454 0x1604 CanonQuickMenu - ok
20:50:15.0469 0x1604 OneDriveSetup - ok
20:50:15.0469 0x1604 OneDriveSetup - ok
20:50:15.0501 0x1604 [ 406C301F96669A813B25FB1A20A188AB, 87587C0F90A96754EF067592B98E83690FDF62C2B6AAE44AF9CBBE54599A424A ] C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
20:50:15.0563 0x1604 Remote Control Editor - detected UnsignedFile.Multi.Generic ( 1 )
20:50:18.0470 0x1604 Detect skipped due to KSN trusted
20:50:18.0470 0x1604 Remote Control Editor - ok
20:50:18.0501 0x1604 [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\Armin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
20:50:18.0517 0x1604 Dropbox Update - ok
20:50:18.0532 0x1604 [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Armin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:50:18.0548 0x1604 OneDrive - ok
20:50:18.0548 0x1604 OneDriveSetup - ok
20:50:18.0548 0x1604 WAB Migrate - ok
20:50:18.0548 0x1604 OneDriveSetup - ok
20:50:18.0548 0x1604 WAB Migrate - ok
20:50:18.0548 0x1604 OneDriveSetup - ok
20:50:18.0548 0x1604 WAB Migrate - ok
20:50:18.0548 0x1604 OneDriveSetup - ok
20:50:18.0548 0x1604 Waiting for KSN requests completion. In queue: 23
20:50:19.0564 0x1604 Waiting for KSN requests completion. In queue: 23
20:50:20.0564 0x1604 Waiting for KSN requests completion. In queue: 23
20:50:21.0158 0x09fc Object required for P2P: [ 7B9FC09115322E2F781B80592CF24CE4 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:50:21.0564 0x1604 Waiting for KSN requests completion. In queue: 19
20:50:22.0579 0x1604 Waiting for KSN requests completion. In queue: 19
20:50:23.0580 0x1604 Waiting for KSN requests completion. In queue: 19
20:50:23.0658 0x09fc Object send P2P result: true
20:50:24.0595 0x1604 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
20:50:24.0611 0x1604 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x62100 ( disabled : updated )
20:50:24.0611 0x1604 Win FW state via NFP2: enabled ( trusted )
20:50:27.0111 0x1604 ============================================================
20:50:27.0111 0x1604 Scan finished
20:50:27.0111 0x1604 ============================================================
20:50:27.0111 0x1254 Detected object count: 0
20:50:27.0111 0x1254 Actual detected object count: 0
|
|
22.11.2015, 07:32
| #4 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung Bedep Gleichen Satz Logfiles vom nächsten Rechner bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.11.2015, 10:43
| #5 |
| | Telekom Abuse-Meldung Bedep Moin,moin, beim nächsten Rechner wurde der Virenscanner auch fündig und hat nach Reboot was gelöscht: Code:
ATTFilter Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 20. November 2015 19:21
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : Armin
Computername : T430
Versionsinformationen:
BUILD.DAT : 15.0.13.210 92152 Bytes 05.10.2015 15:51:00
AVSCAN.EXE : 15.0.13.202 1183208 Bytes 15.10.2015 11:22:11
AVSCANRC.DLL : 15.0.13.158 67688 Bytes 15.10.2015 11:22:11
LUKE.DLL : 15.0.13.190 69248 Bytes 15.10.2015 11:24:52
AVSCPLR.DLL : 15.0.13.202 106352 Bytes 15.10.2015 11:22:11
REPAIR.DLL : 15.0.13.193 517328 Bytes 15.10.2015 11:22:06
REPAIR.RDF : 1.0.12.6 1282434 Bytes 16.11.2015 18:12:21
AVREG.DLL : 15.0.13.193 339632 Bytes 15.10.2015 11:22:04
AVLODE.DLL : 15.0.13.193 633688 Bytes 15.10.2015 11:21:55
AVLODE.RDF : 14.0.5.6 84211 Bytes 31.08.2015 15:06:30
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:44
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:45
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:45
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:45
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:45
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:45
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 08:35:45
XBV00247.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00248.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00249.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00250.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00251.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00252.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00253.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00254.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:43
XBV00255.VDF : 8.12.21.126 2048 Bytes 27.10.2015 11:38:44
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:16:59
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:16:59
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 09:16:59
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:16:59
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 09:16:59
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 09:16:59
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 09:16:59
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 17:07:42
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 08:35:42
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 15:29:32
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 13:50:06
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 14:30:16
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 15:31:02
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 17:53:01
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 18:26:56
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 18:03:01
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 17:58:09
XBV00017.VDF : 8.11.219.166 2033664 Bytes 25.03.2015 17:54:55
XBV00018.VDF : 8.11.225.88 2367488 Bytes 22.04.2015 11:09:17
XBV00019.VDF : 8.11.230.186 1674752 Bytes 13.05.2015 19:38:55
XBV00020.VDF : 8.11.237.30 4711936 Bytes 02.06.2015 11:52:10
XBV00021.VDF : 8.11.243.12 2747904 Bytes 26.06.2015 13:56:31
XBV00022.VDF : 8.11.248.172 2350592 Bytes 17.07.2015 08:45:51
XBV00023.VDF : 8.11.254.112 2570752 Bytes 07.08.2015 12:46:45
XBV00024.VDF : 8.12.3.6 2196480 Bytes 27.08.2015 13:18:43
XBV00025.VDF : 8.12.8.238 1951232 Bytes 16.09.2015 16:26:25
XBV00026.VDF : 8.12.16.180 2211328 Bytes 07.10.2015 09:37:26
XBV00027.VDF : 8.12.21.126 2252288 Bytes 27.10.2015 11:37:24
XBV00042.VDF : 8.12.21.128 20992 Bytes 27.10.2015 11:37:24
XBV00043.VDF : 8.12.21.130 19456 Bytes 27.10.2015 11:37:25
XBV00044.VDF : 8.12.21.132 30208 Bytes 28.10.2015 11:37:26
XBV00045.VDF : 8.12.21.136 31744 Bytes 28.10.2015 11:37:28
XBV00046.VDF : 8.12.21.138 18432 Bytes 28.10.2015 11:37:29
XBV00047.VDF : 8.12.21.140 2048 Bytes 28.10.2015 11:37:29
XBV00048.VDF : 8.12.21.170 35328 Bytes 28.10.2015 11:37:30
XBV00049.VDF : 8.12.21.208 2048 Bytes 28.10.2015 10:00:37
XBV00050.VDF : 8.12.21.210 23040 Bytes 28.10.2015 10:00:37
XBV00051.VDF : 8.12.21.238 47616 Bytes 28.10.2015 10:00:38
XBV00052.VDF : 8.12.22.10 2048 Bytes 28.10.2015 10:00:38
XBV00053.VDF : 8.12.22.38 12288 Bytes 28.10.2015 10:00:38
XBV00054.VDF : 8.12.22.40 2048 Bytes 28.10.2015 10:00:38
XBV00055.VDF : 8.12.22.68 30720 Bytes 28.10.2015 10:00:39
XBV00056.VDF : 8.12.22.70 2048 Bytes 28.10.2015 10:00:39
XBV00057.VDF : 8.12.22.72 8704 Bytes 28.10.2015 10:00:39
XBV00058.VDF : 8.12.22.74 2560 Bytes 28.10.2015 10:00:39
XBV00059.VDF : 8.12.22.76 2048 Bytes 28.10.2015 10:00:39
XBV00060.VDF : 8.12.22.80 4608 Bytes 29.10.2015 10:00:39
XBV00061.VDF : 8.12.22.82 2048 Bytes 29.10.2015 10:00:39
XBV00062.VDF : 8.12.22.84 14848 Bytes 29.10.2015 10:00:39
XBV00063.VDF : 8.12.22.90 82432 Bytes 29.10.2015 10:00:40
XBV00064.VDF : 8.12.22.92 2048 Bytes 29.10.2015 10:00:40
XBV00065.VDF : 8.12.22.96 22528 Bytes 29.10.2015 10:00:41
XBV00066.VDF : 8.12.22.98 2048 Bytes 29.10.2015 10:00:41
XBV00067.VDF : 8.12.22.102 60928 Bytes 30.10.2015 10:00:41
XBV00068.VDF : 8.12.22.126 9216 Bytes 30.10.2015 10:00:41
XBV00069.VDF : 8.12.22.146 6656 Bytes 30.10.2015 10:00:42
XBV00070.VDF : 8.12.22.166 25088 Bytes 30.10.2015 12:00:17
XBV00071.VDF : 8.12.22.190 23552 Bytes 30.10.2015 11:50:08
XBV00072.VDF : 8.12.22.192 2048 Bytes 30.10.2015 11:50:08
XBV00073.VDF : 8.12.22.194 9216 Bytes 30.10.2015 11:50:08
XBV00074.VDF : 8.12.22.196 11264 Bytes 30.10.2015 11:50:08
XBV00075.VDF : 8.12.22.198 10752 Bytes 30.10.2015 11:50:09
XBV00076.VDF : 8.12.22.200 2048 Bytes 30.10.2015 11:50:09
XBV00077.VDF : 8.12.22.202 13824 Bytes 30.10.2015 11:50:09
XBV00078.VDF : 8.12.22.204 8704 Bytes 30.10.2015 11:50:09
XBV00079.VDF : 8.12.22.206 10240 Bytes 30.10.2015 11:50:09
XBV00080.VDF : 8.12.22.208 8192 Bytes 30.10.2015 11:50:09
XBV00081.VDF : 8.12.22.230 41472 Bytes 31.10.2015 11:50:10
XBV00082.VDF : 8.12.22.250 2048 Bytes 31.10.2015 11:50:10
XBV00083.VDF : 8.12.23.14 2048 Bytes 31.10.2015 11:50:10
XBV00084.VDF : 8.12.23.34 9728 Bytes 31.10.2015 11:50:10
XBV00085.VDF : 8.12.23.54 6144 Bytes 31.10.2015 11:50:10
XBV00086.VDF : 8.12.23.74 7168 Bytes 31.10.2015 11:50:10
XBV00087.VDF : 8.12.23.76 5632 Bytes 31.10.2015 11:50:11
XBV00088.VDF : 8.12.23.78 41984 Bytes 01.11.2015 11:50:11
XBV00089.VDF : 8.12.23.80 2048 Bytes 01.11.2015 11:50:11
XBV00090.VDF : 8.12.23.102 16896 Bytes 01.11.2015 13:50:06
XBV00091.VDF : 8.12.23.156 94720 Bytes 01.11.2015 11:33:26
XBV00092.VDF : 8.12.23.176 41472 Bytes 02.11.2015 11:33:27
XBV00093.VDF : 8.12.23.212 8704 Bytes 02.11.2015 11:33:27
XBV00094.VDF : 8.12.23.230 5632 Bytes 02.11.2015 11:33:27
XBV00095.VDF : 8.12.23.248 8192 Bytes 02.11.2015 11:33:27
XBV00096.VDF : 8.12.24.10 11264 Bytes 02.11.2015 11:33:27
XBV00097.VDF : 8.12.24.14 35328 Bytes 02.11.2015 19:02:26
XBV00098.VDF : 8.12.24.16 2048 Bytes 02.11.2015 19:02:26
XBV00099.VDF : 8.12.24.18 26624 Bytes 02.11.2015 19:02:26
XBV00100.VDF : 8.12.24.20 2048 Bytes 02.11.2015 19:02:26
XBV00101.VDF : 8.12.24.38 12288 Bytes 02.11.2015 19:02:27
XBV00102.VDF : 8.12.24.54 11264 Bytes 03.11.2015 19:02:27
XBV00103.VDF : 8.12.24.72 28672 Bytes 03.11.2015 19:02:27
XBV00104.VDF : 8.12.24.88 9216 Bytes 03.11.2015 19:02:27
XBV00105.VDF : 8.12.24.90 2048 Bytes 03.11.2015 19:02:27
XBV00106.VDF : 8.12.24.92 24576 Bytes 03.11.2015 19:02:28
XBV00107.VDF : 8.12.24.98 53248 Bytes 03.11.2015 10:58:29
XBV00108.VDF : 8.12.24.114 9728 Bytes 03.11.2015 10:58:30
XBV00109.VDF : 8.12.24.116 2048 Bytes 03.11.2015 10:58:30
XBV00110.VDF : 8.12.24.132 7680 Bytes 03.11.2015 10:58:30
XBV00111.VDF : 8.12.24.134 2048 Bytes 03.11.2015 10:58:30
XBV00112.VDF : 8.12.24.150 32768 Bytes 04.11.2015 10:58:31
XBV00113.VDF : 8.12.24.170 34816 Bytes 04.11.2015 10:58:31
XBV00114.VDF : 8.12.24.186 2048 Bytes 04.11.2015 10:58:32
XBV00115.VDF : 8.12.24.200 64512 Bytes 04.11.2015 10:58:32
XBV00116.VDF : 8.12.24.214 10240 Bytes 04.11.2015 16:20:24
XBV00117.VDF : 8.12.24.228 2048 Bytes 04.11.2015 16:20:24
XBV00118.VDF : 8.12.24.244 28672 Bytes 04.11.2015 16:20:24
XBV00119.VDF : 8.12.25.2 11776 Bytes 04.11.2015 20:20:30
XBV00120.VDF : 8.12.25.16 50688 Bytes 04.11.2015 20:20:30
XBV00121.VDF : 8.12.25.18 15360 Bytes 04.11.2015 12:41:12
XBV00122.VDF : 8.12.25.20 9216 Bytes 04.11.2015 12:41:13
XBV00123.VDF : 8.12.25.34 8704 Bytes 04.11.2015 12:41:14
XBV00124.VDF : 8.12.25.36 2048 Bytes 04.11.2015 12:41:15
XBV00125.VDF : 8.12.25.48 4096 Bytes 04.11.2015 12:41:15
XBV00126.VDF : 8.12.25.62 46080 Bytes 05.11.2015 12:41:17
XBV00127.VDF : 8.12.25.74 16896 Bytes 05.11.2015 12:41:18
XBV00128.VDF : 8.12.25.76 14336 Bytes 05.11.2015 12:41:19
XBV00129.VDF : 8.12.25.78 20992 Bytes 05.11.2015 12:41:20
XBV00130.VDF : 8.12.25.82 34816 Bytes 05.11.2015 12:41:21
XBV00131.VDF : 8.12.25.94 10752 Bytes 05.11.2015 12:41:22
XBV00132.VDF : 8.12.25.106 15872 Bytes 05.11.2015 12:41:26
XBV00133.VDF : 8.12.25.118 2048 Bytes 05.11.2015 12:41:27
XBV00134.VDF : 8.12.25.130 2048 Bytes 05.11.2015 12:41:28
XBV00135.VDF : 8.12.25.142 32768 Bytes 05.11.2015 12:41:30
XBV00136.VDF : 8.12.25.154 16384 Bytes 05.11.2015 12:41:31
XBV00137.VDF : 8.12.25.156 2048 Bytes 05.11.2015 12:41:31
XBV00138.VDF : 8.12.25.158 12288 Bytes 05.11.2015 12:41:32
XBV00139.VDF : 8.12.25.160 6656 Bytes 06.11.2015 12:41:33
XBV00140.VDF : 8.12.25.166 30208 Bytes 06.11.2015 12:41:34
XBV00141.VDF : 8.12.25.168 2048 Bytes 06.11.2015 12:41:34
XBV00142.VDF : 8.12.25.180 15872 Bytes 06.11.2015 12:41:35
XBV00143.VDF : 8.12.25.190 7168 Bytes 06.11.2015 12:41:35
