| |
| |||||||
Log-Analyse und Auswertung: Windows7: Trojaner, registy befallen, HKU, HKCUWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.11.2015, 20:52
| #1 |
 |  Windows7: Trojaner, registy befallen, HKU, HKCU AVIRA hat einen Virus/ Trojaner gefunden. Habe die betreffenden Dateien in Quarantäne geschickt. In den Tagen danach kamen erneut zwei Virusmeldungen. Habe Malware heruntergeladen, Suche ergab keine Treffer. Systemprüfung mit AdwCleaner: 2 Funde in der Registy. Kann mir jemand helfen, den Virus/ Trojaner komplett zu entfernen? Untenstehend die LOG vom AdwCleaner und die letzte logfile von Avira Vielen, herzlichen Dank, Marie AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.022 - Bericht erstellt am 29/11/2015 um 20:19:08
# Aktualisiert am 22/11/2015 von Xplode
# Datenbank : 2015-11-29.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Marie-Luise - MARIE-NOTEBOOK
# Gestartet von : C:\Users\Marie-Luise\Desktop\adwcleaner_5.022.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKU\S-1-5-21-1401465016-1591747146-3379758321-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [944 Bytes] ##########
Letzte logfile von Antivira: Code:
ATTFilter Free Antivirus
Erstellungsdatum der Reportdatei: Samstag, 28. November 2015 21:06
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : MARIE-NOTEBOOK
Versionsinformationen:
BUILD.DAT : 15.0.13.210 92152 Bytes 05.10.2015 15:51:00
AVSCAN.EXE : 15.0.13.202 1183208 Bytes 11.10.2015 18:10:03
AVSCANRC.DLL : 15.0.13.158 67688 Bytes 11.10.2015 18:10:03
LUKE.DLL : 15.0.13.190 69248 Bytes 11.10.2015 18:10:13
AVSCPLR.DLL : 15.0.13.202 106352 Bytes 11.10.2015 18:10:03
REPAIR.DLL : 15.0.13.193 517328 Bytes 11.10.2015 18:10:02
REPAIR.RDF : 1.0.12.48 1359646 Bytes 27.11.2015 18:03:05
AVREG.DLL : 15.0.13.193 339632 Bytes 11.10.2015 18:10:02
AVLODE.DLL : 15.0.13.193 633688 Bytes 11.10.2015 18:10:01
AVLODE.RDF : 14.0.5.6 84211 Bytes 31.08.2015 19:47:03
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00154.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:02:59
XBV00155.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:02:59
XBV00156.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:02:59
XBV00157.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:02:59
XBV00158.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00159.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00160.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00161.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00162.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00163.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00164.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00165.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00166.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00167.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00168.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00169.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00170.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00171.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00172.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00173.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00174.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00175.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00176.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00177.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00178.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00179.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00180.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00181.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00182.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00183.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00184.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00185.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00186.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00187.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00188.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00189.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00190.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:00
XBV00191.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00192.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00193.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00194.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00195.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00196.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00197.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00198.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00199.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00200.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00201.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00202.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00203.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00204.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00205.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00206.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00207.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00208.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00209.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00210.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00211.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00212.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00213.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00214.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00215.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00216.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00217.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00218.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00219.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00220.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00221.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:01
XBV00222.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00223.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00224.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00225.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00226.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00227.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00228.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00229.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00230.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00231.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00232.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00233.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00234.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00235.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00236.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00237.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00238.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00239.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00240.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00241.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00242.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00243.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00244.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00245.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00246.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00247.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00248.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00249.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00250.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00251.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00252.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00253.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:02
XBV00254.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:03
XBV00255.VDF : 8.12.28.114 2048 Bytes 17.11.2015 18:03:03
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 13:23:57
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 13:23:57
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 13:23:57
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 13:23:57
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 13:23:57
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 13:23:57
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 13:23:57
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:23:57
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 13:23:57
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 13:23:57
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 13:23:57
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 13:23:57
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 13:23:57
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 13:23:57
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 13:23:57
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 13:23:57
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 13:23:57
XBV00017.VDF : 8.11.219.166 2033664 Bytes 25.03.2015 13:23:57
XBV00018.VDF : 8.11.225.88 2367488 Bytes 22.04.2015 11:48:07
XBV00019.VDF : 8.11.230.186 1674752 Bytes 13.05.2015 11:48:08
XBV00020.VDF : 8.11.237.30 4711936 Bytes 02.06.2015 18:55:50
XBV00021.VDF : 8.11.243.12 2747904 Bytes 26.06.2015 18:27:16
XBV00022.VDF : 8.11.248.172 2350592 Bytes 17.07.2015 09:25:53
XBV00023.VDF : 8.11.254.112 2570752 Bytes 07.08.2015 07:06:21
XBV00024.VDF : 8.12.3.6 2196480 Bytes 27.08.2015 18:04:01
XBV00025.VDF : 8.12.8.238 1951232 Bytes 16.09.2015 12:28:20
XBV00026.VDF : 8.12.16.180 2211328 Bytes 07.10.2015 09:54:27
XBV00027.VDF : 8.12.21.126 2252288 Bytes 27.10.2015 21:45:21
XBV00028.VDF : 8.12.28.114 2935296 Bytes 17.11.2015 18:02:56
XBV00042.VDF : 8.12.28.118 33792 Bytes 17.11.2015 18:02:56
XBV00043.VDF : 8.12.28.122 39424 Bytes 17.11.2015 18:02:56
XBV00044.VDF : 8.12.28.124 2048 Bytes 18.11.2015 18:02:56
XBV00045.VDF : 8.12.28.128 51712 Bytes 18.11.2015 18:02:56
XBV00046.VDF : 8.12.28.130 2048 Bytes 18.11.2015 18:02:56
XBV00047.VDF : 8.12.28.132 14336 Bytes 18.11.2015 18:02:56
XBV00048.VDF : 8.12.28.158 10752 Bytes 18.11.2015 18:02:56
XBV00049.VDF : 8.12.28.184 5632 Bytes 18.11.2015 18:02:56
XBV00050.VDF : 8.12.28.210 3584 Bytes 18.11.2015 18:02:56
XBV00051.VDF : 8.12.28.236 10240 Bytes 18.11.2015 18:02:56
XBV00052.VDF : 8.12.29.6 27136 Bytes 18.11.2015 18:02:56
XBV00053.VDF : 8.12.29.8 3072 Bytes 18.11.2015 18:02:56
XBV00054.VDF : 8.12.29.10 15360 Bytes 18.11.2015 18:02:56
XBV00055.VDF : 8.12.29.12 2048 Bytes 18.11.2015 18:02:56
XBV00056.VDF : 8.12.29.14 2048 Bytes 18.11.2015 18:02:56
XBV00057.VDF : 8.12.29.16 13312 Bytes 18.11.2015 17:55:12
XBV00058.VDF : 8.12.29.18 2048 Bytes 18.11.2015 17:55:13
XBV00059.VDF : 8.12.29.20 15360 Bytes 18.11.2015 17:55:13
XBV00060.VDF : 8.12.29.22 6144 Bytes 18.11.2015 17:55:13
XBV00061.VDF : 8.12.29.24 6144 Bytes 18.11.2015 17:55:13
XBV00062.VDF : 8.12.29.26 13312 Bytes 18.11.2015 17:55:13
XBV00063.VDF : 8.12.29.28 15872 Bytes 18.11.2015 17:55:13
XBV00064.VDF : 8.12.29.52 39424 Bytes 19.11.2015 17:55:13
XBV00065.VDF : 8.12.29.72 8192 Bytes 19.11.2015 17:55:13
XBV00066.VDF : 8.12.29.92 13824 Bytes 19.11.2015 17:55:13
XBV00067.VDF : 8.12.29.112 2048 Bytes 19.11.2015 17:55:13
XBV00068.VDF : 8.12.29.156 62464 Bytes 19.11.2015 17:41:21
XBV00069.VDF : 8.12.29.176 2048 Bytes 19.11.2015 17:41:21
XBV00070.VDF : 8.12.29.196 17408 Bytes 19.11.2015 17:41:21
XBV00071.VDF : 8.12.29.198 2048 Bytes 19.11.2015 17:41:21
XBV00072.VDF : 8.12.29.200 2048 Bytes 19.11.2015 17:41:21
XBV00073.VDF : 8.12.29.202 2048 Bytes 19.11.2015 17:41:21
XBV00074.VDF : 8.12.29.204 2048 Bytes 19.11.2015 17:41:21
XBV00075.VDF : 8.12.29.206 13312 Bytes 19.11.2015 17:41:21
XBV00076.VDF : 8.12.29.210 37888 Bytes 20.11.2015 17:41:21
XBV00077.VDF : 8.12.29.212 2048 Bytes 20.11.2015 17:41:21
XBV00078.VDF : 8.12.29.252 2048 Bytes 20.11.2015 17:41:21
XBV00079.VDF : 8.12.30.16 27136 Bytes 20.11.2015 17:41:21
XBV00080.VDF : 8.12.30.56 11776 Bytes 20.11.2015 17:41:21
XBV00081.VDF : 8.12.30.76 39936 Bytes 20.11.2015 17:41:21
XBV00082.VDF : 8.12.30.78 17920 Bytes 20.11.2015 17:41:22
XBV00083.VDF : 8.12.30.80 9728 Bytes 20.11.2015 17:41:22
XBV00084.VDF : 8.12.30.82 10240 Bytes 20.11.2015 17:41:22
XBV00085.VDF : 8.12.30.84 8704 Bytes 20.11.2015 17:41:22
XBV00086.VDF : 8.12.30.86 8192 Bytes 20.11.2015 17:41:22
XBV00087.VDF : 8.12.30.90 33792 Bytes 21.11.2015 17:41:22
XBV00088.VDF : 8.12.30.92 2048 Bytes 21.11.2015 17:41:22
XBV00089.VDF : 8.12.30.94 12288 Bytes 21.11.2015 17:41:22
XBV00090.VDF : 8.12.30.96 31744 Bytes 21.11.2015 17:41:22
XBV00091.VDF : 8.12.30.116 89600 Bytes 22.11.2015 17:41:22
XBV00092.VDF : 8.12.30.178 81920 Bytes 23.11.2015 17:41:22
XBV00093.VDF : 8.12.30.198 5120 Bytes 23.11.2015 17:41:22
XBV00094.VDF : 8.12.30.216 7168 Bytes 23.11.2015 17:41:22
XBV00095.VDF : 8.12.30.218 4096 Bytes 23.11.2015 17:41:22
XBV00096.VDF : 8.12.30.220 8704 Bytes 23.11.2015 17:41:22
XBV00097.VDF : 8.12.30.222 12288 Bytes 23.11.2015 17:41:22
XBV00098.VDF : 8.12.30.224 7168 Bytes 23.11.2015 17:41:22
XBV00099.VDF : 8.12.30.226 7168 Bytes 23.11.2015 17:41:22
XBV00100.VDF : 8.12.30.228 10752 Bytes 23.11.2015 17:41:22
XBV00101.VDF : 8.12.30.246 13824 Bytes 23.11.2015 17:41:22
XBV00102.VDF : 8.12.31.8 6144 Bytes 23.11.2015 17:41:22
XBV00103.VDF : 8.12.31.26 5120 Bytes 23.11.2015 17:41:23
XBV00104.VDF : 8.12.31.44 16384 Bytes 23.11.2015 17:41:23
XBV00105.VDF : 8.12.31.62 4096 Bytes 23.11.2015 17:41:23
XBV00106.VDF : 8.12.31.80 10752 Bytes 23.11.2015 17:41:23
XBV00107.VDF : 8.12.31.82 2048 Bytes 23.11.2015 17:41:23
XBV00108.VDF : 8.12.31.84 4608 Bytes 23.11.2015 17:41:23
XBV00109.VDF : 8.12.31.86 8192 Bytes 23.11.2015 17:41:23
XBV00110.VDF : 8.12.31.90 26624 Bytes 24.11.2015 17:41:23
XBV00111.VDF : 8.12.31.92 3072 Bytes 24.11.2015 17:41:23
XBV00112.VDF : 8.12.31.94 2048 Bytes 24.11.2015 17:41:23
XBV00113.VDF : 8.12.31.96 14336 Bytes 24.11.2015 17:41:23
XBV00114.VDF : 8.12.31.98 9216 Bytes 24.11.2015 17:41:23
XBV00115.VDF : 8.12.31.100 6656 Bytes 24.11.2015 17:41:23
XBV00116.VDF : 8.12.31.102 7168 Bytes 24.11.2015 17:41:23
XBV00117.VDF : 8.12.31.104 3072 Bytes 24.11.2015 17:41:23
XBV00118.VDF : 8.12.31.106 8704 Bytes 24.11.2015 17:41:23
XBV00119.VDF : 8.12.31.108 2048 Bytes 24.11.2015 17:41:23
XBV00120.VDF : 8.12.31.110 9728 Bytes 24.11.2015 21:01:36
XBV00121.VDF : 8.12.31.128 10752 Bytes 24.11.2015 21:01:36
XBV00122.VDF : 8.12.31.130 21504 Bytes 24.11.2015 21:01:36
XBV00123.VDF : 8.12.31.132 9216 Bytes 24.11.2015 21:01:36
XBV00124.VDF : 8.12.31.134 15872 Bytes 24.11.2015 21:01:36
XBV00125.VDF : 8.12.31.140 13824 Bytes 25.11.2015 21:01:36
XBV00126.VDF : 8.12.31.142 4608 Bytes 25.11.2015 21:01:36
XBV00127.VDF : 8.12.31.144 23552 Bytes 25.11.2015 21:01:37
XBV00128.VDF : 8.12.31.146 34816 Bytes 25.11.2015 21:01:37
XBV00129.VDF : 8.12.31.154 60416 Bytes 25.11.2015 21:01:37
XBV00130.VDF : 8.12.31.172 7680 Bytes 25.11.2015 18:03:04
XBV00131.VDF : 8.12.31.188 8192 Bytes 25.11.2015 18:03:04
XBV00132.VDF : 8.12.31.204 2048 Bytes 25.11.2015 18:03:04
XBV00133.VDF : 8.12.31.220 12288 Bytes 25.11.2015 18:03:04
XBV00134.VDF : 8.12.31.224 2048 Bytes 26.11.2015 18:03:04
XBV00135.VDF : 8.12.31.242 18944 Bytes 26.11.2015 18:03:04
XBV00136.VDF : 8.12.31.244 2048 Bytes 26.11.2015 18:03:04
XBV00137.VDF : 8.12.31.246 2048 Bytes 26.11.2015 18:03:04
XBV00138.VDF : 8.12.31.248 37888 Bytes 26.11.2015 18:03:04
XBV00139.VDF : 8.12.31.250 11264 Bytes 26.11.2015 18:03:04
XBV00140.VDF : 8.12.31.252 2048 Bytes 26.11.2015 18:03:04
XBV00141.VDF : 8.12.31.254 6144 Bytes 26.11.2015 18:03:04
XBV00142.VDF : 8.12.32.2 12800 Bytes 26.11.2015 18:03:04
XBV00143.VDF : 8.12.32.4 2560 Bytes 26.11.2015 18:03:04
XBV00144.VDF : 8.12.32.6 11776 Bytes 26.11.2015 18:03:04
XBV00145.VDF : 8.12.32.8 17920 Bytes 26.11.2015 18:03:04
XBV00146.VDF : 8.12.32.10 2048 Bytes 26.11.2015 18:03:04
XBV00147.VDF : 8.12.32.12 3584 Bytes 27.11.2015 18:03:04
XBV00148.VDF : 8.12.32.14 69632 Bytes 27.11.2015 18:03:05
XBV00149.VDF : 8.12.32.30 2048 Bytes 27.11.2015 18:03:05
XBV00150.VDF : 8.12.32.46 8192 Bytes 27.11.2015 18:03:05
XBV00151.VDF : 8.12.32.62 12800 Bytes 27.11.2015 18:03:05
XBV00152.VDF : 8.12.32.78 2048 Bytes 27.11.2015 18:03:05
XBV00153.VDF : 8.12.32.94 16896 Bytes 27.11.2015 18:03:05
LOCAL000.VDF : 8.12.32.94 146060288 Bytes 27.11.2015 18:03:27
Engineversion : 8.3.34.82
AEBB.DLL : 8.1.3.0 59296 Bytes 19.11.2015 17:55:10
AECORE.DLL : 8.3.9.0 249920 Bytes 13.11.2015 07:36:43
AEDROID.DLL : 8.4.3.348 1800104 Bytes 06.11.2015 18:09:10
AEEMU.DLL : 8.1.3.6 404328 Bytes 19.11.2015 17:55:10
AEEXP.DLL : 8.4.2.134 277360 Bytes 13.11.2015 07:36:46
AEGEN.DLL : 8.1.8.8 487480 Bytes 27.11.2015 18:03:01
AEHELP.DLL : 8.3.2.6 284584 Bytes 19.11.2015 17:55:10
AEHEUR.DLL : 8.1.4.2064 9923440 Bytes 27.11.2015 18:03:04
AEMOBILE.DLL : 8.1.8.10 301936 Bytes 27.11.2015 18:03:04
AEOFFICE.DLL : 8.3.1.56 408432 Bytes 25.10.2015 20:08:09
AEPACK.DLL : 8.4.1.18 802880 Bytes 27.10.2015 14:35:40
AERDL.DLL : 8.2.1.38 813928 Bytes 06.11.2015 18:09:08
AESBX.DLL : 8.2.21.2 1629032 Bytes 06.11.2015 18:09:09
AESCN.DLL : 8.3.4.0 141216 Bytes 13.11.2015 07:36:46
AESCRIPT.DLL : 8.3.0.4 542632 Bytes 19.11.2015 17:55:12
AEVDF.DLL : 8.3.2.4 141216 Bytes 19.11.2015 17:55:12
AVWINLL.DLL : 15.0.13.158 29600 Bytes 11.10.2015 18:09:57
AVPREF.DLL : 15.0.13.158 55864 Bytes 11.10.2015 18:10:02
AVREP.DLL : 15.0.13.158 225320 Bytes 11.10.2015 18:10:02
AVARKT.DLL : 15.0.13.158 232000 Bytes 11.10.2015 18:09:59
AVEVTLOG.DLL : 15.0.13.190 202112 Bytes 11.10.2015 18:10:00
SQLITE3.DLL : 15.0.13.158 461672 Bytes 11.10.2015 18:10:15
AVSMTP.DLL : 15.0.13.158 82120 Bytes 11.10.2015 18:10:03
NETNT.DLL : 15.0.13.158 18792 Bytes 11.10.2015 18:10:14
CommonImageRc.dll: 15.0.13.190 4308216 Bytes 11.10.2015 18:09:58
CommonTextRc.dll: 15.0.13.158 70784 Bytes 11.10.2015 18:09:58
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\Antivirus\TEMP\AVGUARD_565a04c0\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Reparieren
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Beginn des Suchlaufs: Samstag, 28. November 2015 21:06
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'ibmpmsvc.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '150' Modul(e) wurden durchsucht
Durchsuche Prozess 'DisplayLinkManager.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'DisplayLinkUserAgent.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'BBSvc.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'OfficeClickToRun.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'CxAudMsg64.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'DCService.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'lvvsst.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SAsrv.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'valWBFPolicyService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'ZeroConfigService.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '129' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'devmonsrv.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'mediasrv.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'obexsrv.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'ValBioService.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SeaPort.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'virtscrl.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'SwipeMonitor.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '221' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'CAudioFilterAgent64.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'fmapp.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'TpShocks.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'BleServicesCtrl.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'ScanToPCActivationApp.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'igpxtskmgn64win7.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'iusb3mon.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'RunDll32.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'VM331STI.EXE' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'DCSHelper.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPLpr.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPNetworkCommunicatorCom.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTPlayerCtrl.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'SCHTASK.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSCNotify.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'PWMDBSVC.EXE' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPNetworkCommunicator.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Users\Marie-Luise\AppData\Roaming\doublers-6\doublers-3.exe'
C:\Users\Marie-Luise\AppData\Roaming\doublers-6\doublers-3.exe
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.217569
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '53489cce.qua' verschoben!