XBV00144.VDF : 8.12.25.192 15360 Bytes 06.11.2015 12:41:35
XBV00145.VDF : 8.12.25.202 6144 Bytes 06.11.2015 12:41:36
XBV00146.VDF : 8.12.25.214 55296 Bytes 06.11.2015 12:41:36
XBV00147.VDF : 8.12.25.216 2048 Bytes 06.11.2015 12:41:37
XBV00148.VDF : 8.12.25.226 7168 Bytes 06.11.2015 12:41:38
XBV00149.VDF : 8.12.25.236 3072 Bytes 06.11.2015 12:41:38
XBV00150.VDF : 8.12.25.246 2048 Bytes 06.11.2015 12:41:39
XBV00151.VDF : 8.12.26.0 19456 Bytes 06.11.2015 12:41:40
XBV00152.VDF : 8.12.26.10 2048 Bytes 06.11.2015 12:41:40
XBV00153.VDF : 8.12.26.12 2048 Bytes 06.11.2015 12:41:41
XBV00154.VDF : 8.12.26.24 40960 Bytes 07.11.2015 12:41:51
XBV00155.VDF : 8.12.26.34 4608 Bytes 07.11.2015 12:41:51
XBV00156.VDF : 8.12.26.42 6144 Bytes 07.11.2015 12:41:52
XBV00157.VDF : 8.12.26.50 10752 Bytes 07.11.2015 12:41:53
XBV00158.VDF : 8.12.26.58 7680 Bytes 07.11.2015 12:41:53
XBV00159.VDF : 8.12.26.60 57856 Bytes 08.11.2015 12:42:03
XBV00160.VDF : 8.12.26.68 2048 Bytes 08.11.2015 12:42:03
XBV00161.VDF : 8.12.26.78 27648 Bytes 08.11.2015 11:12:49
XBV00162.VDF : 8.12.26.86 2048 Bytes 08.11.2015 11:12:49
XBV00163.VDF : 8.12.26.94 45056 Bytes 09.11.2015 11:12:49
XBV00164.VDF : 8.12.26.102 6656 Bytes 09.11.2015 11:12:50
XBV00165.VDF : 8.12.26.110 11776 Bytes 09.11.2015 11:12:50
XBV00166.VDF : 8.12.26.112 2048 Bytes 09.11.2015 11:12:50
XBV00167.VDF : 8.12.26.118 6656 Bytes 09.11.2015 11:12:50
XBV00168.VDF : 8.12.26.124 23552 Bytes 09.11.2015 11:12:50
XBV00169.VDF : 8.12.26.130 4096 Bytes 09.11.2015 11:12:50
XBV00170.VDF : 8.12.26.136 17408 Bytes 09.11.2015 11:12:51
XBV00171.VDF : 8.12.26.138 20480 Bytes 09.11.2015 11:12:51
XBV00172.VDF : 8.12.26.154 21504 Bytes 09.11.2015 11:12:51
XBV00173.VDF : 8.12.26.156 9728 Bytes 09.11.2015 11:12:51
XBV00174.VDF : 8.12.26.158 4608 Bytes 09.11.2015 11:12:51
XBV00175.VDF : 8.12.26.160 6144 Bytes 09.11.2015 11:12:52
XBV00176.VDF : 8.12.26.162 7680 Bytes 09.11.2015 11:12:52
XBV00177.VDF : 8.12.26.166 22016 Bytes 10.11.2015 11:12:52
XBV00178.VDF : 8.12.26.172 10752 Bytes 10.11.2015 11:12:52
XBV00179.VDF : 8.12.26.178 6656 Bytes 10.11.2015 11:12:52
XBV00180.VDF : 8.12.26.184 5120 Bytes 10.11.2015 11:12:52
XBV00181.VDF : 8.12.26.190 7680 Bytes 10.11.2015 11:12:53
XBV00182.VDF : 8.12.26.192 2048 Bytes 10.11.2015 11:12:53
XBV00183.VDF : 8.12.26.194 5632 Bytes 10.11.2015 19:01:54
XBV00184.VDF : 8.12.26.196 24064 Bytes 10.11.2015 19:01:54
XBV00185.VDF : 8.12.26.198 8192 Bytes 10.11.2015 19:01:55
XBV00186.VDF : 8.12.26.200 8704 Bytes 10.11.2015 16:05:43
XBV00187.VDF : 8.12.26.202 2048 Bytes 10.11.2015 16:05:44
XBV00188.VDF : 8.12.26.204 2048 Bytes 10.11.2015 16:05:44
XBV00189.VDF : 8.12.26.206 7168 Bytes 10.11.2015 16:05:44
XBV00190.VDF : 8.12.26.208 2048 Bytes 10.11.2015 16:05:45
XBV00191.VDF : 8.12.26.210 17920 Bytes 10.11.2015 16:05:45
XBV00192.VDF : 8.12.26.218 21504 Bytes 11.11.2015 16:05:45
XBV00193.VDF : 8.12.26.222 11776 Bytes 11.11.2015 16:05:46
XBV00194.VDF : 8.12.26.226 7168 Bytes 11.11.2015 18:05:18
XBV00195.VDF : 8.12.26.230 2048 Bytes 11.11.2015 18:05:18
XBV00196.VDF : 8.12.26.236 15872 Bytes 11.11.2015 18:05:18
XBV00197.VDF : 8.12.26.240 13312 Bytes 11.11.2015 20:05:47
XBV00198.VDF : 8.12.26.242 5120 Bytes 11.11.2015 20:05:48
XBV00199.VDF : 8.12.26.244 10240 Bytes 11.11.2015 11:47:55
XBV00200.VDF : 8.12.26.246 8704 Bytes 11.11.2015 11:47:55
XBV00201.VDF : 8.12.26.248 9728 Bytes 11.11.2015 11:47:55
XBV00202.VDF : 8.12.26.250 8704 Bytes 11.11.2015 11:47:56
XBV00203.VDF : 8.12.26.254 20992 Bytes 12.11.2015 11:47:56
XBV00204.VDF : 8.12.27.2 6144 Bytes 12.11.2015 11:47:56
XBV00205.VDF : 8.12.27.6 4608 Bytes 12.11.2015 11:47:56
XBV00206.VDF : 8.12.27.16 11264 Bytes 12.11.2015 11:47:56
XBV00207.VDF : 8.12.27.26 2048 Bytes 12.11.2015 11:47:56
XBV00208.VDF : 8.12.27.36 27136 Bytes 12.11.2015 11:47:57
XBV00209.VDF : 8.12.27.48 26624 Bytes 12.11.2015 16:11:42
XBV00210.VDF : 8.12.27.62 3584 Bytes 12.11.2015 16:11:42
XBV00211.VDF : 8.12.27.64 2048 Bytes 12.11.2015 16:11:42
XBV00212.VDF : 8.12.27.74 22016 Bytes 12.11.2015 16:11:42
XBV00213.VDF : 8.12.27.76 8704 Bytes 12.11.2015 16:11:43
XBV00214.VDF : 8.12.27.78 17920 Bytes 13.11.2015 16:11:43
XBV00215.VDF : 8.12.27.96 36352 Bytes 13.11.2015 16:11:43
XBV00216.VDF : 8.12.27.104 6144 Bytes 13.11.2015 16:11:43
XBV00217.VDF : 8.12.27.112 24576 Bytes 13.11.2015 16:11:44
XBV00218.VDF : 8.12.27.120 9728 Bytes 13.11.2015 16:11:44
XBV00219.VDF : 8.12.27.136 37376 Bytes 13.11.2015 16:11:44
XBV00220.VDF : 8.12.27.144 2048 Bytes 13.11.2015 16:11:44
XBV00221.VDF : 8.12.27.152 27136 Bytes 13.11.2015 16:11:45
XBV00222.VDF : 8.12.27.154 2048 Bytes 13.11.2015 16:11:45
XBV00223.VDF : 8.12.27.156 12800 Bytes 13.11.2015 16:11:45
XBV00224.VDF : 8.12.27.158 12800 Bytes 13.11.2015 16:11:45
XBV00225.VDF : 8.12.27.172 135680 Bytes 14.11.2015 16:11:47
XBV00226.VDF : 8.12.27.178 2048 Bytes 14.11.2015 16:11:47
XBV00227.VDF : 8.12.27.188 14848 Bytes 14.11.2015 16:11:47
XBV00228.VDF : 8.12.27.194 19968 Bytes 14.11.2015 16:11:47
XBV00229.VDF : 8.12.27.202 76288 Bytes 15.11.2015 13:48:02
XBV00230.VDF : 8.12.27.208 2048 Bytes 15.11.2015 13:48:02
XBV00231.VDF : 8.12.27.222 39936 Bytes 15.11.2015 17:48:07
XBV00232.VDF : 8.12.27.226 2048 Bytes 15.11.2015 17:48:08
XBV00233.VDF : 8.12.27.232 57344 Bytes 16.11.2015 18:12:11
XBV00234.VDF : 8.12.27.238 2048 Bytes 16.11.2015 18:12:11
XBV00235.VDF : 8.12.27.240 2048 Bytes 16.11.2015 18:12:11
XBV00236.VDF : 8.12.27.246 11264 Bytes 16.11.2015 18:12:11
XBV00237.VDF : 8.12.27.250 6656 Bytes 16.11.2015 18:12:11
XBV00238.VDF : 8.12.27.254 6656 Bytes 16.11.2015 18:12:12
XBV00239.VDF : 8.12.28.6 2048 Bytes 16.11.2015 18:12:12
XBV00240.VDF : 8.12.28.14 9216 Bytes 16.11.2015 18:12:12
XBV00241.VDF : 8.12.28.30 595968 Bytes 16.11.2015 18:12:17
XBV00242.VDF : 8.12.28.44 2560 Bytes 16.11.2015 18:12:17
XBV00243.VDF : 8.12.28.52 4608 Bytes 16.11.2015 18:12:17
XBV00244.VDF : 8.12.28.60 2048 Bytes 16.11.2015 18:12:17
XBV00245.VDF : 8.12.28.68 3072 Bytes 16.11.2015 20:12:33
XBV00246.VDF : 8.12.28.76 2048 Bytes 16.11.2015 20:12:34
LOCAL000.VDF : 8.12.28.76 144797184 Bytes 16.11.2015 20:12:47
Engineversion : 8.3.34.72
AEBB.DLL : 8.1.2.0 60448 Bytes 11.08.2014 08:33:57
AECORE.DLL : 8.3.9.0 249920 Bytes 14.11.2015 16:11:11
AEDROID.DLL : 8.4.3.348 1800104 Bytes 08.11.2015 12:41:08
AEEMU.DLL : 8.1.3.4 399264 Bytes 11.08.2014 08:34:00
AEEXP.DLL : 8.4.2.134 277360 Bytes 14.11.2015 16:11:41
AEGEN.DLL : 8.1.8.2 482424 Bytes 14.11.2015 16:11:13
AEHELP.DLL : 8.3.2.2 281456 Bytes 29.06.2015 13:25:03
AEHEUR.DLL : 8.1.4.2040 9915248 Bytes 14.11.2015 16:11:38
AEMOBILE.DLL : 8.1.8.8 300968 Bytes 08.11.2015 12:41:11
AEOFFICE.DLL : 8.3.1.56 408432 Bytes 19.10.2015 15:19:06
AEPACK.DLL : 8.4.1.18 802880 Bytes 28.10.2015 11:36:12
AERDL.DLL : 8.2.1.38 813928 Bytes 08.11.2015 12:40:35
AESBX.DLL : 8.2.21.2 1629032 Bytes 08.11.2015 12:40:52
AESCN.DLL : 8.3.4.0 141216 Bytes 14.11.2015 16:11:39
AESCRIPT.DLL : 8.3.0.2 538536 Bytes 14.11.2015 16:11:41
AEVDF.DLL : 8.3.2.2 141216 Bytes 25.08.2015 17:52:39
AVWINLL.DLL : 15.0.13.158 29600 Bytes 15.10.2015 11:21:40
AVPREF.DLL : 15.0.13.158 55864 Bytes 15.10.2015 11:22:02
AVREP.DLL : 15.0.13.158 225320 Bytes 15.10.2015 11:22:05
AVARKT.DLL : 15.0.13.158 232000 Bytes 15.10.2015 11:21:42
AVEVTLOG.DLL : 15.0.13.190 202112 Bytes 15.10.2015 11:21:48
SQLITE3.DLL : 15.0.13.158 461672 Bytes 15.10.2015 11:25:16
AVSMTP.DLL : 15.0.13.158 82120 Bytes 15.10.2015 11:22:13
NETNT.DLL : 15.0.13.158 18792 Bytes 15.10.2015 11:24:54
CommonImageRc.dll: 15.0.13.190 4308216 Bytes 15.10.2015 11:21:40
CommonTextRc.dll: 15.0.13.158 70784 Bytes 15.10.2015 11:21:40
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Prüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, Q:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Freitag, 20. November 2015 19:21
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, Q:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'ibmpmsvc.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'upeksvr.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcPrfMgrSvc.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'btwdins.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'FBService.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'CAMMUTE.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPKNRSVC.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'vcamsvc.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'lvvsst.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'NitroPDFDriverService2x64.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'HelperService.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConversionService.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPHKSVC.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '197' Modul(e) wurden durchsucht
Durchsuche Prozess 'ULCDRSvr.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'tpnumlkd.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'WebUpdateSvc4.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'virtscrl.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'mini_WMCore.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'ZeroConfigService.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcSvc.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '135' Modul(e) wurden durchsucht
Durchsuche Prozess 'MICMUTE.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPHKLOAD.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPONSCR.EXE' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SvcGuiHlpr.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'TpShocks.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'TpKnrres.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPLpr.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'RCIMGDIR.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'iusb3mon.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'pcee4.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesTrayAgent.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNMNSUT.EXE' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'NetBak.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'MobileAccess.exe' - '140' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'SCHTASK.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'RunDll32.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtStackServer.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSCNotify.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'mcplaunch.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'MacheenService.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'VIPAppService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'DZSVC64.EXE' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'PrivacyIconClient.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'VIPUIManager.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '140' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '32' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2056' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Windows7_OS>
[0] Archivtyp: RSRC
--> C:\Program Files\ThinkVantage Fingerprint Software\Drivers\WUDFUpdate_01009.dll
[1] Archivtyp: RSRC
--> C:\Users\Armin\AppData\Local\Temp\is-3PC3Q.tmp\PDFCreator-Setup.exe
[2] Archivtyp: Inno Setup
--> {tmp}\OCSetupHlp.dll
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Armin\AppData\Local\Temp\is-3PC3Q.tmp\PDFCreator-Setup.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
--> C:\Users\Armin\AppData\Local\Temp\is-R64AP.tmp\PDFCreator-Setup.exe
[2] Archivtyp: Inno Setup
--> {tmp}\OCSetupHlp.dll
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Armin\AppData\Local\Temp\is-R64AP.tmp\PDFCreator-Setup.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
Beginne mit der Suche in 'Q:\' <Lenovo_Recovery>
Beginne mit der Desinfektion:
C:\Users\Armin\AppData\Local\Temp\is-R64AP.tmp\PDFCreator-Setup.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
[WARNUNG] Fehler in der ARK Library
[HINWEIS] Die Datei wurde zum Löschen nach einem Neustart markiert.