Ende des Suchlaufs: Samstag, 28. November 2015 21:07
Benötigte Zeit: 00:20 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
995 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
994 Dateien ohne Befall
0 Archive wurden durchsucht
0 Warnungen
1 Hinweise
Geändert von Marie Schauk (29.11.2015 um 21:00 Uhr) |
|
29.11.2015, 21:04
| #2 |
| /// TB-Ausbilder   | Windows7: Trojaner, registy befallen, HKU, HKCU Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
29.11.2015, 21:43
| #3 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU Hallo,
__________________danke für deine schnelle Hilfe. Anbei die FRST logfile und danach die Addition Ich hoffe, das hilft weiter, um mich weiter zu beraten. Vielen Dank, Marie FRST logfile Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015 durchgeführt von Marie-Luise (Administrator) auf MARIE-NOTEBOOK (29-11-2015 21:18:35) Gestartet von C:\Users\Marie-Luise\Desktop Geladene Profile: Marie-Luise (Verfügbare Profile: Marie-Luise) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe () C:\ProgramData\DatacardService\DCService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Screenleap, Inc.) C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe (Docking Station) C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [900704 2013-03-15] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [384344 2013-11-29] (Lenovo.) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-04-07] (Synaptics Incorporated) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-05-16] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-10-21] (Intel Corporation) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro) HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [Screenleap] => C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe [2856992 2015-11-29] (Screenleap, Inc.) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\RunOnce: [Uninstall C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64" HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\MountPoints2: {8225d693-4841-11e5-9626-f8165465672d} - E:\AutoRun.exe HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\MountPoints2: {de3f79ed-2748-11e4-b820-806e6f6e6963} - Q:\LenovoQDrive.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\igpxtskmgn.lnk [2014-08-19] ShortcutTarget: igpxtskmgn.lnk -> C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe (Docking Station) Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-10-02] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pendulum-3.lnk [2015-11-25] ShortcutTarget: pendulum-3.lnk -> C:\Users\Marie-Luise\AppData\Roaming\pendulum-28\pendulum-7.exe (Intel(R) Corporation) Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2015-11-29] ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{B3636DED-3BAF-45B6-A1E8-E155B3A14D72}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{FC018661-EF6C-4533-B835-3D2AC0E19221}: [DhcpNameServer] 150.206.1.3 Internet Explorer: ================== HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad SearchScopes: HKU\S-1-5-21-1401465016-1591747146-3379758321-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012 FF Homepage: hxxp://www.jugendlosungen.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-15] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-15] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: GMX MailCheck - C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\extensions\mailcheck@gmx.net [2015-11-18] FF Extension: Adblock Plus - C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-29] FF HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-11] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation) R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [Datei ist nicht signiert] R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-11] (DisplayLink Corp.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] () S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert] S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-09-29] () R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [22776 2015-03-03] (Validity Sensors, Inc.) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-03-03] (Synaptics Incorporated) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-11] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-11] (Avira Operations GmbH & Co. KG) R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-02] (Intel Corporation) R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [113096 2013-08-20] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-29] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429344 2014-02-18] (Intel Corporation) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated) S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility) R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Vimicro Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-29 21:19 - 2015-11-29 21:19 - 02740687 _____ C:\Users\Marie-Luise\Desktop\tdsskiller.exe.part 2015-11-29 21:19 - 2015-11-29 21:19 - 00000000 _____ C:\Users\Marie-Luise\Desktop\tdsskiller.exe 2015-11-29 21:18 - 2015-11-29 21:19 - 00021198 _____ C:\Users\Marie-Luise\Desktop\FRST.txt 2015-11-29 21:18 - 2015-11-29 21:18 - 00000000 ____D C:\FRST 2015-11-29 21:17 - 2015-11-29 21:17 - 02350080 _____ (Farbar) C:\Users\Marie-Luise\Desktop\FRST64.exe 2015-11-29 20:47 - 2015-11-29 20:47 - 00001025 _____ C:\Users\Marie-Luise\Desktop\AdwCleaner[C1].txt 2015-11-29 20:13 - 2015-11-29 20:19 - 00000000 ____D C:\AdwCleaner 2015-11-29 20:08 - 2015-11-29 20:08 - 01733632 _____ C:\Users\Marie-Luise\Desktop\adwcleaner_5.022.exe 2015-11-29 20:00 - 2015-11-29 20:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-29 20:00 - 2015-11-29 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-29 19:59 - 2015-11-29 20:00 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-29 19:59 - 2015-11-29 19:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-29 19:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-11-29 19:59 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-11-29 19:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-11-29 19:57 - 2015-11-29 19:59 - 22908888 _____ (Malwarebytes ) C:\Users\Marie-Luise\Desktop\mbam-setup-2.2.0.1024.exe.part 2015-11-29 19:57 - 2015-11-29 19:58 - 22908888 _____ (Malwarebytes ) C:\Users\Marie-Luise\Desktop\mbam-setup-2.2.0.1024.exe 2015-11-29 19:51 - 2015-11-29 21:13 - 00000064 _____ C:\Users\Marie-Luise\.screenleap 2015-11-29 19:51 - 2015-11-29 20:29 - 00000000 ____D C:\Users\Marie-Luise\AppData\Local\Screenleap 2015-11-29 19:51 - 2015-11-29 19:51 - 00002000 _____ C:\Users\Marie-Luise\Desktop\Screenleap.lnk 2015-11-25 21:59 - 2015-11-25 21:59 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\pendulum-28 2015-11-25 21:57 - 2015-11-25 21:57 - 00000000 ____D C:\ProgramData\molecule-26 2015-11-25 21:54 - 2015-11-28 21:07 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\doublers-6 2015-11-25 21:52 - 2015-11-25 23:02 - 00000000 ____D C:\ProgramData\powercap-44 2015-11-18 19:00 - 2015-11-18 21:40 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\glonass-89 2015-11-15 17:20 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-13 08:38 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-13 08:38 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-13 08:38 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-11-13 08:38 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-13 08:38 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-11-13 08:38 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-13 08:35 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-11-13 08:35 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-11-13 08:35 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-13 08:35 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-13 08:35 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-11-13 08:35 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-13 08:35 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-13 08:35 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-11-13 08:35 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-11-13 08:35 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-13 08:35 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-11-13 08:35 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-13 08:35 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-11-13 08:35 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-13 08:35 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-13 08:35 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-11-13 08:35 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-13 08:35 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-13 08:35 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-11-13 08:35 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-13 08:35 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-13 08:35 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-11-13 08:35 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-13 08:35 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-13 08:35 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-11-13 08:35 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-13 08:35 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-13 08:35 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-13 08:35 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-11-13 08:35 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-11-13 08:35 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-11-13 08:35 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-11-13 08:35 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-11-13 08:35 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-13 08:35 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-11-13 08:35 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-11-13 08:35 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-11-13 08:35 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-13 08:35 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-11-13 08:35 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-11-13 08:35 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-11-13 08:35 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-13 08:35 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-13 08:35 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-13 08:35 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-11-13 08:35 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-11-13 08:35 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-13 08:35 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-13 08:35 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-11-13 08:35 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-11-13 08:35 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-11-13 08:35 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-13 08:35 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-11-13 08:35 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-13 08:35 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-11-13 08:35 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-13 08:35 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-13 08:35 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-11-13 08:35 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-11-13 08:35 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-13 08:35 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-13 08:35 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-13 08:35 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-13 08:35 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-13 08:33 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-13 08:32 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-13 08:32 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-13 08:32 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-11-13 08:32 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-13 08:32 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-11-13 08:32 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-11-13 08:32 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-11-13 08:32 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-11-13 08:32 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-11-13 08:32 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-11-13 08:32 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-11-13 08:32 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-11-13 08:32 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-11-13 08:32 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-11-13 08:32 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-11-13 08:32 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-13 08:32 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-13 08:32 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-13 08:32 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-11-13 08:32 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-11-13 08:32 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-13 08:32 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-13 08:32 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-13 08:32 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-13 08:32 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-13 08:32 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-13 08:32 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-13 08:31 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-11-13 08:31 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-11-13 08:31 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-11-11 21:39 - 2015-11-14 17:48 - 00000000 ____D C:\ProgramData\en ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-29 21:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-11-29 21:08 - 2015-08-18 19:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-29 20:28 - 2009-07-14 05:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-29 20:28 - 2009-07-14 05:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-29 20:26 - 2014-08-19 13:14 - 00699342 _____ C:\Windows\system32\perfh007.dat 2015-11-29 20:26 - 2014-08-19 13:14 - 00149450 _____ C:\Windows\system32\perfc007.dat 2015-11-29 20:26 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-29 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-11-29 20:20 - 2014-08-19 03:53 - 00000000 ____D C:\ProgramData\Validity 2015-11-29 20:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-29 19:51 - 2015-05-05 19:38 - 00000000 ____D C:\Users\Marie-Luise 2015-11-18 21:52 - 2014-08-19 04:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-11-18 21:50 - 2014-08-19 04:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-11-17 18:25 - 2014-01-30 22:17 - 00000000 __SHD C:\Users\Marie-Luise\AppData\Roaming\aghubwrh 2015-11-16 18:49 - 2009-07-14 05:45 - 00353816 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-15 20:49 - 2014-08-18 20:55 - 00000000 ____D C:\ProgramData\Lenovo 2015-11-15 20:48 - 2014-08-19 03:55 - 00000000 ____D C:\Windows\System32\Tasks\TVT 2015-11-15 20:48 - 2014-08-19 03:51 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools 2015-11-15 20:48 - 2014-08-19 03:41 - 00000000 ____D C:\Program Files (x86)\Lenovo 2015-11-15 17:08 - 2015-08-18 19:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-15 17:08 - 2015-05-23 19:20 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-15 17:08 - 2015-05-23 19:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-13 08:37 - 2014-01-30 22:46 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-13 08:35 - 2014-02-03 15:34 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-10 18:33 - 2015-05-16 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-10 18:33 - 2014-08-19 03:44 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-09 18:32 - 2015-05-16 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-01 20:08 - 2015-10-25 21:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-01 20:08 - 2015-07-05 19:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-05-25 17:00 - 2015-05-25 17:00 - 16342352 _____ (Geek Software GmbH ) C:\Program Files (x86)\pdf24-creator-6.9.2.exe 2015-05-21 06:48 - 2015-05-21 06:48 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-08-19 03:53 - 2014-08-19 03:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-08-19 03:58 - 2014-08-19 03:59 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log 2014-08-19 03:56 - 2014-08-19 03:57 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2014-08-19 03:57 - 2014-08-19 03:58 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log 2014-08-19 03:58 - 2014-08-19 03:58 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log Einige Dateien in TEMP: ==================== C:\Users\Marie-Luise\AppData\Local\Temp\avgnt.exe C:\Users\Marie-Luise\AppData\Local\Temp\sqlite3.dll Einige mit null Byte Größe Dateien/Ordner: ========================== C:\Windows\SysWOW64\dlumd10.dll C:\Windows\SysWOW64\dlumd11.dll C:\Windows\SysWOW64\dlumd9.dll C:\Windows\System32\dlumd10.dll C:\Windows\System32\dlumd11.dll C:\Windows\System32\dlumd9.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-25 15:01 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015
durchgeführt von Marie-Luise (2015-11-29 21:19:32)
Gestartet von C:\Users\Marie-Luise\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-05-05 18:38:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1401465016-1591747146-3379758321-500 - Administrator - Disabled)
Gast (S-1-5-21-1401465016-1591747146-3379758321-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1401465016-1591747146-3379758321-1002 - Limited - Enabled)
Marie-Luise (S-1-5-21-1401465016-1591747146-3379758321-1001 - Administrator - Enabled) => C:\Users\Marie-Luise
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.62.50 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DisplayLink Core Software (HKLM\...\{BB07E020-7224-4EC3-864E-2AA0BF42A7DD}) (Version: 7.4.51572.0 - DisplayLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150424 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.64.1 - Lenovo Group Limited)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.911.3 - Vimicro)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.10 - )
Lenovo Fingerprint Manager (HKLM\...\{D6006D3A-B3F5-48DC-8CC0-D353912379F3}) (Version: 4.5.289.0 - Synaptics)
Lenovo Fingerprint Manager (HKLM\...\{F7AB2C19-6A27-4C75-A92A-8CC7C59E5FA2}) (Version: 4.5.289.0 - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0013 - Lenovo)
Lenovo USB Graphics (HKLM\...\{7257526E-B74A-488E-BA2E-56327482B06B}) (Version: 7.4.51587.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.15 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.04.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21234 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.40 - Synaptics Incorporated)
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (08/01/2013 12.8.0.1016) (HKLM\...\C8A921233C0C441A4E4EAABC2AB08C872FD77A6E) (Version: 08/01/2013 12.8.0.1016 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
13-10-2015 19:55:45 Windows Update
11-11-2015 21:42:10 Windows Update
13-11-2015 08:29:39 Windows Update
13-11-2015 08:34:45 Windows Update
14-11-2015 17:47:36 Windows Update
15-11-2015 21:57:56 Windows Update
17-11-2015 18:31:47 Free Antivirus - 17.11.2015 18:31
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16A98A40-6353-410F-BD28-5345C3E2DBFE} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {170F753F-2D86-4F1F-9CE1-4AA1A116B757} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {2EFA6B85-313D-4DD0-B0EC-F2F364F27095} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {474F4629-0DE0-49C2-9D0C-EBF7918BE7D0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-29] ()
Task: {4E62F553-C70D-4BC3-B8D2-453C72CBEFF9} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {5F6F5F29-C047-400D-BD94-3D79F9F6CB0E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2013-10-21] (Lenovo Group Limited)
Task: {7B3C18C9-06C4-485E-AEE2-91B94C98115F} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {B2853026-549C-413A-AA6D-1DAF46B17F70} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {B9E972D3-A324-4B34-9048-0E6C4FC35A6E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {BDB79BDC-99DF-47C8-9513-0EFF6CD0C369} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {C3D0177B-A8A2-4DEE-B8BD-BDC9EAFD18DC} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {CD821E1D-24FE-4AC5-AE1D-F3A372670DF9} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {D29C9B0D-7B4F-442B-996D-3F2C93DED596} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {D5E0EB99-D92E-4F82-8685-FC48AC7298EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {E9CB273F-6CEF-4BA3-87EC-C20EE48E7600} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-15] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-02 18:45 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2010-05-08 12:48 - 2010-05-08 12:48 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2014-08-19 03:51 - 2013-10-21 23:04 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-08-19 03:45 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-08-19 03:39 - 2013-05-16 09:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-16 22:15 - 2015-05-07 21:20 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-16 22:15 - 2015-05-07 21:20 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-16 22:15 - 2015-05-07 21:20 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{19CCF886-E8AC-4BE6-8588-095562D3E5F8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E6EE83DD-7E36-419E-9EAD-11E70FF5AC53}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{78EE11AE-7BAF-4D29-9A6B-D2DC562442FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F8B03271-CC30-4390-B53F-321E951E6ECB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3A91B0D-E7FA-477D-AC4E-3E9B2CCAE2B6}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{584F2355-8676-46E0-9165-282BAFE01DDC}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{17525D02-32D4-4C7B-8D25-7D7E990BAECB}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{C5EAB0C6-B0D9-4803-92E6-E3338DFEDD26}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{E3B484FE-6055-466D-B607-E6B57FF8676B}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0048073E-4041-42F9-94E3-F25516F9143D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3D2F336D-7117-49FD-B8A2-FC194C9598F5}] => (Allow) C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{9D60C568-89F2-42DB-9DEC-7D1704875119}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E921CD51-E941-4B81-A1A6-C79D2F14FDCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C7F4936-989A-4354-81B0-7FA153E46F75}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F808B78E-F593-47C1-B7ED-C600D8D5916B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/29/2015 08:21:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 07:32:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/28/2015 08:47:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/27/2015 06:52:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/25/2015 10:54:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/25/2015 09:51:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/24/2015 06:30:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/22/2015 01:21:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2015 09:06:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2015 06:44:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (11/29/2015 08:20:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 29.11.2015 um 20:19:30 unerwartet heruntergefahren.