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
C:\Users\Armin\AppData\Local\Temp\is-3PC3Q.tmp\PDFCreator-Setup.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
[WARNUNG] Fehler in der ARK Library
[HINWEIS] Die Datei wurde zum Löschen nach einem Neustart markiert.
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
Ende des Suchlaufs: Freitag, 20. November 2015 22:07
Benötigte Zeit: 1:27:31 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
37795 Verzeichnisse wurden überprüft
1033908 Dateien wurden geprüft
4 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1033904 Dateien ohne Befall
13497 Archive wurden durchsucht
4 Warnungen
2 Hinweise
986654 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Die Reparaturanweisungen wurden in die Datei 'C:\avrescue\rescue.avp' geschrieben.
|
|
22.11.2015, 10:48
| #6 |
| | Telekom Abuse-Meldung Bedep Anbei der Logfile von FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-11-2015
durchgeführt von Armin (Administrator) auf T430 (22-11-2015 09:51:10)
Gestartet von D:\trojaner-board Win7
Geladene Profile: UpdatusUser & Armin (Verfügbare Profile: UpdatusUser & Armin & Karin & Sandra)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Data Perceptions / PowerProgrammer) C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(QNAP Systems, Inc.) C:\Program Files (x86)\QNAP\NetBak\NetBak.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Lenovo.) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
() D:\trojaner-board Win7\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [64608 2012-05-30] (Lenovo)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-04-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM-x32\...\Run: [QNAP_NASNetBak] => C:\Program Files (x86)\QNAP\NetBak\NetBak.exe [720896 2009-07-10] (QNAP Systems, Inc.)
HKLM-x32\...\Run: [MobileAccess] => C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [155864 2013-04-17] (Lenovo)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-4279511978-3708048889-3883205738-1001\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [955280 2012-04-27] (Samsung)
HKU\S-1-5-21-4279511978-3708048889-3883205738-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-4279511978-3708048889-3883205738-1001\...\MountPoints2: {dd809655-1194-11e2-a2cb-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-10-08]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{09023800-BAC1-40CB-BEAB-E946F2F2E0B5}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-4279511978-3708048889-3883205738-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-4279511978-3708048889-3883205738-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4279511978-3708048889-3883205738-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-4279511978-3708048889-3883205738-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE518
SearchScopes: HKU\S-1-5-21-4279511978-3708048889-3883205738-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE518
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-12-14] (pdfforge GbR)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2012-12-14] (pdfforge GbR)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-4279511978-3708048889-3883205738-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-05-31] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-05-31] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4279511978-3708048889-3883205738-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [Keine Datei]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-12] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-10-08] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\gcswf32.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\pdf.dll => Keine Datei
CHR Plugin: (Norton Confidential) - C:\Users\Armin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Armin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Armin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Armin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)
R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [32480 2013-04-17] (Macheen)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522912 2012-12-14] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [906464 2012-12-14] (pdfforge GbR)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [Datei ist nicht signiert]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
R2 WebUpdate4; C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [278800 2013-01-16] (Data Perceptions / PowerProgrammer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [655400 2012-02-03] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-15] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-22] (MCCI Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [249192 2012-05-31] (NVIDIA Corporation)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-20 19:02 - 2015-11-22 09:51 - 00000000 ____D C:\FRST
2015-11-20 19:02 - 2015-11-20 19:02 - 00000000 _____ C:\Users\Armin\defogger_reenable
2015-11-12 12:48 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 17:19 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 17:19 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 17:19 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 17:19 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 17:19 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 17:19 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 17:19 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 17:19 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 17:19 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 17:19 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 17:19 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 17:19 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 17:19 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 17:19 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 17:19 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 17:19 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 17:19 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 17:19 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 17:19 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 17:19 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 17:19 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 17:19 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 17:19 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 17:19 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 17:19 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 17:19 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 17:19 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 17:19 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 17:19 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 17:19 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 17:19 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 17:19 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 17:19 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 17:19 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 17:19 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 17:19 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 17:19 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 17:19 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 17:19 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 17:19 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 17:19 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 17:19 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 17:19 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 17:19 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 17:19 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 17:19 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 17:19 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 17:19 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 17:19 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 17:19 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 17:19 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 17:19 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 17:19 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 17:19 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 17:19 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 17:19 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 17:19 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 17:19 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 17:19 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 17:19 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 17:19 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 17:19 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 17:19 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 17:19 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 17:16 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:16 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:16 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:16 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:16 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:16 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 17:16 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 17:16 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:16 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 17:16 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:16 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 17:16 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 17:16 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 17:16 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 17:16 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 17:16 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 17:10 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:10 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:10 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 17:10 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 17:10 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 17:10 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 17:10 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 17:10 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 17:10 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 17:10 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 17:10 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 17:10 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 17:10 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 17:10 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 17:10 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 17:10 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 17:10 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 17:10 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 17:10 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 17:10 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 17:10 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 17:10 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 17:10 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 17:10 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 17:10 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 17:10 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 17:10 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 17:10 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:10 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 17:10 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:10 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 17:10 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 17:10 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:10 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:10 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:10 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:10 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 17:10 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 17:10 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 17:10 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 17:10 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 17:10 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 17:10 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-22 09:43 - 2013-01-12 15:38 - 00000000 ____D C:\Users\Armin\AppData\Roaming\Nitro PDF
2015-11-22 09:43 - 2012-10-09 09:02 - 00669012 _____ C:\Windows\system32\perfh007.dat
2015-11-22 09:43 - 2012-10-09 09:02 - 00134796 _____ C:\Windows\system32\perfc007.dat
2015-11-22 09:43 - 2009-07-14 06:13 - 01527002 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-22 09:41 - 2012-10-08 23:33 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 09:38 - 2009-07-14 05:45 - 00034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-22 09:38 - 2009-07-14 05:45 - 00034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-22 09:34 - 2012-10-08 23:15 - 01385119 _____ C:\Windows\WindowsUpdate.log
2015-11-22 09:30 - 2012-10-08 23:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-22 09:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-22 09:30 - 2009-07-14 05:51 - 00012004 _____ C:\Windows\setupact.log
2015-11-21 07:12 - 2012-10-08 23:33 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 22:08 - 2010-11-21 04:47 - 00736754 _____ C:\Windows\PFRO.log
2015-11-20 19:08 - 2013-01-12 15:35 - 00000000 ____D C:\Users\Armin\AppData\LocalLow\VeriSign
2015-11-20 19:02 - 2013-01-12 15:31 - 00000000 ____D C:\Users\Armin
2015-11-16 19:13 - 2013-01-12 18:27 - 00000000 ____D C:\Users\Sandra\AppData\LocalLow\VeriSign
2015-11-16 19:06 - 2013-01-12 18:26 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Nitro PDF
2015-11-14 17:23 - 2013-01-12 18:24 - 00000000 ____D C:\Users\Sandra\AppData\Local\MobileAccess
2015-11-14 17:00 - 2009-07-14 05:45 - 00367024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 13:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 22:41 - 2013-08-14 22:48 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 22:37 - 2013-07-10 12:20 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 22:32 - 2011-12-08 21:43 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-10 12:09 - 2014-05-31 18:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-10 12:09 - 2014-05-31 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-08 13:29 - 2013-01-13 17:40 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\NetBak
2015-11-04 17:15 - 2013-03-03 20:44 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\vlc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-12 15:35 - 2014-01-15 19:31 - 0000313 _____ () C:\ProgramData\LastUpdate.xml
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Sandra\vlc-1.1.0-win32.exe
Einige Dateien in TEMP:
====================
C:\Users\Armin\AppData\Local\Temp\AskSLib.dll
C:\Users\Armin\AppData\Local\Temp\avgnt.exe
C:\Users\Karin\AppData\Local\Temp\AskSLib.dll
C:\Users\Sandra\AppData\Local\Temp\AskSLib.dll
C:\Users\Sandra\AppData\Local\Temp\avgnt.exe
C:\Users\Sandra\AppData\Local\Temp\install_flashplayer11x32ax_gtba_chra_dy_aaa_aih.exe
C:\Users\Sandra\AppData\Local\Temp\vdvwivdn.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-20 21:10
==================== Ende von FRST.txt ============================
und Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von Armin (2015-11-22 09:51:47)
Gestartet von D:\trojaner-board Win7
Windows 7 Professional Service Pack 1 (X64) (2013-01-12 14:31:23)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4279511978-3708048889-3883205738-500 - Administrator - Disabled)
Armin (S-1-5-21-4279511978-3708048889-3883205738-1001 - Administrator - Enabled) => C:\Users\Armin
Gast (S-1-5-21-4279511978-3708048889-3883205738-501 - Limited - Disabled)
Karin (S-1-5-21-4279511978-3708048889-3883205738-1002 - Limited - Enabled) => C:\Users\Karin
Sandra (S-1-5-21-4279511978-3708048889-3883205738-1003 - Administrator - Enabled) => C:\Users\Sandra
UpdatusUser (S-1-5-21-4279511978-3708048889-3883205738-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.72.00 - )
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version: - )
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.4.510611 - NNG Llc.)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.392 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.32 - )
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2725 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Mobile Access (HKLM-x32\...\{4DD171A1-70FB-48EE-8844-98A7AA4C8DCC}) (Version: 3.2.30417.1301 - Lenovo)
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0020.00 - Lenovo Group Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM\...\{3849486C-FF09-4F5D-B491-3E179D58EE15}) (Version: 3.1.0004.00 - Lenovo Group Limited)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.1.1.0 - Ericsson AB)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
NVIDIA 3D Vision Treiber 296.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.88 - NVIDIA Corporation)
NVIDIA Grafiktreiber 296.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA Update 1.7.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.13 - NVIDIA Corporation)
PDF Architect (HKLM-x32\...\{09531CAE-B186-49A9-B44F-C607CC54FA2A}) (Version: 1.0.51.8724 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
QNAP NetBak Replicator (HKLM-x32\...\QNAP_NASNetBak) (Version: - )
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.00.0802 - Lenovo)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6617 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.1.12044_18 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.1.12044_18 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.1.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.34.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{479016BF-5B8D-445F-BE15-A187F25D81C8}) (Version: 5.9.6.7084 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (e1cexpress) Net (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-10-2015 20:34:18 Geplanter Prüfpunkt
30-10-2015 13:24:50 Geplanter Prüfpunkt
08-11-2015 14:22:07 Geplanter Prüfpunkt
11-11-2015 22:27:57 Windows Update
12-11-2015 16:47:09 Windows Update
20-11-2015 21:17:27 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {005664AE-9AD1-4B7D-A863-93EE646D718B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {0150359F-702B-42BF-95D0-A1A1294E9F44} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {0EBF9111-8127-48D5-BD99-6043C6B375A8} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for T430.Sandra => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)
Task: {4B6CDBB4-1F46-45FA-B6E0-CACE606C9C5A} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-05-15] (Lenovo)
Task: {8426797D-8C50-455E-8229-AB418E5BD6D4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {BFBCD914-F2AB-4BDC-81D0-9BA04C69EF62} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-15] (Lenovo Group Limited)
Task: {C6DA47CC-CA3C-461D-BAA3-68924F407B07} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-05-16] (Lenovo)
Task: {D78709AC-3762-4C58-B9E1-37650AC92DBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DF3A723A-AFCD-48F1-A1C1-59C6C783DBD3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {E13AD73A-8D9E-46FB-8D3E-A47C350D922E} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {FE7B5AD3-DC88-476A-A295-663DD82DBD7E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-10-08 23:25 - 2012-05-15 22:32 - 00103936 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2012-10-08 23:21 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-20 18:54 - 2015-11-20 16:24 - 00050477 _____ () D:\trojaner-board Win7\Defogger.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-08 23:30 - 2012-01-17 07:29 - 00030512 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2012-10-08 23:26 - 2011-08-02 03:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2012-10-08 23:26 - 2011-08-02 03:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2012-10-08 23:20 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2012-05-30 16:32 - 2012-05-30 16:32 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2012-10-08 23:19 - 2012-02-21 04:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4279511978-3708048889-3883205738-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{5BDC4FE6-E93B-4CCC-BC51-F4E88C3898FC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4CE13AC2-4EE3-4450-9612-0CDD3F666266}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{75A7FBC2-0ED0-436C-B931-8234A29B5EE4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0872FC13-CFE6-4553-B237-230C6E983D0E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E8A7E795-20F9-49B4-B0FE-DE57C181E5F8}] => (Allow) LPort=2869
FirewallRules: [{51F0AB41-3A02-48A6-A68E-8F83F4F367B3}] => (Allow) LPort=1900
FirewallRules: [{F004CB88-ABF3-42A0-89F8-FC2F42CECE4E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{03B5831B-AA70-4010-A106-AA8BA409C606}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6004141C-678D-4D65-B781-85BFA7F685E5}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [TCP Query User{860D9E72-C645-4D5B-B7F4-638FC34D5D41}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{A32586E3-4036-48BE-ACA6-1933EF88DE2E}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{7EBFFBAC-8834-4B80-8525-E51AA7D5D6A0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9E29A118-92D3-44DA-9718-DE081F2ED00D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{F2E13F0F-BBB3-4AFC-94B7-4EA9DCB9CD46}C:\program files (x86)\qnap\netbak\netbak.exe] => (Allow) C:\program files (x86)\qnap\netbak\netbak.exe
FirewallRules: [UDP Query User{5E5022CB-BF56-47D5-B653-C929E2D1AA1D}C:\program files (x86)\qnap\netbak\netbak.exe] => (Allow) C:\program files (x86)\qnap\netbak\netbak.exe
FirewallRules: [TCP Query User{3651EE2D-19AA-4AFD-A6D5-B3D3831E2600}C:\users\sandra\appdata\roaming\icq\application\icq7.2\icq.exe] => (Block) C:\users\sandra\appdata\roaming\icq\application\icq7.2\icq.exe
FirewallRules: [UDP Query User{E38EC3B7-EA9A-4353-82F5-C4EFD02E506E}C:\users\sandra\appdata\roaming\icq\application\icq7.2\icq.exe] => (Block) C:\users\sandra\appdata\roaming\icq\application\icq7.2\icq.exe
FirewallRules: [{D5CECE61-7886-4885-A39F-BE578DB0F904}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A3F16A17-DF59-408C-B64A-17D3C3D5F52F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6329B99B-08A3-4826-830D-A4DB4FABA1EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CAFD7F5B-1D27-4B00-A7D2-C6A2B8474A4A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{57C5C5F7-9740-4F48-B204-60D14D8FBCA2}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{43723175-2122-4F3C-98E6-6EFBEA1A0B5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/22/2015 09:30:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/20/2015 10:09:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/20/2015 07:00:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/16/2015 07:02:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/15/2015 02:37:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/14/2015 05:01:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2015 00:37:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/11/2015 04:55:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2015 05:51:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2015 00:02:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (11/20/2015 10:17:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (11/20/2015 10:14:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (11/16/2015 07:54:03 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/16/2015 07:54:03 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (11/14/2015 06:43:30 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (11/14/2015 06:43:24 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (11/14/2015 06:43:24 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (11/14/2015 06:43:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (11/14/2015 06:43:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (11/08/2015 03:49:42 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
CodeIntegrity:
===================================
Date: 2013-03-29 17:30:14.661
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-02-05 19:56:39.536
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-02-05 19:54:32.083
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 7915.94 MB
Verfügbarer physikalischer RAM: 5765.38 MB
Summe virtueller Speicher: 15830.09 MB
Verfügbarer virtueller Speicher: 13376.19 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:450.62 GB) (Free:245.21 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (VERBATIM) (Removable) (Total:117.16 GB) (Free:117.01 GB) FAT32
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:1.33 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3770BDA0)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 117.2 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.11.22.01
rootkit: v2015.11.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18097
Armin :: T430 [administrator]
22.11.2015 09:57:52
mbar-log-2015-11-22 (09-57-52).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 477619
Time elapsed: 31 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
22.11.2015, 10:52
| #7 |
| | Telekom Abuse-Meldung Bedep und TDSSKiller: Code:
ATTFilter 10:31:22.0613 0x170c TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
10:31:25.0343 0x170c =============================
10:31:25.0343 0x170c Current date / time: 2015/11/22 10:31:25.0343
10:31:25.0343 0x170c SystemInfo:
10:31:25.0343 0x170c
10:31:25.0343 0x170c OS Version: 6.1.7601 ServicePack: 1.0
10:31:25.0343 0x170c Product type: Workstation
10:31:25.0343 0x170c ComputerName: T430
10:31:25.0343 0x170c UserName: Armin
10:31:25.0343 0x170c Windows directory: C:\Windows
10:31:25.0343 0x170c System windows directory: C:\Windows
10:31:25.0343 0x170c Running under WOW64
10:31:25.0343 0x170c Processor architecture: Intel x64
10:31:25.0343 0x170c Number of processors: 4
10:31:25.0343 0x170c Page size: 0x1000
10:31:25.0343 0x170c Boot type: Normal boot
10:31:25.0343 0x170c ============================================================
10:31:26.0778 0x170c KLMD registered as C:\Windows\system32\drivers\61009481.sys
10:31:27.0371 0x170c System UUID: {2A125ABF-611F-1D06-B0BD-4224E1BC5A45}
10:31:27.0808 0x170c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:31:27.0823 0x170c Drive \Device\Harddisk1\DR1 - Size: 0x1D4C000000 ( 117.19 Gb ), SectorSize: 0x200, Cylinders: 0x3BC1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:31:27.0823 0x170c ===========================
10:31:27.0823 0x170c \Device\Harddisk0\DR0:
10:31:27.0823 0x170c MBR partitions:
10:31:27.0823 0x170c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
10:31:27.0823 0x170c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3853F000
10:31:27.0823 0x170c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3882D800, BlocksNum 0x1B58000
10:31:27.0823 0x170c \Device\Harddisk1\DR1:
10:31:27.0823 0x170c MBR partitions:
10:31:27.0823 0x170c \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x80, BlocksNum 0xEA5FF80
10:31:27.0823 0x170c ============================================================
10:31:27.0839 0x170c C: <-> \Device\Harddisk0\DR0\Partition2
10:31:27.0886 0x170c Q: <-> \Device\Harddisk0\DR0\Partition3
10:31:27.0886 0x170c ================================
10:31:27.0886 0x170c Initialize success
10:31:27.0886 0x170c =================================
10:31:34.0484 0x210c =============================
10:31:34.0484 0x210c Scan started
10:31:34.0484 0x210c Mode: Manual; SigCheck; TDLFS;
10:31:34.0484 0x210c ============================================================
10:31:34.0484 0x210c KSN ping started
10:31:37.0121 0x210c KSN ping finished: true
10:31:37.0948 0x210c ================ Scan system memory ========================
10:31:37.0948 0x210c System memory - ok
10:31:37.0948 0x210c ================ Scan services =============================
10:31:38.0088 0x210c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:31:38.0135 0x210c 1394ohci - ok
10:31:38.0182 0x210c [ 1F305C858E7B5E537C9B783D46243A7A, 0DA7B31949C48FB42DBF61EC71ACCFD1CEB3B6135DC3FA0FEC4A9DE25A1405BA ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
10:31:38.0197 0x210c 5U877 - ok
10:31:38.0213 0x210c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:31:38.0228 0x210c ACPI - ok
10:31:38.0228 0x210c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:31:38.0244 0x210c AcpiPmi - ok
10:31:38.0353 0x210c [ 2540FC407E5CCBEEB981755A3B6AFF58, 352520A8E601DEEE45928918216D86775C33E21144F09B807C3E459434062088 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
10:31:38.0369 0x210c AcPrfMgrSvc - ok
10:31:38.0400 0x210c [ 5463D786E083B8D50CF44FFF0926CECA, DC9F9D1618B9E604B3AA8685A929B36CEE7847238D4D64B2E0A1B0E4FDC0F3A2 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
10:31:38.0416 0x210c AcSvc - ok
10:31:38.0447 0x210c [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:31:38.0447 0x210c AdobeARMservice - ok
10:31:38.0509 0x210c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:31:38.0525 0x210c adp94xx - ok
10:31:38.0556 0x210c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:31:38.0572 0x210c adpahci - ok
10:31:38.0587 0x210c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:31:38.0587 0x210c adpu320 - ok
10:31:38.0603 0x210c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:31:38.0634 0x210c AeLookupSvc - ok
10:31:38.0696 0x210c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
10:31:38.0728 0x210c AFD - ok
10:31:38.0743 0x210c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:31:38.0759 0x210c agp440 - ok
10:31:38.0759 0x210c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:31:38.0774 0x210c ALG - ok
10:31:38.0774 0x210c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:31:38.0790 0x210c aliide - ok
10:31:38.0790 0x210c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:31:38.0790 0x210c amdide - ok
10:31:38.0790 0x210c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:31:38.0806 0x210c AmdK8 - ok
10:31:38.0806 0x210c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:31:38.0821 0x210c AmdPPM - ok
10:31:38.0821 0x210c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:31:38.0821 0x210c amdsata - ok
10:31:38.0837 0x210c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:31:38.0837 0x210c amdsbs - ok
10:31:38.0852 0x210c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:31:38.0852 0x210c amdxata - ok
10:31:38.0993 0x210c [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
10:31:39.0851 0x210c AntiVirMailService - ok
10:31:39.0929 0x210c [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:31:39.0960 0x210c AntiVirSchedulerService - ok
10:31:39.0991 0x210c [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:31:40.0007 0x210c AntiVirService - ok
10:31:40.0085 0x210c [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:31:40.0116 0x210c AntiVirWebService - ok
10:31:40.0178 0x210c [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
10:31:40.0194 0x210c AppID - ok
10:31:40.0210 0x210c [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:31:40.0225 0x210c AppIDSvc - ok
10:31:40.0272 0x210c [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
10:31:40.0288 0x210c Appinfo - ok