Error: (11/29/2015 08:19:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/29/2015 08:19:59 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/29/2015 08:19:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/29/2015 08:19:59 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/29/2015 08:19:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/29/2015 08:19:59 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/29/2015 08:19:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo PM Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/29/2015 08:19:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (11/29/2015 08:19:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4100M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3810.46 MB
Verfügbarer physikalischer RAM: 1459.78 MB
Summe virtueller Speicher: 7619.12 MB
Verfügbarer virtueller Speicher: 4434.14 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:301.89 GB) (Free:248.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Volume) (Fixed) (Total:146.48 GB) (Free:120.8 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.92 GB) (Free:4.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 49FC2C21)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=301.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
29.11.2015, 21:48
| #4 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU Und hier die logfile von TDSS Code:
ATTFilter 21:24:07.0173 0x13e8 TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
21:24:13.0210 0x13e8 ============================================================
21:24:13.0210 0x13e8 Current date / time: 2015/11/29 21:24:13.0210
21:24:13.0210 0x13e8 SystemInfo:
21:24:13.0210 0x13e8
21:24:13.0210 0x13e8 OS Version: 6.1.7601 ServicePack: 1.0
21:24:13.0210 0x13e8 Product type: Workstation
21:24:13.0210 0x13e8 ComputerName: MARIE-NOTEBOOK
21:24:13.0210 0x13e8 UserName: Marie-Luise
21:24:13.0210 0x13e8 Windows directory: C:\Windows
21:24:13.0210 0x13e8 System windows directory: C:\Windows
21:24:13.0210 0x13e8 Running under WOW64
21:24:13.0210 0x13e8 Processor architecture: Intel x64
21:24:13.0210 0x13e8 Number of processors: 4
21:24:13.0210 0x13e8 Page size: 0x1000
21:24:13.0210 0x13e8 Boot type: Normal boot
21:24:13.0210 0x13e8 ============================================================
21:24:13.0398 0x13e8 KLMD registered as C:\Windows\system32\drivers\09129714.sys
21:24:14.0006 0x13e8 System UUID: {4A4C0AD2-3B98-8D29-1106-303787C730DD}
21:24:14.0927 0x13e8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:24:14.0942 0x13e8 ============================================================
21:24:14.0942 0x13e8 \Device\Harddisk0\DR0:
21:24:14.0942 0x13e8 MBR partitions:
21:24:14.0942 0x13e8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
21:24:14.0942 0x13e8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x25BC8800
21:24:14.0958 0x13e8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x25EB7800, BlocksNum 0x124F8000
21:24:14.0958 0x13e8 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x383AF800, BlocksNum 0x1FD6000
21:24:14.0958 0x13e8 ============================================================
21:24:15.0005 0x13e8 C: <-> \Device\Harddisk0\DR0\Partition2
21:24:15.0051 0x13e8 Q: <-> \Device\Harddisk0\DR0\Partition4
21:24:15.0098 0x13e8 D: <-> \Device\Harddisk0\DR0\Partition3
21:24:15.0098 0x13e8 ============================================================
21:24:15.0098 0x13e8 Initialize success
21:24:15.0098 0x13e8 ============================================================
21:24:21.0869 0x0204 ============================================================
21:24:21.0869 0x0204 Scan started
21:24:21.0869 0x0204 Mode: Manual;
21:24:21.0869 0x0204 ============================================================
21:24:21.0869 0x0204 KSN ping started
21:24:35.0367 0x0204 KSN ping finished: true
21:24:37.0459 0x0204 ================ Scan system memory ========================
21:24:37.0459 0x0204 System memory - ok
21:24:37.0460 0x0204 ================ Scan services =============================
21:24:37.0592 0x0204 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:24:37.0596 0x0204 1394ohci - ok
21:24:37.0629 0x0204 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:24:37.0634 0x0204 ACPI - ok
21:24:37.0638 0x0204 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:24:37.0639 0x0204 AcpiPmi - ok
21:24:37.0739 0x0204 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:24:37.0743 0x0204 AdobeARMservice - ok
21:24:37.0864 0x0204 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:24:37.0876 0x0204 AdobeFlashPlayerUpdateSvc - ok
21:24:37.0901 0x0204 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:24:37.0910 0x0204 adp94xx - ok
21:24:37.0943 0x0204 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:24:37.0950 0x0204 adpahci - ok
21:24:37.0960 0x0204 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:24:37.0965 0x0204 adpu320 - ok
21:24:37.0994 0x0204 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:24:37.0995 0x0204 AeLookupSvc - ok
21:24:38.0050 0x0204 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
21:24:38.0058 0x0204 AFD - ok
21:24:38.0074 0x0204 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:24:38.0075 0x0204 agp440 - ok
21:24:38.0080 0x0204 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:24:38.0081 0x0204 ALG - ok
21:24:38.0086 0x0204 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:24:38.0087 0x0204 aliide - ok
21:24:38.0091 0x0204 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:24:38.0091 0x0204 amdide - ok
21:24:38.0095 0x0204 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:24:38.0097 0x0204 AmdK8 - ok
21:24:38.0103 0x0204 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:24:38.0105 0x0204 AmdPPM - ok
21:24:38.0111 0x0204 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:24:38.0113 0x0204 amdsata - ok
21:24:38.0120 0x0204 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:24:38.0123 0x0204 amdsbs - ok
21:24:38.0128 0x0204 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:24:38.0129 0x0204 amdxata - ok
21:24:38.0236 0x0204 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:24:38.0262 0x0204 AntiVirMailService - ok
21:24:38.0349 0x0204 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:24:38.0366 0x0204 AntiVirSchedulerService - ok
21:24:38.0420 0x0204 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:24:38.0429 0x0204 AntiVirService - ok
21:24:38.0490 0x0204 [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:24:38.0510 0x0204 AntiVirWebService - ok
21:24:38.0560 0x0204 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
21:24:38.0562 0x0204 AppID - ok
21:24:38.0654 0x0204 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:24:38.0657 0x0204 AppIDSvc - ok
21:24:38.0704 0x0204 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
21:24:38.0709 0x0204 Appinfo - ok
21:24:38.0735 0x0204 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:24:38.0742 0x0204 AppMgmt - ok
21:24:38.0751 0x0204 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:24:38.0754 0x0204 arc - ok
21:24:38.0762 0x0204 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:24:38.0767 0x0204 arcsas - ok
21:24:38.0838 0x0204 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:24:38.0859 0x0204 aspnet_state - ok
21:24:38.0871 0x0204 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:24:38.0873 0x0204 AsyncMac - ok
21:24:38.0879 0x0204 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:24:38.0881 0x0204 atapi - ok
21:24:38.0927 0x0204 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:24:38.0946 0x0204 AudioEndpointBuilder - ok
21:24:38.0964 0x0204 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:24:38.0977 0x0204 AudioSrv - ok
21:24:39.0002 0x0204 [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:24:39.0005 0x0204 avgntflt - ok
21:24:39.0035 0x0204 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:24:39.0037 0x0204 avipbb - ok
21:24:39.0147 0x0204 [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:24:39.0160 0x0204 Avira.ServiceHost - ok
21:24:39.0175 0x0204 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:24:39.0177 0x0204 avkmgr - ok
21:24:39.0204 0x0204 [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
21:24:39.0208 0x0204 avnetflt - ok
21:24:39.0237 0x0204 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:24:39.0241 0x0204 AxInstSV - ok
21:24:39.0300 0x0204 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:24:39.0320 0x0204 b06bdrv - ok
21:24:39.0331 0x0204 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:24:39.0338 0x0204 b57nd60a - ok
21:24:39.0400 0x0204 [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
21:24:39.0405 0x0204 BBSvc - ok
21:24:39.0465 0x0204 [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
21:24:39.0471 0x0204 BBUpdate - ok
21:24:39.0484 0x0204 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:24:39.0487 0x0204 BDESVC - ok
21:24:39.0492 0x0204 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:24:39.0493 0x0204 Beep - ok
21:24:39.0538 0x0204 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:24:39.0553 0x0204 BFE - ok
21:24:39.0603 0x0204 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:24:39.0621 0x0204 BITS - ok
21:24:39.0626 0x0204 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:24:39.0627 0x0204 blbdrive - ok
21:24:39.0736 0x0204 [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:24:39.0789 0x0204 Bluetooth Device Monitor - ok
21:24:39.0849 0x0204 [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:24:39.0886 0x0204 Bluetooth Media Service - ok
21:24:39.0934 0x0204 [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:24:39.0968 0x0204 Bluetooth OBEX Service - ok
21:24:39.0999 0x0204 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:24:40.0002 0x0204 bowser - ok
21:24:40.0007 0x0204 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:24:40.0008 0x0204 BrFiltLo - ok