10:31:40.0350 0x210c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:31:40.0366 0x210c Apple Mobile Device - ok
10:31:40.0397 0x210c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
10:31:40.0412 0x210c AppMgmt - ok
10:31:40.0444 0x210c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:31:40.0444 0x210c arc - ok
10:31:40.0459 0x210c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:31:40.0459 0x210c arcsas - ok
10:31:40.0475 0x210c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:31:40.0506 0x210c AsyncMac - ok
10:31:40.0522 0x210c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:31:40.0522 0x210c atapi - ok
10:31:40.0600 0x210c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:31:40.0631 0x210c AudioEndpointBuilder - ok
10:31:40.0631 0x210c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:31:40.0646 0x210c AudioSrv - ok
10:31:40.0709 0x210c [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:31:40.0740 0x210c avgntflt - ok
10:31:40.0756 0x210c [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:31:40.0771 0x210c avipbb - ok
10:31:40.0880 0x210c [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
10:31:40.0912 0x210c Avira.ServiceHost - ok
10:31:40.0927 0x210c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:31:40.0927 0x210c avkmgr - ok
10:31:40.0974 0x210c [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
10:31:40.0974 0x210c avnetflt - ok
10:31:41.0005 0x210c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:31:41.0036 0x210c AxInstSV - ok
10:31:41.0083 0x210c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:31:41.0114 0x210c b06bdrv - ok
10:31:41.0130 0x210c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:31:41.0161 0x210c b57nd60a - ok
10:31:41.0192 0x210c [ F01759FA97126CC69DFA85CEDA0717A1, 5B23B61562349D13311B7FCF783BDC9439698DACA5724B83B3568121497C7FC8 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
10:31:41.0208 0x210c bcbtums - ok
10:31:41.0208 0x210c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:31:41.0208 0x210c BDESVC - ok
10:31:41.0224 0x210c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:31:41.0255 0x210c Beep - ok
10:31:41.0302 0x210c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:31:41.0317 0x210c BFE - ok
10:31:41.0348 0x210c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:31:41.0380 0x210c BITS - ok
10:31:41.0395 0x210c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:31:41.0411 0x210c blbdrive - ok
10:31:41.0489 0x210c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:31:41.0520 0x210c Bonjour Service - ok
10:31:41.0551 0x210c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:31:41.0567 0x210c bowser - ok
10:31:41.0598 0x210c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:31:41.0598 0x210c BrFiltLo - ok
10:31:41.0614 0x210c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:31:41.0614 0x210c BrFiltUp - ok
10:31:41.0645 0x210c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:31:41.0660 0x210c Browser - ok
10:31:41.0676 0x210c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:31:41.0692 0x210c Brserid - ok
10:31:41.0692 0x210c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:31:41.0707 0x210c BrSerWdm - ok
10:31:41.0707 0x210c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:31:41.0723 0x210c BrUsbMdm - ok
10:31:41.0723 0x210c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:31:41.0738 0x210c BrUsbSer - ok
10:31:41.0770 0x210c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
10:31:41.0770 0x210c BthEnum - ok
10:31:41.0770 0x210c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:31:41.0785 0x210c BTHMODEM - ok
10:31:41.0785 0x210c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:31:41.0801 0x210c BthPan - ok
10:31:41.0816 0x210c [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:31:41.0832 0x210c BTHPORT - ok
10:31:41.0863 0x210c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:31:41.0894 0x210c bthserv - ok
10:31:41.0894 0x210c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:31:41.0910 0x210c BTHUSB - ok
10:31:41.0957 0x210c [ 3AFF6DC496B8A8D12C867E3FC7C86FAC, 72541F7F9AF6278B8F19F2DBCCADC4FF47171866E04FB5A1010D9AFDF69F7D11 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
10:31:41.0972 0x210c btwampfl - ok
10:31:41.0988 0x210c [ 336BBA0909B3636AB7D06A71D7B1C0DC, 3BC7593272101C340681A9909F9215580F8942DA54E9B251E3AC35B8D39D9B89 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
10:31:41.0988 0x210c btwaudio - ok
10:31:42.0004 0x210c [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
10:31:42.0019 0x210c btwavdt - ok
10:31:42.0082 0x210c [ 26A80D7ACA49E03A403806418B5FED46, 52539FC9F5796002FD66393C759393717E3E242392B2E9039AD12B6D973B78BD ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
10:31:42.0097 0x210c btwdins - ok
10:31:42.0113 0x210c [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
10:31:42.0113 0x210c btwl2cap - ok
10:31:42.0128 0x210c [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
10:31:42.0128 0x210c btwrchid - ok
10:31:42.0144 0x210c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:31:42.0160 0x210c cdfs - ok
10:31:42.0206 0x210c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:31:42.0206 0x210c cdrom - ok
10:31:42.0238 0x210c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:31:42.0253 0x210c CertPropSvc - ok
10:31:42.0269 0x210c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:31:42.0284 0x210c circlass - ok
10:31:42.0316 0x210c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:31:42.0331 0x210c CLFS - ok
10:31:42.0394 0x210c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:31:42.0409 0x210c clr_optimization_v2.0.50727_32 - ok
10:31:42.0440 0x210c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:31:42.0456 0x210c clr_optimization_v2.0.50727_64 - ok
10:31:42.0503 0x210c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:31:42.0503 0x210c clr_optimization_v4.0.30319_32 - ok
10:31:42.0550 0x210c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:31:42.0565 0x210c clr_optimization_v4.0.30319_64 - ok
10:31:42.0596 0x210c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:31:42.0596 0x210c CmBatt - ok
10:31:42.0612 0x210c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:31:42.0628 0x210c cmdide - ok
10:31:42.0674 0x210c [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
10:31:42.0706 0x210c CNG - ok
10:31:42.0737 0x210c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:31:42.0737 0x210c Compbatt - ok
10:31:42.0752 0x210c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:31:42.0768 0x210c CompositeBus - ok
10:31:42.0768 0x210c COMSysApp - ok
10:31:42.0830 0x210c [ BA4EF9EB2FFA3F2DF9D207B8A9A027F5, A3CF7E47212ADF4C1170FDF91ACAF7CFB34EDC7AF52C70F69F60703139DDAA68 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:31:42.0846 0x210c cphs - ok
10:31:42.0846 0x210c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:31:42.0862 0x210c crcdisk - ok
10:31:42.0908 0x210c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:31:42.0940 0x210c CryptSvc - ok
10:31:42.0955 0x210c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
10:31:42.0971 0x210c CSC - ok
10:31:43.0002 0x210c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
10:31:43.0018 0x210c CscService - ok
10:31:43.0049 0x210c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:31:43.0080 0x210c DcomLaunch - ok
10:31:43.0096 0x210c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:31:43.0127 0x210c defragsvc - ok
10:31:43.0158 0x210c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:31:43.0174 0x210c DfsC - ok
10:31:43.0205 0x210c [ 113212D25D0C9BB8901A9833774DA97F, 316AF9E7A8C4016623F7E908E14E058238F395934026A209DAA467415A77CC6A ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
10:31:43.0205 0x210c dg_ssudbus - ok
10:31:43.0236 0x210c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:31:43.0252 0x210c Dhcp - ok
10:31:43.0267 0x210c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:31:43.0298 0x210c discache - ok
10:31:43.0345 0x210c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:31:43.0361 0x210c Disk - ok
10:31:43.0376 0x210c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:31:43.0392 0x210c dmvsc - ok
10:31:43.0423 0x210c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:31:43.0423 0x210c Dnscache - ok
10:31:43.0439 0x210c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:31:43.0470 0x210c dot3svc - ok
10:31:43.0517 0x210c [ 9597BCB69286FF017DB1A0FB8144408D, B477E4E7C3B49A77075B3165079E29FF1908C81E2BCCB930B47DCCF7DA5C417C ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
10:31:43.0517 0x210c DozeSvc - ok
10:31:43.0532 0x210c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:31:43.0564 0x210c DPS - ok
10:31:43.0579 0x210c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:31:43.0595 0x210c drmkaud - ok
10:31:43.0657 0x210c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:31:43.0688 0x210c DXGKrnl - ok
10:31:43.0704 0x210c [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
10:31:43.0720 0x210c DzHDD64 - ok
10:31:43.0751 0x210c [ 03F4C5C12FC1C69F838DA723475EF650, 7D80623ED1060F904AF85B87620DF8DC153504FABC0E447C1D3A07D0372D7B9F ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
10:31:43.0751 0x210c e1cexpress - ok
10:31:43.0782 0x210c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:31:43.0798 0x210c EapHost - ok
10:31:43.0876 0x210c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:31:43.0938 0x210c ebdrv - ok
10:31:43.0985 0x210c [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
10:31:44.0000 0x210c ecnssndis - ok
10:31:44.0016 0x210c [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
10:31:44.0016 0x210c ecnssndisfltr - ok
10:31:44.0063 0x210c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
10:31:44.0063 0x210c EFS - ok
10:31:44.0125 0x210c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:31:44.0141 0x210c ehRecvr - ok
10:31:44.0156 0x210c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:31:44.0172 0x210c ehSched - ok
10:31:44.0219 0x210c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:31:44.0250 0x210c elxstor - ok
10:31:44.0250 0x210c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:31:44.0250 0x210c ErrDev - ok
10:31:44.0297 0x210c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:31:44.0312 0x210c EventSystem - ok
10:31:44.0344 0x23ac Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost
10:31:44.0390 0x210c [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:31:44.0406 0x210c EvtEng - ok
10:31:44.0437 0x210c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:31:44.0453 0x210c exfat - ok
10:31:44.0484 0x210c [ EB3A7D5663ACAC417DF986D4AEE12170, E2E7A0DEF42E0E9D8E2A70FAEC84D4BB67D8C6F9F6B4C0DE884FA4A12C031F91 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
10:31:44.0484 0x210c Fastboot - ok
10:31:44.0531 0x210c [ 63511240AF70D10343A4AE05F8E2CA12, E4A873CE9F685E42347390F7D7D50CD8D3C9A5FCFFEA26093438F679D1CE275D ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
10:31:44.0562 0x210c FastbootService - ok
10:31:44.0578 0x210c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:31:44.0609 0x210c fastfat - ok
10:31:44.0671 0x210c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:31:44.0687 0x210c Fax - ok
10:31:44.0718 0x210c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:31:44.0718 0x210c fdc - ok
10:31:44.0749 0x210c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:31:44.0765 0x210c fdPHost - ok
10:31:44.0780 0x210c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:31:44.0796 0x210c FDResPub - ok
10:31:44.0812 0x210c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:31:44.0812 0x210c FileInfo - ok
10:31:44.0827 0x210c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:31:44.0858 0x210c Filetrace - ok
10:31:44.0858 0x210c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:31:44.0858 0x210c flpydisk - ok
10:31:44.0905 0x210c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:31:44.0905 0x210c FltMgr - ok
10:31:44.0999 0x210c [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
10:31:45.0030 0x210c FontCache - ok
10:31:45.0108 0x210c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:31:45.0124 0x210c FontCache3.0.0.0 - ok
10:31:45.0155 0x210c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:31:45.0170 0x210c FsDepends - ok
10:31:45.0217 0x210c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:31:45.0233 0x210c Fs_Rec - ok
10:31:45.0280 0x210c [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:31:45.0311 0x210c fvevol - ok
10:31:45.0342 0x210c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:31:45.0358 0x210c gagp30kx - ok
10:31:45.0404 0x210c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:31:45.0420 0x210c GEARAspiWDM - ok
10:31:45.0467 0x210c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:31:45.0514 0x210c gpsvc - ok
10:31:45.0592 0x210c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:45.0607 0x210c gupdate - ok
10:31:45.0623 0x210c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:45.0623 0x210c gupdatem - ok
10:31:45.0685 0x210c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:31:45.0716 0x210c gusvc - ok
10:31:45.0732 0x210c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:31:45.0748 0x210c hcw85cir - ok
10:31:45.0763 0x210c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:31:45.0779 0x210c HdAudAddService - ok
10:31:45.0810 0x210c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:31:45.0826 0x210c HDAudBus - ok
10:31:45.0826 0x210c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:31:45.0826 0x210c HidBatt - ok
10:31:45.0841 0x210c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:31:45.0841 0x210c HidBth - ok
10:31:45.0857 0x210c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:31:45.0857 0x210c HidIr - ok
10:31:45.0872 0x210c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:31:45.0888 0x210c hidserv - ok
10:31:45.0950 0x210c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:31:45.0966 0x210c HidUsb - ok
10:31:45.0997 0x210c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:31:46.0028 0x210c hkmsvc - ok
10:31:46.0044 0x210c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:31:46.0060 0x210c HomeGroupListener - ok
10:31:46.0075 0x210c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:31:46.0075 0x210c HomeGroupProvider - ok
10:31:46.0122 0x210c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:31:46.0138 0x210c HpSAMD - ok
10:31:46.0184 0x210c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:31:46.0216 0x210c HTTP - ok
10:31:46.0216 0x210c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:31:46.0216 0x210c hwpolicy - ok
10:31:46.0294 0x210c [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
10:31:46.0325 0x210c HyperW7Svc - ok
10:31:46.0340 0x210c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:31:46.0356 0x210c i8042prt - ok
10:31:46.0372 0x210c [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:31:46.0403 0x210c iaStor - ok
10:31:46.0434 0x210c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:31:46.0450 0x210c iaStorV - ok
10:31:46.0481 0x210c [ 72B253CDBCAA10E88AAD0BA39CC83BCD, 95FDC0E622C215D912607DDFC3D703AE0D9505960F98A418F44B7A9FA675B996 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
10:31:46.0481 0x210c IBMPMDRV - ok
10:31:46.0496 0x210c [ 4925FFB084C9AD02E8EEF01FB18BF5AC, B08CC31F9DB444C7A3E1DE0B294A573A6F58F440D9ADF4062835320129E10FD0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
10:31:46.0496 0x210c IBMPMSVC - ok
10:31:46.0559 0x210c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:31:46.0590 0x210c idsvc - ok
10:31:46.0606 0x210c IEEtwCollectorService - ok