21:24:40.0014 0x0204 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:24:40.0015 0x0204 BrFiltUp - ok
21:24:40.0033 0x0204 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:24:40.0037 0x0204 Browser - ok
21:24:40.0053 0x0204 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:24:40.0061 0x0204 Brserid - ok
21:24:40.0071 0x0204 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:24:40.0073 0x0204 BrSerWdm - ok
21:24:40.0081 0x0204 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:24:40.0082 0x0204 BrUsbMdm - ok
21:24:40.0092 0x0204 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:24:40.0092 0x0204 BrUsbSer - ok
21:24:40.0139 0x0204 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:24:40.0141 0x0204 BthEnum - ok
21:24:40.0146 0x0204 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:24:40.0149 0x0204 BTHMODEM - ok
21:24:40.0163 0x0204 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:24:40.0167 0x0204 BthPan - ok
21:24:40.0201 0x0204 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:24:40.0213 0x0204 BTHPORT - ok
21:24:40.0218 0x0204 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:24:40.0221 0x0204 bthserv - ok
21:24:40.0234 0x0204 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:24:40.0236 0x0204 BTHUSB - ok
21:24:40.0253 0x0204 [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:24:40.0257 0x0204 btmaux - ok
21:24:40.0305 0x0204 [ D66F3A4F11E42142722DCF9DC5A451D6, 6576421E24ABB4F0A7B5EFB5CF6F9C6F510AFDD0087415D57A5ABBB0866B3E39 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:24:40.0346 0x0204 btmhsf - ok
21:24:40.0355 0x0204 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:24:40.0358 0x0204 cdfs - ok
21:24:40.0365 0x0204 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:24:40.0369 0x0204 cdrom - ok
21:24:40.0414 0x0204 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:24:40.0417 0x0204 CertPropSvc - ok
21:24:40.0421 0x0204 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:24:40.0422 0x0204 circlass - ok
21:24:40.0442 0x0204 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
21:24:40.0452 0x0204 CLFS - ok
21:24:40.0692 0x0204 [ 2CE5D5AEE7EC90FE0CF8A8FBBB1B1A6C, E93E8362FB1D173D8F15C753190CF41474C183A667AF90378389563A70D93864 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:24:40.0759 0x0204 ClickToRunSvc - ok
21:24:40.0820 0x0204 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:24:40.0822 0x0204 clr_optimization_v2.0.50727_32 - ok
21:24:40.0852 0x0204 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:24:40.0856 0x0204 clr_optimization_v2.0.50727_64 - ok
21:24:40.0897 0x0204 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:24:40.0926 0x0204 clr_optimization_v4.0.30319_32 - ok
21:24:40.0942 0x0204 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:24:40.0948 0x0204 clr_optimization_v4.0.30319_64 - ok
21:24:40.0953 0x0204 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:24:40.0954 0x0204 CmBatt - ok
21:24:40.0958 0x0204 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:24:40.0959 0x0204 cmdide - ok
21:24:40.0997 0x0204 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
21:24:41.0010 0x0204 CNG - ok
21:24:41.0119 0x0204 [ CE6D6C023F23F968ABF03892972A9DCF, EBF415F15A30ED76C1D416D3D7E2D0558273DF08A134BFEF108BBE2410803ECC ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
21:24:41.0173 0x0204 CnxtHdAudService - ok
21:24:41.0179 0x0204 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:24:41.0180 0x0204 Compbatt - ok
21:24:41.0199 0x0204 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:24:41.0201 0x0204 CompositeBus - ok
21:24:41.0212 0x0204 COMSysApp - ok
21:24:41.0278 0x0204 [ 76FE8C1490B70250921EC88D833742D0, 19625C894E457300641456F5BE0AEB8A7AE96661B5DE49EE772E2621FAAB92AA ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:24:41.0285 0x0204 cphs - ok
21:24:41.0293 0x0204 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:24:41.0295 0x0204 crcdisk - ok
21:24:41.0317 0x0204 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:24:41.0320 0x0204 CryptSvc - ok
21:24:41.0353 0x0204 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:24:41.0364 0x0204 CSC - ok
21:24:41.0383 0x0204 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:24:41.0396 0x0204 CscService - ok
21:24:41.0573 0x0204 [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
21:24:41.0580 0x0204 CxAudMsg - ok
21:24:41.0636 0x0204 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:24:41.0649 0x0204 DcomLaunch - ok
21:24:41.0779 0x0204 [ CC8B5C964B777F4EC3E89F13B4B5FF0F, 75E161265CCFFCB61FCE855C9790E2E06531E6B1C3DCCB1E3018466D03AD3919 ] DCService.exe C:\ProgramData\DatacardService\DCService.exe
21:24:41.0792 0x0204 DCService.exe - ok
21:24:41.0834 0x0204 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:24:41.0846 0x0204 defragsvc - ok
21:24:41.0854 0x0204 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:24:41.0858 0x0204 DfsC - ok
21:24:41.0886 0x0204 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:24:41.0893 0x0204 Dhcp - ok
21:24:41.0900 0x0204 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:24:41.0901 0x0204 discache - ok
21:24:41.0916 0x0204 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:24:41.0918 0x0204 Disk - ok
21:24:42.0196 0x0204 [ 260169AFE0247D3817DDD7EC6C6AD0BC, 2C0FB869A23AC18B7874899C5599691464C158E1881AD5EEEE95D6D0B182C9CF ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
21:24:42.0441 0x1844 Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost
21:24:42.0468 0x0204 DisplayLinkService - ok
21:24:42.0516 0x0204 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:24:42.0518 0x0204 dmvsc - ok
21:24:42.0535 0x0204 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:24:42.0541 0x0204 Dnscache - ok
21:24:42.0551 0x0204 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:24:42.0557 0x0204 dot3svc - ok
21:24:42.0569 0x0204 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:24:42.0573 0x0204 DPS - ok
21:24:42.0590 0x0204 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:24:42.0591 0x0204 drmkaud - ok
21:24:42.0751 0x0204 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:24:42.0779 0x0204 DXGKrnl - ok
21:24:42.0793 0x0204 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:24:42.0796 0x0204 EapHost - ok
21:24:42.0896 0x0204 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:24:42.0987 0x0204 ebdrv - ok
21:24:43.0015 0x0204 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
21:24:43.0018 0x0204 EFS - ok
21:24:43.0076 0x0204 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:24:43.0094 0x0204 ehRecvr - ok
21:24:43.0099 0x0204 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:24:43.0103 0x0204 ehSched - ok
21:24:43.0127 0x0204 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:24:43.0138 0x0204 elxstor - ok
21:24:43.0143 0x0204 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:24:43.0144 0x0204 ErrDev - ok
21:24:43.0177 0x0204 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:24:43.0186 0x0204 EventSystem - ok
21:24:43.0286 0x0204 [ 7876CB89775B67347797E04775B2FAF9, F62D2778F7399B04E3A0DDE2E87428AB92D9FA63FBDF943709BC38A94F0015E6 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:24:43.0299 0x0204 EvtEng - ok
21:24:43.0349 0x0204 [ 23B79B19F49A037EBA4A9A3BB03ED91D, 2E0918B20188CBFAC0E64A5B36739DF4638A343553908888DFDD708743370F3F ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
21:24:43.0356 0x0204 ewusbnet - ok
21:24:43.0382 0x0204 [ E2CBB821C7CAE0EF8B56DE28ED85C740, 4AB358FEBC7B57774B2DD54705FAD3F5E0308F1E1FECBED73231DCEF11CF7D3B ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
21:24:43.0386 0x0204 ew_hwusbdev - ok
21:24:43.0393 0x0204 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:24:43.0399 0x0204 exfat - ok
21:24:43.0407 0x0204 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:24:43.0411 0x0204 fastfat - ok
21:24:43.0451 0x0204 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:24:43.0469 0x0204 Fax - ok
21:24:43.0474 0x0204 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:24:43.0475 0x0204 fdc - ok
21:24:43.0489 0x0204 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:24:43.0491 0x0204 fdPHost - ok
21:24:43.0497 0x0204 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:24:43.0499 0x0204 FDResPub - ok
21:24:43.0504 0x0204 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:24:43.0507 0x0204 FileInfo - ok
21:24:43.0511 0x0204 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:24:43.0512 0x0204 Filetrace - ok
21:24:43.0515 0x0204 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:24:43.0516 0x0204 flpydisk - ok
21:24:43.0537 0x0204 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:24:43.0544 0x0204 FltMgr - ok
21:24:43.0597 0x0204 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
21:24:43.0629 0x0204 FontCache - ok
21:24:43.0655 0x0204 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:24:43.0657 0x0204 FontCache3.0.0.0 - ok
21:24:43.0661 0x0204 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:24:43.0663 0x0204 FsDepends - ok
21:24:43.0668 0x0204 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:24:43.0669 0x0204 Fs_Rec - ok
21:24:43.0678 0x0204 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:24:43.0683 0x0204 fvevol - ok
21:24:43.0700 0x0204 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:24:43.0701 0x0204 gagp30kx - ok
21:24:43.0735 0x0204 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:24:43.0751 0x0204 gpsvc - ok
21:24:43.0772 0x0204 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:24:43.0774 0x0204 hcw85cir - ok
21:24:43.0791 0x0204 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:24:43.0799 0x0204 HdAudAddService - ok
21:24:43.0833 0x0204 [ 12DED0995AE2BA68EBBE70E14A76EE02, 54A658F4E8D6D98594BE43289083AD4267EB6B3F99D789A75719DBCA5188E87F ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:24:43.0837 0x0204 HDAudBus - ok
21:24:43.0840 0x0204 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:24:43.0841 0x0204 HidBatt - ok
21:24:43.0848 0x0204 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:24:43.0850 0x0204 HidBth - ok
21:24:43.0854 0x0204 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:24:43.0856 0x0204 HidIr - ok
21:24:43.0872 0x0204 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:24:43.0873 0x0204 hidserv - ok
21:24:43.0878 0x0204 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:24:43.0879 0x0204 HidUsb - ok
21:24:43.0889 0x0204 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:24:43.0893 0x0204 hkmsvc - ok
21:24:43.0910 0x0204 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:24:43.0916 0x0204 HomeGroupListener - ok
21:24:43.0933 0x0204 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:24:43.0938 0x0204 HomeGroupProvider - ok
21:24:43.0943 0x0204 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:24:43.0945 0x0204 HpSAMD - ok
21:24:43.0987 0x0204 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:24:44.0004 0x0204 HTTP - ok
21:24:44.0024 0x0204 [ 08B1A06A55F068A17A51BA26618CF50F, 8ADFC9D3003208A9B3BE12DCD1418A13C4D19E13E00EFEE556EF87B70F49B2E6 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
21:24:44.0027 0x0204 huawei_enumerator - ok
21:24:44.0050 0x0204 [ 6E5CD3984742A922D0C183C7E82C3C94, EE350C8736F0AC6751E18694E1F1142477112C8C2D83347C1EE9483BEC0DA117 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:24:44.0054 0x0204 hwdatacard - ok
21:24:44.0062 0x0204 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:24:44.0063 0x0204 hwpolicy - ok
21:24:44.0076 0x0204 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:24:44.0079 0x0204 i8042prt - ok
21:24:44.0117 0x0204 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
21:24:44.0127 0x0204 iaStorA - ok
21:24:44.0145 0x0204 [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
21:24:44.0147 0x0204 iaStorF - ok
21:24:44.0160 0x0204 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:24:44.0169 0x0204 iaStorV - ok
21:24:44.0203 0x0204 [ B005844661028E11480D724A709CC298, DC738AA0246581814915160BA824C2DB9009E6CFCCDB6A268F08C8D13F52BEB0 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
21:24:44.0206 0x0204 IBMPMDRV - ok
21:24:44.0215 0x0204 [ ED802CE6B36E280401197F593634C1DD, 620F2D5F40B8E61DE606FC1B1B1DCDD12BE7431E065F9CB776FDCFF915B1D243 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
21:24:44.0216 0x0204 IBMPMSVC - ok
21:24:44.0257 0x0204 [ 617EEDD27FB557C9D95D68096564C930, 59AA6F9884C9B504D5B524B6EFF8148669251085FAF12AE3634F0C753850CDC3 ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
21:24:44.0260 0x0204 ibtusb - ok
21:24:44.0324 0x0204 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:24:44.0342 0x0204 idsvc - ok
21:24:44.0347 0x0204 IEEtwCollectorService - ok
21:24:44.0521 0x0204 [ AEF200DC087141A5F66A6B006D2F0FD4, A38A0684637D9FE58271D91B93184A72414948E35145D19246BF6FBC60E28B3C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:24:44.0687 0x0204 igfx - ok
21:24:44.0697 0x0204 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:24:44.0698 0x0204 iirsp - ok
21:24:44.0738 0x0204 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:24:44.0757 0x0204 IKEEXT - ok
21:24:44.0783 0x0204 [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:24:44.0786 0x0204 intaud_WaveExtensible - ok
21:24:44.0824 0x0204 [ EEE7376243CD8A4B49B885EF122D25E5, A3B89E7B513C95558C4DA41D3C136D464381263BA43E00EC136FC776DAA0BA94 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:24:44.0834 0x0204 IntcDAud - ok
21:24:44.0904 0x0204 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:24:44.0921 0x0204 Intel(R) Capability Licensing Service Interface - ok
21:24:44.0923 0x1844 Object send P2P result: true
21:24:44.0948 0x0204 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:24:44.0966 0x0204 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:24:44.0971 0x0204 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:24:44.0972 0x0204 intelide - ok
21:24:44.0976 0x0204 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:24:44.0977 0x0204 intelppm - ok
21:24:44.0988 0x0204 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:24:44.0991 0x0204 IPBusEnum - ok
21:24:45.0001 0x0204 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:24:45.0004 0x0204 IpFilterDriver - ok
21:24:45.0033 0x0204 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:24:45.0047 0x0204 iphlpsvc - ok
21:24:45.0052 0x0204 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:24:45.0054 0x0204 IPMIDRV - ok
21:24:45.0058 0x0204 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:24:45.0061 0x0204 IPNAT - ok
21:24:45.0067 0x0204 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:24:45.0068 0x0204 IRENUM - ok
21:24:45.0071 0x0204 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:24:45.0072 0x0204 isapnp - ok
21:24:45.0093 0x0204 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:24:45.0099 0x0204 iScsiPrt - ok
21:24:45.0117 0x0204 [ 72B203A1F805C07E920E537414A0EA5F, 7EFB2A397034FF3D451D1763865E8AA330D8D4656E7C6F8CDA6489868023C36E ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:24:45.0119 0x0204 iusb3hcs - ok
21:24:45.0138 0x0204 [ 474BFFCF3214208C5FD440217D34FE6E, 181E4A091B24E8FBB9C1072E1FD2BABB1B0AD68D1112563A70A791FA3546D4CE ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:24:45.0147 0x0204 iusb3hub - ok
21:24:45.0188 0x0204 [ 842A11F2020CD94A0120E61F902E3664, 464EDED37258A22AC38C007524E34ED1A795E5607FF8BD322455A8F76CB4BDCE ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:24:45.0205 0x0204 iusb3xhc - ok
21:24:45.0217 0x0204 [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
21:24:45.0219 0x0204 iwdbus - ok
21:24:45.0275 0x0204 [ 9BFDEFD51800A2D47D43919653F4BEF4, C7221D9F82F7F04343EDA6FE41A4EC4C97F6DC4170780AA3983C8735369A5026 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:24:45.0284 0x0204 jhi_service - ok
21:24:45.0290 0x0204 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:24:45.0292 0x0204 kbdclass - ok
21:24:45.0297 0x0204 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:24:45.0299 0x0204 kbdhid - ok
21:24:45.0342 0x0204 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
21:24:45.0345 0x0204 KeyIso - ok
21:24:45.0375 0x0204 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:24:45.0377 0x0204 KSecDD - ok
21:24:45.0391 0x0204 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:24:45.0396 0x0204 KSecPkg - ok
21:24:45.0414 0x0204 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:24:45.0416 0x0204 ksthunk - ok
21:24:45.0449 0x0204 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:24:45.0457 0x0204 KtmRm - ok
21:24:45.0484 0x0204 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:24:45.0491 0x0204 LanmanServer - ok
21:24:45.0507 0x0204 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:24:45.0512 0x0204 LanmanWorkstation - ok
21:24:45.0549 0x0204 [ D253E6009F05776F505F96866CCF460F, 8A39E77B4FC780BB9C6C8A892603248D87ED70255BF9BED0218BE2420B5E8C53 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
21:24:45.0555 0x0204 Lenovo.VIRTSCRLSVC - ok
21:24:45.0573 0x0204 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:24:45.0578 0x0204 lltdio - ok
21:24:45.0614 0x0204 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:24:45.0624 0x0204 lltdsvc - ok
21:24:45.0640 0x0204 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:24:45.0643 0x0204 lmhosts - ok
21:24:45.0683 0x0204 [ 9FE032AD8751C5DDCF01DE26C1EE84BC, FAE072D7FCAED0987EA7D822238521A7CF96662F8EFD154515EA2A6C5B4E64F5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:24:45.0694 0x0204 LMS - ok
21:24:45.0784 0x0204 [ CE87E8E09273791172F7A1C60B225648, 03AB8A69C5A58FD3BCFF9E36FF83338B6866D82E4E550CD7CED686C4CC096DC1 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
21:24:45.0790 0x0204 LSCWinService - ok
21:24:45.0824 0x0204 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:24:45.0829 0x0204 LSI_FC - ok
21:24:45.0834 0x0204 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:24:45.0836 0x0204 LSI_SAS - ok
21:24:45.0842 0x0204 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:24:45.0844 0x0204 LSI_SAS2 - ok
21:24:45.0861 0x0204 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:24:45.0865 0x0204 LSI_SCSI - ok
21:24:45.0870 0x0204 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:24:45.0873 0x0204 luafv - ok
21:24:45.0903 0x0204 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:24:45.0905 0x0204 MBAMProtector - ok
21:24:46.0018 0x0204 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:24:46.0072 0x0204 MBAMScheduler - ok
21:24:46.0138 0x0204 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:24:46.0172 0x0204 MBAMService - ok
21:24:46.0213 0x0204 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:24:46.0229 0x0204 MBAMSwissArmy - ok
21:24:46.0250 0x0204 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:24:46.0252 0x0204 MBAMWebAccessControl - ok
21:24:46.0322 0x0204 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
21:24:46.0330 0x0204 McComponentHostService - ok
21:24:46.0359 0x0204 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:24:46.0362 0x0204 Mcx2Svc - ok
21:24:46.0372 0x0204 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:24:46.0373 0x0204 megasas - ok
21:24:46.0381 0x0204 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:24:46.0389 0x0204 MegaSR - ok
21:24:46.0420 0x0204 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:24:46.0422 0x0204 MEIx64 - ok
21:24:46.0440 0x0204 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:24:46.0443 0x0204 MMCSS - ok
21:24:46.0452 0x0204 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:24:46.0453 0x0204 Modem - ok
21:24:46.0474 0x0204 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:24:46.0475 0x0204 monitor - ok
21:24:46.0483 0x0204 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:24:46.0486 0x0204 mouclass - ok
21:24:46.0492 0x0204 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:24:46.0493 0x0204 mouhid - ok