10:31:46.0949 0x210c [ 5318D51AC69A9C0FEF67D36CBE8BEA68, DA4A575B3F071876062C1A1B0103F9B57F94D4BD52819A36D5DEAF90D614C595 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:31:47.0027 0x23ac Object send P2P result: true
10:31:47.0292 0x210c igfx - ok
10:31:47.0323 0x210c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:31:47.0339 0x210c iirsp - ok
10:31:47.0386 0x210c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:31:47.0401 0x210c IKEEXT - ok
10:31:47.0448 0x210c [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
10:31:47.0464 0x210c intaud_WaveExtensible - ok
10:31:47.0588 0x210c [ 354718FC1DD8498B772E11779173DEAF, F8AC3E6066D295735A79587D92DDB4A6D3A4C2BDBB2909B917DF49F83E4401E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:31:47.0666 0x210c IntcAzAudAddService - ok
10:31:47.0729 0x210c [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:31:47.0760 0x210c Intel(R) Capability Licensing Service Interface - ok
10:31:47.0776 0x210c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:31:47.0791 0x210c intelide - ok
10:31:47.0807 0x210c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:31:47.0822 0x210c intelppm - ok
10:31:47.0854 0x210c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:31:47.0885 0x210c IPBusEnum - ok
10:31:47.0885 0x210c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:31:47.0916 0x210c IpFilterDriver - ok
10:31:47.0932 0x210c [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:31:47.0963 0x210c iphlpsvc - ok
10:31:47.0963 0x210c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:31:47.0978 0x210c IPMIDRV - ok
10:31:47.0978 0x210c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:31:47.0994 0x210c IPNAT - ok
10:31:48.0056 0x210c [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:31:48.0072 0x210c iPod Service - ok
10:31:48.0103 0x210c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:31:48.0119 0x210c IRENUM - ok
10:31:48.0119 0x210c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:31:48.0119 0x210c isapnp - ok
10:31:48.0134 0x210c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:31:48.0150 0x210c iScsiPrt - ok
10:31:48.0166 0x210c [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:31:48.0181 0x210c iusb3hcs - ok
10:31:48.0197 0x210c [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:31:48.0212 0x210c iusb3hub - ok
10:31:48.0228 0x210c [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:31:48.0244 0x210c iusb3xhc - ok
10:31:48.0290 0x210c [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
10:31:48.0290 0x210c iwdbus - ok
10:31:48.0384 0x210c [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:31:48.0400 0x210c jhi_service - ok
10:31:48.0431 0x210c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:31:48.0446 0x210c kbdclass - ok
10:31:48.0478 0x210c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:31:48.0493 0x210c kbdhid - ok
10:31:48.0509 0x210c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
10:31:48.0540 0x210c KeyIso - ok
10:31:48.0587 0x210c [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:31:48.0602 0x210c KSecDD - ok
10:31:48.0618 0x210c [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:31:48.0634 0x210c KSecPkg - ok
10:31:48.0649 0x210c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:31:48.0680 0x210c ksthunk - ok
10:31:48.0712 0x210c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:31:48.0758 0x210c KtmRm - ok
10:31:48.0774 0x210c [ 3BE0319D6F9D5A0C4DDD037E0E19FFD4, 587F5FF690A40DD5F3F59CF8FA8FC8691846633462EB8220367F5193F5401CBE ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
10:31:48.0774 0x210c l36wgps - ok
10:31:48.0790 0x210c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:31:48.0821 0x210c LanmanServer - ok
10:31:48.0836 0x210c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:31:48.0852 0x210c LanmanWorkstation - ok
10:31:48.0899 0x210c [ 4A0235E9822B220339E34D8C122BB6D1, 75FE0158F4123E3252F543FED3F622547F32EE15B1ABA16C8D23405B6BAEBCE5 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
10:31:48.0914 0x210c LENOVO.CAMMUTE - ok
10:31:48.0946 0x210c [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
10:31:48.0961 0x210c LENOVO.MICMUTE - ok
10:31:48.0961 0x210c [ 93921A19D885755B9751C3744DBCB8FD, A1A59DE5819D2C4D4CEA4917DAB569925928165177F0B081D5C03BD6D7EFE3D2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
10:31:48.0977 0x210c LENOVO.TPKNRSVC - ok
10:31:48.0992 0x210c [ 79F99A4D59825839B7E563B4BCF52C5E, 3D7B1F292A36E8E4109557B880603B7BEB512457CC495F591DCE44EC34AA0E39 ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
10:31:49.0008 0x210c LENOVO.TVTVCAM - ok
10:31:49.0024 0x210c [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
10:31:49.0024 0x210c Lenovo.VIRTSCRLSVC - ok
10:31:49.0055 0x210c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:31:49.0086 0x210c lltdio - ok
10:31:49.0102 0x210c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:31:49.0133 0x210c lltdsvc - ok
10:31:49.0133 0x210c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:31:49.0164 0x210c lmhosts - ok
10:31:49.0195 0x210c [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:31:49.0195 0x210c LMS - ok
10:31:49.0304 0x210c [ CE87E8E09273791172F7A1C60B225648, 03AB8A69C5A58FD3BCFF9E36FF83338B6866D82E4E550CD7CED686C4CC096DC1 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
10:31:49.0320 0x210c LSCWinService - ok
10:31:49.0367 0x210c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:31:49.0382 0x210c LSI_FC - ok
10:31:49.0382 0x210c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:31:49.0398 0x210c LSI_SAS - ok
10:31:49.0414 0x210c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:31:49.0414 0x210c LSI_SAS2 - ok
10:31:49.0414 0x210c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:31:49.0429 0x210c LSI_SCSI - ok
10:31:49.0445 0x210c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:31:49.0476 0x210c luafv - ok
10:31:49.0507 0x210c [ FD998B716E1EBFE1174098FB9AA08635, FE010E7E3E583C3F3EC8D602B43C98CB91D047ED87E82B8D472E9C7391938E82 ] MacheenService C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
10:31:49.0523 0x210c MacheenService - ok
10:31:49.0554 0x210c [ 62732AF9512B911C330ACBBDBCC2F284, CBF2D4D21F96465FD693E2F3052675D1D7F23BE86098D08EF22E52D94E8C95E4 ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
10:31:49.0585 0x210c Mbm3CBus - ok
10:31:49.0601 0x210c [ BDC2D259CA9CFCED092B3B0B8557322D, A2C50A5BAE7B3AB0C1D8057FD15DFAB3F8B653A8A8B78572926B9CCEE032A8EA ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
10:31:49.0632 0x210c Mbm3DevMt - ok
10:31:49.0648 0x210c [ E55689A5E9349182C24312EFC9DF09FB, 6FD98B61C764215402625412E9E3F214020257C09F25C3B21C70AA46EC39019D ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
10:31:49.0663 0x210c Mbm3mdfl - ok
10:31:49.0679 0x210c [ FC1059C857D7B1083086BE04DB5EE09C, BF55702BBB6A0152F63A30E0897C42ED3F51CC1AD78C49F3589D423591C031E8 ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
10:31:49.0694 0x210c Mbm3Mdm - ok
10:31:49.0694 0x210c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:31:49.0710 0x210c Mcx2Svc - ok
10:31:49.0726 0x210c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:31:49.0726 0x210c megasas - ok
10:31:49.0741 0x210c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:31:49.0741 0x210c MegaSR - ok
10:31:49.0772 0x210c [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:31:49.0788 0x210c MEIx64 - ok
10:31:49.0804 0x210c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:31:49.0819 0x210c MMCSS - ok
10:31:49.0850 0x210c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:31:49.0866 0x210c Modem - ok
10:31:49.0897 0x210c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:31:49.0913 0x210c monitor - ok
10:31:49.0928 0x210c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:31:49.0944 0x210c mouclass - ok
10:31:49.0960 0x210c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:31:49.0960 0x210c mouhid - ok
10:31:50.0006 0x210c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:31:50.0022 0x210c mountmgr - ok
10:31:50.0038 0x210c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:31:50.0053 0x210c mpio - ok
10:31:50.0069 0x210c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:31:50.0100 0x210c mpsdrv - ok
10:31:50.0131 0x210c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:31:50.0162 0x210c MpsSvc - ok
10:31:50.0209 0x210c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:31:50.0225 0x210c MRxDAV - ok
10:31:50.0272 0x210c [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:31:50.0287 0x210c mrxsmb - ok
10:31:50.0318 0x210c [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:31:50.0334 0x210c mrxsmb10 - ok
10:31:50.0350 0x210c [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:31:50.0365 0x210c mrxsmb20 - ok
10:31:50.0381 0x210c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:31:50.0396 0x210c msahci - ok
10:31:50.0396 0x210c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:31:50.0412 0x210c msdsm - ok
10:31:50.0428 0x210c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:31:50.0443 0x210c MSDTC - ok
10:31:50.0474 0x210c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:31:50.0490 0x210c Msfs - ok
10:31:50.0506 0x210c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:31:50.0521 0x210c mshidkmdf - ok
10:31:50.0537 0x210c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:31:50.0552 0x210c msisadrv - ok
10:31:50.0568 0x210c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:31:50.0599 0x210c MSiSCSI - ok
10:31:50.0599 0x210c msiserver - ok
10:31:50.0615 0x210c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:31:50.0646 0x210c MSKSSRV - ok
10:31:50.0662 0x210c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:31:50.0677 0x210c MSPCLOCK - ok
10:31:50.0677 0x210c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:31:50.0708 0x210c MSPQM - ok
10:31:50.0724 0x210c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:31:50.0740 0x210c MsRPC - ok
10:31:50.0740 0x210c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:31:50.0755 0x210c mssmbios - ok
10:31:50.0755 0x210c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:31:50.0771 0x210c MSTEE - ok
10:31:50.0771 0x210c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:31:50.0786 0x210c MTConfig - ok
10:31:50.0786 0x210c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:31:50.0802 0x210c Mup - ok
10:31:50.0833 0x210c [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:31:50.0833 0x210c MyWiFiDHCPDNS - ok
10:31:50.0864 0x210c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:31:50.0896 0x210c napagent - ok
10:31:50.0927 0x210c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:31:50.0942 0x210c NativeWifiP - ok
10:31:51.0036 0x210c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:31:51.0067 0x210c NDIS - ok
10:31:51.0083 0x210c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:31:51.0098 0x210c NdisCap - ok
10:31:51.0114 0x210c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:31:51.0145 0x210c NdisTapi - ok
10:31:51.0145 0x210c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:31:51.0176 0x210c Ndisuio - ok
10:31:51.0176 0x210c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:31:51.0208 0x210c NdisWan - ok
10:31:51.0223 0x210c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:31:51.0239 0x210c NDProxy - ok
10:31:51.0270 0x210c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:31:51.0286 0x210c NetBIOS - ok
10:31:51.0317 0x210c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:31:51.0332 0x210c NetBT - ok
10:31:51.0332 0x210c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
10:31:51.0348 0x210c Netlogon - ok
10:31:51.0395 0x210c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:31:51.0442 0x210c Netman - ok
10:31:51.0457 0x210c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:31:51.0488 0x210c netprofm - ok
10:31:51.0520 0x210c [ 9D0157074866FCF3EA2A07185D93FC72, C4107EE60ADA7E326DF7B27602166E9D57CB9982717605730BF7C7D2401E30A9 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:31:51.0535 0x210c NetTcpPortSharing - ok
10:31:51.0800 0x210c [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
10:31:52.0034 0x210c NETwNs64 - ok
10:31:52.0081 0x210c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:31:52.0097 0x210c nfrd960 - ok
10:31:52.0175 0x210c [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
10:31:52.0190 0x210c NitroDriverReadSpool2 - ok
10:31:52.0237 0x210c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:31:52.0268 0x210c NlaSvc - ok
10:31:52.0284 0x210c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:31:52.0300 0x210c Npfs - ok
10:31:52.0315 0x210c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:31:52.0331 0x210c nsi - ok
10:31:52.0346 0x210c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:31:52.0362 0x210c nsiproxy - ok
10:31:52.0440 0x210c [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:31:52.0471 0x210c Ntfs - ok
10:31:52.0487 0x210c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:31:52.0502 0x210c Null - ok
10:31:52.0534 0x210c [ CE4EE0E09B5FECEA1CE979CF750BCAA4, A432CB4306D1A561C070990E7EFBDEF03D70883596A0A0B0F3C404296742AB7F ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
10:31:52.0549 0x210c nvkflt - ok
10:31:52.0861 0x210c [ A48BFF12CEBF631DC329FB4223201BFA, 612CBC85DA207DED303CE8095419E265E6D0121B0B101E05CF3276500588A07F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:31:53.0204 0x210c nvlddmkm - ok
10:31:53.0236 0x210c [ 159D8FDC772133B7D2551A22B14D5263, AD9D1F607806CD31A496C05D908038F6D30BAAF2B09C2A81CE569B7DB9BBF5D3 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
10:31:53.0236 0x210c nvpciflt - ok
10:31:53.0267 0x210c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:31:53.0282 0x210c nvraid - ok
10:31:53.0282 0x210c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:31:53.0298 0x210c nvstor - ok
10:31:53.0345 0x210c [ C4E884D605E12A1F815C89C830873BF7, F705420DECB702B0A1C530993E1855CADD6C7DAD30762B06E5035A09EB9288CA ] nvsvc C:\Windows\system32\nvvsvc.exe
10:31:53.0360 0x210c nvsvc - ok
10:31:53.0470 0x210c [ E504A2CB3E7CE879E882D263DF242FC1, 71EBA1BC11A3E34E6C90815A9563758F4F9403762658E8BE532656483C16895A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:31:53.0516 0x210c nvUpdatusService - ok
10:31:53.0563 0x210c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:31:53.0579 0x210c nv_agp - ok
10:31:53.0610 0x210c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:31:53.0626 0x210c ohci1394 - ok
10:31:53.0704 0x210c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:31:53.0719 0x210c ose - ok
10:31:53.0891 0x210c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:31:53.0984 0x210c osppsvc - ok
10:31:54.0016 0x210c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:31:54.0031 0x210c p2pimsvc - ok
10:31:54.0062 0x210c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:31:54.0078 0x210c p2psvc - ok
10:31:54.0094 0x210c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
10:31:54.0109 0x210c Parport - ok
10:31:54.0125 0x210c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:31:54.0140 0x210c partmgr - ok
10:31:54.0172 0x210c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:31:54.0187 0x210c PcaSvc - ok
10:31:54.0203 0x210c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:31:54.0203 0x210c pci - ok
10:31:54.0218 0x210c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:31:54.0218 0x210c pciide - ok
10:31:54.0218 0x210c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:31:54.0234 0x210c pcmcia - ok
10:31:54.0250 0x210c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:31:54.0250 0x210c pcw - ok
10:31:54.0374 0x210c [ B1078DE6104E20BC4CA9591D17CDD5C3, 25E06C059A10E0B6978C709CDAA2D36FE98FE51862B14FBCD3C79F27AC89CD3D ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
10:31:54.0406 0x210c PDF Architect Helper Service - ok
10:31:54.0437 0x210c [ 256D740E98DB5B86CB248EACADC5DBEC, 77634F3D840EF3B1045C92D5FE4752D6AA60D5372EB0139D4F98955627CD5EA0 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
10:31:54.0452 0x210c PDF Architect Service - ok
10:31:54.0484 0x210c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:31:54.0499 0x210c PEAUTH - ok
10:31:54.0546 0x210c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:31:54.0577 0x210c PeerDistSvc - ok
10:31:54.0624 0x210c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:31:54.0640 0x210c PerfHost - ok
10:31:54.0671 0x210c [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
10:31:54.0686 0x210c PHCORE - ok
10:31:54.0749 0x210c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:31:54.0796 0x210c pla - ok
10:31:54.0811 0x210c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:31:54.0827 0x210c PlugPlay - ok
10:31:54.0842 0x210c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:31:54.0842 0x210c PNRPAutoReg - ok
10:31:54.0874 0x210c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:31:54.0874 0x210c PNRPsvc - ok
10:31:54.0905 0x210c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:31:54.0936 0x210c PolicyAgent - ok
10:31:54.0967 0x210c [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
10:31:54.0967 0x210c Power - ok
10:31:55.0076 0x210c [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
10:31:55.0108 0x210c Power Manager DBC Service - ok
10:31:55.0154 0x210c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:31:55.0170 0x210c PptpMiniport - ok
10:31:55.0201 0x210c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:31:55.0201 0x210c Processor - ok
10:31:55.0248 0x210c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:31:55.0248 0x210c ProfSvc - ok
10:31:55.0264 0x210c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:31:55.0279 0x210c ProtectedStorage - ok
10:31:55.0295 0x210c [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
10:31:55.0310 0x210c psadd - ok
10:31:55.0326 0x210c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:31:55.0342 0x210c Psched - ok
10:31:55.0373 0x210c [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
10:31:55.0373 0x210c PSI_SVC_2 - ok
10:31:55.0451 0x210c [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
10:31:55.0498 0x210c PwmEWSvc - ok
10:31:55.0560 0x210c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:31:55.0591 0x210c ql2300 - ok
10:31:55.0607 0x210c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:31:55.0622 0x210c ql40xx - ok
10:31:55.0654 0x210c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:31:55.0669 0x210c QWAVE - ok
10:31:55.0685 0x210c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:31:55.0685 0x210c QWAVEdrv - ok
10:31:55.0685 0x210c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:31:55.0716 0x210c RasAcd - ok
10:31:55.0747 0x210c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:31:55.0763 0x210c RasAgileVpn - ok
10:31:55.0778 0x210c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:31:55.0794 0x210c RasAuto - ok
10:31:55.0810 0x210c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:31:55.0841 0x210c Rasl2tp - ok
10:31:55.0856 0x210c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:31:55.0888 0x210c RasMan - ok
10:31:55.0903 0x210c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:31:55.0919 0x210c RasPppoe - ok
10:31:55.0934 0x210c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:31:55.0950 0x210c RasSstp - ok
10:31:55.0966 0x210c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:31:55.0997 0x210c rdbss - ok
10:31:56.0012 0x210c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:31:56.0012 0x210c rdpbus - ok
10:31:56.0028 0x210c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:31:56.0044 0x210c RDPCDD - ok
10:31:56.0075 0x210c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:31:56.0075 0x210c RDPDR - ok
10:31:56.0075 0x210c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:31:56.0106 0x210c RDPENCDD - ok
10:31:56.0106 0x210c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:31:56.0137 0x210c RDPREFMP - ok
10:31:56.0168 0x210c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:31:56.0184 0x210c RDPWD - ok
10:31:56.0215 0x210c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:31:56.0231 0x210c rdyboost - ok
10:31:56.0262 0x210c [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:31:56.0278 0x210c RegSrvc - ok
10:31:56.0293 0x210c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:31:56.0309 0x210c RemoteAccess - ok
10:31:56.0340 0x210c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:31:56.0371 0x210c RemoteRegistry - ok
10:31:56.0402 0x210c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:31:56.0402 0x210c RFCOMM - ok
10:31:56.0434 0x210c [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
10:31:56.0449 0x210c risdxc - ok
10:31:56.0449 0x210c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:31:56.0480 0x210c RpcEptMapper - ok
10:31:56.0496 0x210c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:31:56.0496 0x210c RpcLocator - ok
10:31:56.0527 0x210c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:31:56.0543 0x210c RpcSs - ok
10:31:56.0574 0x210c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:31:56.0590 0x210c rspndr - ok
10:31:56.0605 0x210c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:31:56.0621 0x210c s3cap - ok
10:31:56.0636 0x210c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
10:31:56.0636 0x210c SamSs - ok
10:31:56.0652 0x210c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:31:56.0668 0x210c sbp2port - ok
10:31:56.0699 0x210c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:31:56.0746 0x210c SCardSvr - ok
10:31:56.0761 0x210c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:31:56.0792 0x210c scfilter - ok
10:31:56.0855 0x210c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
10:31:56.0886 0x210c Schedule - ok
10:31:56.0902 0x210c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:31:56.0933 0x210c SCPolicySvc - ok
10:31:56.0933 0x210c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:31:56.0948 0x210c SDRSVC - ok
10:31:56.0964 0x210c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:31:56.0980 0x210c secdrv - ok
10:31:56.0995 0x210c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:31:57.0011 0x210c seclogon - ok
10:31:57.0042 0x210c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:31:57.0073 0x210c SENS - ok
10:31:57.0089 0x210c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:31:57.0104 0x210c SensrSvc - ok
10:31:57.0120 0x210c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:31:57.0120 0x210c Serenum - ok
10:31:57.0151 0x210c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:31:57.0151 0x210c Serial - ok
10:31:57.0182 0x210c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:31:57.0182 0x210c sermouse - ok
10:31:57.0198 0x210c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:31:57.0214 0x210c SessionEnv - ok
10:31:57.0229 0x210c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:31:57.0229 0x210c sffdisk - ok
10:31:57.0229 0x210c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:31:57.0245 0x210c sffp_mmc - ok
10:31:57.0245 0x210c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:31:57.0245 0x210c sffp_sd - ok
10:31:57.0260 0x210c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:31:57.0260 0x210c sfloppy - ok
10:31:57.0292 0x210c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:31:57.0307 0x210c SharedAccess - ok
10:31:57.0338 0x210c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:31:57.0354 0x210c ShellHWDetection - ok
10:31:57.0385 0x210c [ 7AC6FBFC13ABA3F15B05986412D10E10, B93E0E18C9883BAE7238389B8E2E3D66CB925BD62B293625FF8B6C3AF4501EC8 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
10:31:57.0416 0x210c Shockprf - ok
10:31:57.0432 0x210c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:31:57.0432 0x210c SiSRaid2 - ok
10:31:57.0448 0x210c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:31:57.0448 0x210c SiSRaid4 - ok
10:31:57.0479 0x210c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:31:57.0510 0x210c Smb - ok
10:31:57.0541 0x210c [ 3BC2844AF786CA422CC31D505ACFA9F2, 38936490E2F404FC1235D8C6C7E87809E2935057041CBE884D887B0A69A47279 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
10:31:57.0557 0x210c smihlp - ok
10:31:57.0572 0x210c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:31:57.0588 0x210c SNMPTRAP - ok
10:31:57.0604 0x210c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:31:57.0604 0x210c spldr - ok
10:31:57.0635 0x210c [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
10:31:57.0682 0x210c Spooler - ok
10:31:57.0760 0x210c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:31:57.0838 0x210c sppsvc - ok
10:31:57.0853 0x210c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:31:57.0869 0x210c sppuinotify - ok
10:31:57.0900 0x210c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:31:57.0916 0x210c srv - ok
10:31:57.0931 0x210c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:31:57.0947 0x210c srv2 - ok
10:31:57.0947 0x210c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:31:57.0962 0x210c srvnet - ok
10:31:57.0994 0x210c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:31:58.0025 0x210c SSDPSRV - ok
10:31:58.0025 0x210c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:31:58.0056 0x210c SstpSvc - ok
10:31:58.0087 0x210c [ 78CD64791F8634CF7B582FD085E57C4B, 8807D7821F9A5E190F6C8F45A0E4F1FD62C8C4614D3958D13A64789E63D93078 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
10:31:58.0087 0x210c ssudmdm - ok
10:31:58.0134 0x210c [ 5166A8690D912B0B9F29FBB028EA9FE7, 2C677F17388269923B6A08259BD22DC2BF0A9D3FEEF295B18807FF8D99EDF8EB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:31:58.0150 0x210c Stereo Service - ok
10:31:58.0165 0x210c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:31:58.0165 0x210c stexstor - ok
10:31:58.0212 0x210c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
10:31:58.0228 0x210c StillCam - ok
10:31:58.0290 0x210c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:31:58.0337 0x210c stisvc - ok
10:31:58.0337 0x210c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:31:58.0352 0x210c storflt - ok
10:31:58.0368 0x210c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
10:31:58.0384 0x210c StorSvc - ok
10:31:58.0399 0x210c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:31:58.0415 0x210c storvsc - ok
10:31:58.0415 0x210c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:31:58.0430 0x210c swenum - ok
10:31:58.0462 0x210c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:31:58.0477 0x210c swprv - ok
10:31:58.0524 0x210c [ 883D2880144FD3ED9F1C04B5B5B9B562, 17C582DE9E614F3AFF76ED808358E1006A5AAFEDAE155F6FB527A1AEE3AFF3EF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:31:58.0540 0x210c SynTP - ok
10:31:58.0602 0x210c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
10:31:58.0649 0x210c SysMain - ok
10:31:58.0664 0x210c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:31:58.0664 0x210c TabletInputService - ok
10:31:58.0696 0x210c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:31:58.0711 0x210c TapiSrv - ok
10:31:58.0758 0x210c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:31:58.0774 0x210c TBS - ok
10:31:58.0898 0x210c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:31:58.0930 0x210c Tcpip - ok
10:31:58.0976 0x210c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:31:59.0008 0x210c TCPIP6 - ok
10:31:59.0023 0x210c [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:31:59.0054 0x210c tcpipreg - ok
10:31:59.0054 0x210c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:31:59.0070 0x210c TDPIPE - ok
10:31:59.0086 0x210c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:31:59.0101 0x210c TDTCP - ok
10:31:59.0132 0x210c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:31:59.0132 0x210c tdx - ok
10:31:59.0148 0x210c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:31:59.0148 0x210c TermDD - ok
10:31:59.0226 0x210c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:31:59.0257 0x210c TermService - ok
10:31:59.0273 0x210c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:31:59.0288 0x210c Themes - ok
10:31:59.0304 0x210c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:31:59.0335 0x210c THREADORDER - ok
10:31:59.0351 0x210c [ BC148E3415BF8A9DE83364966F75044F, 0F4604753E8202A7CA0F0C2E08983911327E0E44E453CE91B9B9A80A5554EC16 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
10:31:59.0351 0x210c TPDIGIMN - ok
10:31:59.0366 0x210c [ BBD91008BEC4A2BA5D383BC9A15D6F9E, 6A61E05F2189CB586440E0D5CB0126282459EAE9F29C9DD2D6E4583D230BF29E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
10:31:59.0382 0x210c TPHDEXLGSVC - ok
10:31:59.0413 0x210c [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
10:31:59.0413 0x210c TPHKLOAD - ok
10:31:59.0429 0x210c [ 046A7B412E4E6C4A7B426441E143F0F2, 8E42A888087A4DE20828652049D54955806986422C6A67C7A42499A0FB1CA1E2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
10:31:59.0444 0x210c TPHKSVC - ok
10:31:59.0476 0x210c [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
10:31:59.0491 0x210c TPM - ok
10:31:59.0491 0x210c [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
10:31:59.0507 0x210c TPPWRIF - ok
10:31:59.0522 0x210c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:31:59.0554 0x210c TrkWks - ok
10:31:59.0600 0x210c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:31:59.0616 0x210c TrustedInstaller - ok
10:31:59.0663 0x210c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:31:59.0663 0x210c tssecsrv - ok
10:31:59.0678 0x210c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:31:59.0694 0x210c TsUsbFlt - ok
10:31:59.0694 0x210c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:31:59.0694 0x210c TsUsbGD - ok
10:31:59.0725 0x210c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:31:59.0772 0x210c tunnel - ok
10:31:59.0803 0x210c [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
10:31:59.0803 0x210c TVTI2C - ok
10:31:59.0819 0x210c [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
10:31:59.0819 0x210c tvtvcamd - ok
10:31:59.0834 0x210c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:31:59.0834 0x210c uagp35 - ok
10:31:59.0850 0x210c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:31:59.0881 0x210c udfs - ok
10:31:59.0897 0x210c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:31:59.0912 0x210c UI0Detect - ok
10:31:59.0944 0x210c [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:31:59.0959 0x210c UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
10:32:02.0533 0x210c Detect skipped due to KSN trusted
10:32:02.0533 0x210c UleadBurningHelper - ok
10:32:02.0580 0x210c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:32:02.0611 0x210c uliagpkx - ok
10:32:02.0627 0x210c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:32:02.0642 0x210c umbus - ok
10:32:02.0658 0x210c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:32:02.0658 0x210c UmPass - ok
10:32:02.0689 0x210c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
10:32:02.0705 0x210c UmRdpService - ok
10:32:02.0798 0x210c [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:32:02.0830 0x210c UNS - ok
10:32:02.0861 0x210c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:32:02.0892 0x210c upnphost - ok
10:32:02.0923 0x210c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:32:02.0923 0x210c USBAAPL64 - ok
10:32:02.0970 0x210c [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:32:02.0986 0x210c usbccgp - ok
10:32:03.0032 0x210c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:32:03.0064 0x210c usbcir - ok
10:32:03.0079 0x210c [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:32:03.0079 0x210c usbehci - ok
10:32:03.0110 0x210c [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:32:03.0126 0x210c usbhub - ok
10:32:03.0142 0x210c [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:32:03.0142 0x210c usbohci - ok
10:32:03.0173 0x210c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:32:03.0188 0x210c usbprint - ok
10:32:03.0204 0x210c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:32:03.0204 0x210c USBSTOR - ok
10:32:03.0220 0x210c [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:32:03.0220 0x210c usbuhci - ok
10:32:03.0235 0x210c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:32:03.0251 0x210c usbvideo - ok
10:32:03.0266 0x210c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:32:03.0282 0x210c UxSms - ok
10:32:03.0298 0x210c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
10:32:03.0298 0x210c VaultSvc - ok
10:32:03.0313 0x210c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:32:03.0313 0x210c vdrvroot - ok
10:32:03.0344 0x210c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:32:03.0360 0x210c vds - ok
10:32:03.0376 0x210c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:32:03.0376 0x210c vga - ok
10:32:03.0391 0x210c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:32:03.0407 0x210c VgaSave - ok
10:32:03.0422 0x210c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:32:03.0438 0x210c vhdmp - ok
10:32:03.0438 0x210c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:32:03.0454 0x210c viaide - ok
10:32:03.0500 0x210c [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
10:32:03.0516 0x210c VIPAppService - ok
10:32:03.0532 0x210c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:32:03.0563 0x210c vmbus - ok
10:32:03.0563 0x210c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:32:03.0578 0x210c VMBusHID - ok
10:32:03.0594 0x210c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:32:03.0610 0x210c volmgr - ok
10:32:03.0625 0x210c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:32:03.0641 0x210c volmgrx - ok
10:32:03.0672 0x210c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:32:03.0688 0x210c volsnap - ok
10:32:03.0703 0x210c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:32:03.0719 0x210c vsmraid - ok
10:32:03.0797 0x210c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:32:03.0859 0x210c VSS - ok
10:32:03.0859 0x210c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:32:03.0875 0x210c vwifibus - ok
10:32:03.0890 0x210c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:32:03.0906 0x210c vwififlt - ok
10:32:03.0906 0x210c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:32:03.0922 0x210c vwifimp - ok
10:32:03.0937 0x210c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:32:03.0968 0x210c W32Time - ok
10:32:04.0000 0x210c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:32:04.0000 0x210c WacomPen - ok
10:32:04.0031 0x210c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:32:04.0046 0x210c WANARP - ok
10:32:04.0062 0x210c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:32:04.0078 0x210c Wanarpv6 - ok
10:32:04.0124 0x210c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:32:04.0156 0x210c wbengine - ok
10:32:04.0171 0x210c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:32:04.0187 0x210c WbioSrvc - ok
10:32:04.0202 0x210c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:32:04.0218 0x210c wcncsvc - ok
10:32:04.0234 0x210c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:32:04.0249 0x210c WcsPlugInService - ok
10:32:04.0265 0x210c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:32:04.0265 0x210c Wd - ok
10:32:04.0327 0x210c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:32:04.0343 0x210c Wdf01000 - ok
10:32:04.0374 0x210c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:32:04.0374 0x210c WdiServiceHost - ok
10:32:04.0390 0x210c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:32:04.0390 0x210c WdiSystemHost - ok
10:32:04.0436 0x210c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
10:32:04.0452 0x210c WebClient - ok
10:32:04.0530 0x210c [ 507D80C0ACCC3B4FC123BD99D0AF3F97, 09AF6BBAFEA01B0A108C2EFE019F3D8ACA89C2C9D2DEB5F7E83F4E9971BAD338 ] WebUpdate4 C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
10:32:04.0561 0x210c WebUpdate4 - ok
10:32:04.0577 0x210c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:32:04.0639 0x210c Wecsvc - ok
10:32:04.0655 0x210c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:32:04.0686 0x210c wercplsupport - ok
10:32:04.0686 0x210c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:32:04.0717 0x210c WerSvc - ok
10:32:04.0748 0x210c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:32:04.0764 0x210c WfpLwf - ok
10:32:04.0780 0x210c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:32:04.0780 0x210c WIMMount - ok
10:32:04.0795 0x210c WinDefend - ok
10:32:04.0795 0x210c WinHttpAutoProxySvc - ok
10:32:04.0858 0x210c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:32:04.0873 0x210c Winmgmt - ok
10:32:04.0951 0x210c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:32:05.0014 0x210c WinRM - ok
10:32:05.0045 0x210c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
10:32:05.0060 0x210c WinUsb - ok
10:32:05.0092 0x210c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:32:05.0107 0x210c Wlansvc - ok
10:32:05.0154 0x210c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:32:05.0154 0x210c wlcrasvc - ok
10:32:05.0248 0x210c [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:32:05.0279 0x210c wlidsvc - ok
10:32:05.0310 0x210c WMCoreService - ok
10:32:05.0341 0x210c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:32:05.0357 0x210c WmiAcpi - ok
10:32:05.0388 0x210c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:32:05.0404 0x210c wmiApSrv - ok
10:32:05.0419 0x210c WMPNetworkSvc - ok
10:32:05.0450 0x210c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:32:05.0466 0x210c WPCSvc - ok
10:32:05.0482 0x210c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:32:05.0497 0x210c WPDBusEnum - ok
10:32:05.0513 0x210c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:32:05.0528 0x210c ws2ifsl - ok
10:32:05.0544 0x210c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:32:05.0560 0x210c wscsvc - ok
10:32:05.0560 0x210c WSearch - ok
10:32:05.0653 0x210c [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
10:32:05.0700 0x210c wuauserv - ok
10:32:05.0716 0x210c [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:32:05.0747 0x210c WudfPf - ok
10:32:05.0762 0x210c [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:32:05.0778 0x210c WUDFRd - ok
10:32:05.0809 0x210c [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:32:05.0825 0x210c wudfsvc - ok
10:32:05.0840 0x210c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:32:05.0856 0x210c WwanSvc - ok
10:32:05.0872 0x210c [ 747DA6EE261B3760201D7738E0FD59B8, B32F8CB8F112FA1C067AEE1615882C6FAFAB671347A44E37C4B476DF3DC7B430 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
10:32:05.0887 0x210c WwanUsbServ - ok
10:32:06.0012 0x210c [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
10:32:06.0059 0x210c ZeroConfigService - ok
10:32:06.0074 0x210c ================ Scan global ===============================
10:32:06.0106 0x210c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:32:06.0152 0x210c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
10:32:06.0168 0x210c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
10:32:06.0199 0x210c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:32:06.0246 0x210c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:32:06.0262 0x210c [ Global ] - ok
10:32:06.0262 0x210c ================ Scan MBR ==================================
10:32:06.0277 0x210c [ FE2CEF994787ACC87A640B5C5171A8DF ] \Device\Harddisk0\DR0
10:32:06.0558 0x210c \Device\Harddisk0\DR0 - ok
10:32:06.0558 0x210c [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
10:32:20.0785 0x210c \Device\Harddisk1\DR1 - ok
10:32:20.0785 0x210c ================ Scan VBR ==================================
10:32:20.0785 0x210c [ 40C37684D94646DA6497CB2C56942A8E ] \Device\Harddisk0\DR0\Partition1
10:32:20.0785 0x210c \Device\Harddisk0\DR0\Partition1 - ok
10:32:20.0832 0x210c [ 2633F1D97F666FF659085477FFA421C1 ] \Device\Harddisk0\DR0\Partition2
10:32:20.0832 0x210c \Device\Harddisk0\DR0\Partition2 - ok
10:32:20.0832 0x210c [ F637DE8C9612A3A7CE99ACD122B42970 ] \Device\Harddisk0\DR0\Partition3
10:32:20.0832 0x210c \Device\Harddisk0\DR0\Partition3 - ok
10:32:20.0832 0x210c [ D235282A75F547FE9B4511AD471714D6 ] \Device\Harddisk1\DR1\Partition1
10:32:20.0848 0x210c \Device\Harddisk1\DR1\Partition1 - ok
10:32:20.0848 0x210c ================ Scan generic autorun ======================
10:32:21.0128 0x210c [ 768E8D93FC15F11F37134CCA62973E4B, 70FF22A12FE5BB3BFED9F222667F53ADB23E82329549B657F4AB450616F44988 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:32:21.0300 0x210c RTHDVCPL - ok
10:32:21.0347 0x210c [ 813EE7316A9B44303D97DDE00626A527, 745F361D9EE969FC836D3D8B909BC9216471351AE828D2B3B6406245854FE01A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:32:21.0362 0x210c RtHDVBg_Dolby - ok
10:32:21.0394 0x210c [ 448FE6C931EE040404A20EC721C184B0, B83322CDD84A58F87CC3F5C9FC9C48C5E27B4B6A915C0C82ED53350AD866BED1 ] C:\Windows\system32\hkcmd.exe
10:32:21.0394 0x210c HotKeysCmds - ok
10:32:21.0409 0x210c [ 7A37463E3ED901A784E5934CD724998D, 1AAC8059B0C7A65A5B421F92F1D055A52BDD36877365FA003C1BA1712C0519A5 ] C:\Windows\system32\igfxpers.exe
10:32:21.0425 0x210c Persistence - ok
10:32:21.0425 0x210c SynTPEnh - ok
10:32:21.0440 0x210c [ CA169D8C33B5C7D38F146146D635BB5A, 0F7C021BD92ECFF8FEE5D1D1F5920E85B53C1DE7874F21CEBCF9E9F2BD0590BF ] C:\Windows\system32\TpShocks.exe
10:32:21.0440 0x210c TpShocks - ok
10:32:21.0487 0x210c [ 98D545CE59F64C2C4D005A4A61BB0835, 22EEE378BF46A12E910429DECA5D68E38319A6BC20FEF3E2D7BC450D9141658A ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
10:32:21.0518 0x210c LENOVO.TPKNRRES - ok
10:32:21.0596 0x210c [ 3D0AA1C5F67BAC9ED036FB6C815562C6, 6563601CAFA7BC11DD6FD666195C0DA58E646D685C6F5063081086C96F8A9F43 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
10:32:21.0612 0x210c AcWin7Hlpr - ok
10:32:21.0659 0x210c [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
10:32:21.0674 0x210c RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
10:32:24.0233 0x210c Detect skipped due to KSN trusted
10:32:24.0233 0x210c RotateImage - ok
10:32:24.0280 0x210c [ 6BA8D86746935498D64CB5CF6286F2EB, E47D1DEE39451428344233DB15412BCB486C4F6FE1D0426F20AA4C6245387926 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
10:32:24.0311 0x210c USB3MON - ok
10:32:24.0358 0x210c [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
10:32:24.0373 0x210c IMSS - ok
10:32:24.0420 0x210c [ EFC77110B674E4F0945E7E85E2EAAB7C, F6CC7D74C45A9EDAC81E97EB225DD1465A640A6DF79605A468C1C381FB12D5F4 ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
10:32:24.0436 0x210c Dolby Advanced Audio v2 - ok
10:32:24.0436 0x210c PWMTRV - ok
10:32:24.0482 0x210c [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:32:24.0498 0x210c Adobe ARM - ok
10:32:24.0576 0x210c [ 885A81A05F749897A455F439E302F1BD, F4CF5980A7CE5449CF5CF1586AE0FCDE0F4C640CBDD0FE5C1870412017A3CB29 ] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
10:32:24.0607 0x210c Fastboot - ok
10:32:24.0732 0x210c [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
10:32:24.0841 0x210c Lenovo Registration - ok
10:32:25.0028 0x210c [ AA5781B52C1E26FE48565118007B3C97, 7E13BC1BC3A0FB848B7017A9E45051CFA09A5418AFE312D6917477668594CC18 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
10:32:25.0091 0x210c KiesTrayAgent - ok
10:32:25.0169 0x210c [ CA3BC92AF8FCDB85C06AFB5E70D29BFA, E7FC1E740001A4ACE8F652A74F7F85514D4F352D39F4D0043F914F074A2F55BC ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
10:32:25.0184 0x210c IJNetworkScanUtility - ok
10:32:25.0262 0x210c [ EE476C51FE76EAAA1496446B97ED7F5E, 1ECF454A38A6BDE5DD93AD3F09DCCBD36F748F23094F31FC2EB50A1FA7D9BED1 ] C:\Program Files (x86)\QNAP\NetBak\NetBak.exe
10:32:25.0309 0x210c QNAP_NASNetBak - detected UnsignedFile.Multi.Generic ( 1 )
10:32:27.0868 0x210c Detect skipped due to KSN trusted
10:32:27.0868 0x210c QNAP_NASNetBak - ok
10:32:27.0930 0x210c [ 0360ACCC97132C5051189C9D9370309E, 113CE9B2B7FE1E0C6A0937E05E157BC98C7142F01E1D1EAA2A905A8D6B8E967D ] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
10:32:27.0946 0x210c MobileAccess - ok
10:32:28.0024 0x210c [ 79C28DDF889C26FDD6162F796FD49BC4, C1E2468B4F0F52BD707D16656F33CC438AF8E18A38BB6CFB64D11F23993F72F0 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:32:28.0039 0x210c iTunesHelper - ok
10:32:28.0148 0x210c [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
10:32:28.0180 0x210c avgnt - ok
10:32:28.0258 0x210c [ A8E69DA21AEEB9DAA55D90E87AC1A549, 175AF750A1DF53555D0CB6C61312CEE37E2CB182873041A8AE38C57EA01DC2F5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
10:32:28.0273 0x210c Avira SystrayStartTrigger - ok
10:32:28.0351 0x210c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:32:28.0398 0x210c Sidebar - ok
10:32:28.0429 0x210c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:32:28.0445 0x210c mctadmin - ok
10:32:28.0460 0x210c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:32:28.0492 0x210c Sidebar - ok
10:32:28.0492 0x210c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:32:28.0507 0x210c mctadmin - ok
10:32:28.0523 0x210c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:32:28.0554 0x210c Sidebar - ok
10:32:28.0554 0x210c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:32:28.0570 0x210c mctadmin - ok
10:32:28.0616 0x210c [ D548DFFFB69136C9CB7A4F754C40264D, 0AF2424E8D74EA4AE8404128CB44F1EBF1B22ADCF80192971F0F6FCB47D8ABA9 ] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe
10:32:28.0648 0x210c KiesHelper - ok
10:32:28.0648 0x210c KiesAirMessage - ok
10:32:28.0710 0x210c [ 4E1ECCEF5A912FC3DC950CDFE2CA961B, 515B64AE2FE6E9C28F8951F879E4E7CC47BFD07A9BD4AA5450B66BEC0572C1E9 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
10:32:28.0710 0x210c KiesPDLR - ok
10:32:28.0710 0x210c Waiting for KSN requests completion. In queue: 27
10:32:29.0724 0x210c Waiting for KSN requests completion. In queue: 27
10:32:30.0738 0x210c Waiting for KSN requests completion. In queue: 27
10:32:31.0799 0x210c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
10:32:31.0814 0x210c Win FW state via NFP2: enabled ( trusted )
10:32:34.0388 0x210c ===============================
10:32:34.0388 0x210c Scan finished
10:32:34.0388 0x210c ===========================
10:32:34.0388 0x2194 Detected object count: 0
10:32:34.0388 0x2194 Actual detected object count: 0
10:32:51.0876 0x12a8 Deinitialize success
|
|
23.11.2015, 14:33
| #8 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung Bedep Gibt es noch einen Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.11.2015, 20:01
| #9 |
| | Telekom Abuse-Meldung Bedep Hallo, der dritte ist mein Firmen-Laptop, auf dem ich gar keine Admin- Rechte habe. Ich weiß nicht, ob der überhaupt in Frage kommt, weil eigentlich geht da alles nur per VPN Tunnel in die Firma... Danke für deine Unterstützung. Donation folgt. Schöne Woche und Grüße, Armin |
|
24.11.2015, 22:15
| #10 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung Bedep kann trotzdem sein. Ich seh bei den andern beiden nix 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Telekom Abuse-Meldung Bedep |
| antivir, antivirus, avira, bonjour, canon, cpu, defender, desktop, dnsapi.dll, email, failed, flash player, ftp, homepage, installation, logfile, mozilla, netzwerk, prozesse, realtek, registry, scan, server, services.exe, system, usb, windows, windows 10 pro, windowsapps |
Linear-Darstellung