21:24:46.0511 0x0204 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:24:46.0514 0x0204 mountmgr - ok
21:24:46.0520 0x0204 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:24:46.0525 0x0204 mpio - ok
21:24:46.0532 0x0204 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:24:46.0534 0x0204 mpsdrv - ok
21:24:46.0570 0x0204 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:24:46.0589 0x0204 MpsSvc - ok
21:24:46.0614 0x0204 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:24:46.0619 0x0204 MRxDAV - ok
21:24:46.0649 0x0204 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:24:46.0653 0x0204 mrxsmb - ok
21:24:46.0670 0x0204 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:24:46.0677 0x0204 mrxsmb10 - ok
21:24:46.0708 0x0204 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:24:46.0712 0x0204 mrxsmb20 - ok
21:24:46.0727 0x0204 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:24:46.0730 0x0204 msahci - ok
21:24:46.0735 0x0204 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:24:46.0739 0x0204 msdsm - ok
21:24:46.0753 0x0204 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:24:46.0758 0x0204 MSDTC - ok
21:24:46.0778 0x0204 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:24:46.0780 0x0204 Msfs - ok
21:24:46.0790 0x0204 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:24:46.0791 0x0204 mshidkmdf - ok
21:24:46.0797 0x0204 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:24:46.0798 0x0204 msisadrv - ok
21:24:46.0820 0x0204 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:24:46.0828 0x0204 MSiSCSI - ok
21:24:46.0832 0x0204 msiserver - ok
21:24:46.0841 0x0204 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:24:46.0843 0x0204 MSKSSRV - ok
21:24:46.0850 0x0204 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:24:46.0852 0x0204 MSPCLOCK - ok
21:24:46.0855 0x0204 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:24:46.0856 0x0204 MSPQM - ok
21:24:46.0871 0x0204 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:24:46.0879 0x0204 MsRPC - ok
21:24:46.0890 0x0204 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:24:46.0891 0x0204 mssmbios - ok
21:24:46.0894 0x0204 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:24:46.0896 0x0204 MSTEE - ok
21:24:46.0899 0x0204 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:24:46.0900 0x0204 MTConfig - ok
21:24:46.0908 0x0204 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:24:46.0911 0x0204 Mup - ok
21:24:46.0966 0x0204 [ 35739E6A0C67147A9B75226946CDC903, C9DE77D6812C778F601F52E87ECDD228E52EA691AB9CEAD388998A7B5AFC3B89 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:24:46.0975 0x0204 MyWiFiDHCPDNS - ok
21:24:47.0017 0x0204 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:24:47.0026 0x0204 napagent - ok
21:24:47.0046 0x0204 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:24:47.0054 0x0204 NativeWifiP - ok
21:24:47.0112 0x0204 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:24:47.0132 0x0204 NDIS - ok
21:24:47.0144 0x0204 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:24:47.0147 0x0204 NdisCap - ok
21:24:47.0157 0x0204 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:24:47.0158 0x0204 NdisTapi - ok
21:24:47.0165 0x0204 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:24:47.0167 0x0204 Ndisuio - ok
21:24:47.0183 0x0204 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:24:47.0188 0x0204 NdisWan - ok
21:24:47.0202 0x0204 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:24:47.0204 0x0204 NDProxy - ok
21:24:47.0209 0x0204 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:24:47.0210 0x0204 NetBIOS - ok
21:24:47.0218 0x0204 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:24:47.0225 0x0204 NetBT - ok
21:24:47.0252 0x0204 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
21:24:47.0254 0x0204 Netlogon - ok
21:24:47.0278 0x0204 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:24:47.0287 0x0204 Netman - ok
21:24:47.0338 0x0204 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:24:47.0343 0x0204 NetMsmqActivator - ok
21:24:47.0349 0x0204 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:24:47.0351 0x0204 NetPipeActivator - ok
21:24:47.0372 0x0204 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:24:47.0383 0x0204 netprofm - ok
21:24:47.0390 0x0204 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:24:47.0393 0x0204 NetTcpActivator - ok
21:24:47.0398 0x0204 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:24:47.0401 0x0204 NetTcpPortSharing - ok
21:24:47.0512 0x0204 [ C873B801A7D628474313B2887D051607, 894877BAB599F52FB606B240D53FEB84CC4A6BAD8A45CB1983231CD2AE0C7A79 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw02.sys
21:24:47.0597 0x0204 NETwNs64 - ok
21:24:47.0608 0x0204 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:24:47.0610 0x0204 nfrd960 - ok
21:24:47.0641 0x0204 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:24:47.0648 0x0204 NlaSvc - ok
21:24:47.0652 0x0204 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:24:47.0653 0x0204 Npfs - ok
21:24:47.0669 0x0204 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:24:47.0670 0x0204 nsi - ok
21:24:47.0673 0x0204 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:24:47.0674 0x0204 nsiproxy - ok
21:24:47.0723 0x0204 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:24:47.0765 0x0204 Ntfs - ok
21:24:47.0772 0x0204 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:24:47.0773 0x0204 Null - ok
21:24:47.0779 0x0204 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:24:47.0783 0x0204 nvraid - ok
21:24:47.0791 0x0204 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:24:47.0797 0x0204 nvstor - ok
21:24:47.0802 0x0204 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:24:47.0805 0x0204 nv_agp - ok
21:24:47.0810 0x0204 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:24:47.0812 0x0204 ohci1394 - ok
21:24:47.0881 0x0204 [ 1B9E7338761DAE4839ED87D7A248F817, 03AF40570DD8F8326EAF2A18227280DF0CEFFF1E12966E2829839C4B1E7F700E ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:24:47.0886 0x0204 ose - ok
21:24:48.0097 0x0204 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:24:48.0286 0x0204 osppsvc - ok
21:24:48.0320 0x0204 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:24:48.0327 0x0204 p2pimsvc - ok
21:24:48.0347 0x0204 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:24:48.0355 0x0204 p2psvc - ok
21:24:48.0360 0x0204 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:24:48.0363 0x0204 Parport - ok
21:24:48.0369 0x0204 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:24:48.0371 0x0204 partmgr - ok
21:24:48.0399 0x0204 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:24:48.0405 0x0204 PcaSvc - ok
21:24:48.0423 0x0204 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:24:48.0428 0x0204 pci - ok
21:24:48.0432 0x0204 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:24:48.0433 0x0204 pciide - ok
21:24:48.0440 0x0204 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:24:48.0446 0x0204 pcmcia - ok
21:24:48.0450 0x0204 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:24:48.0452 0x0204 pcw - ok
21:24:48.0481 0x0204 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:24:48.0498 0x0204 PEAUTH - ok
21:24:48.0556 0x0204 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:24:48.0580 0x0204 PeerDistSvc - ok
21:24:48.0625 0x0204 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:24:48.0628 0x0204 PerfHost - ok
21:24:48.0680 0x0204 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:24:48.0722 0x0204 pla - ok
21:24:48.0757 0x0204 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:24:48.0765 0x0204 PlugPlay - ok
21:24:48.0775 0x0204 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:24:48.0777 0x0204 PNRPAutoReg - ok
21:24:48.0787 0x0204 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:24:48.0793 0x0204 PNRPsvc - ok
21:24:48.0820 0x0204 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:24:48.0832 0x0204 PolicyAgent - ok
21:24:48.0855 0x0204 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
21:24:48.0860 0x0204 Power - ok
21:24:48.0918 0x0204 [ 552F3539C70D010F97001E9B7228210B, 9CB45B7D67E0B99C78D0091173C983AB272FA8A18E1CB5AC3B1519B37964A11E ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
21:24:48.0945 0x0204 Power Manager DBC Service - ok
21:24:48.0961 0x0204 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:24:48.0967 0x0204 PptpMiniport - ok
21:24:48.0987 0x0204 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:24:48.0990 0x0204 Processor - ok
21:24:49.0013 0x0204 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:24:49.0019 0x0204 ProfSvc - ok
21:24:49.0030 0x0204 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:24:49.0031 0x0204 ProtectedStorage - ok
21:24:49.0053 0x0204 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
21:24:49.0054 0x0204 psadd - ok
21:24:49.0065 0x0204 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:24:49.0069 0x0204 Psched - ok
21:24:49.0119 0x0204 [ FB3D6070413925193EA32D1652B921F0, 5D0EEDC966BD5A042A761411E69B376BC16339032BCC460CD4F2965DF05C1033 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
21:24:49.0170 0x0204 PwmEWSvc - ok
21:24:49.0226 0x0204 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:24:49.0267 0x0204 ql2300 - ok
21:24:49.0275 0x0204 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:24:49.0278 0x0204 ql40xx - ok
21:24:49.0293 0x0204 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:24:49.0300 0x0204 QWAVE - ok
21:24:49.0304 0x0204 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:24:49.0306 0x0204 QWAVEdrv - ok
21:24:49.0309 0x0204 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:24:49.0311 0x0204 RasAcd - ok
21:24:49.0321 0x0204 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:24:49.0323 0x0204 RasAgileVpn - ok
21:24:49.0338 0x0204 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:24:49.0344 0x0204 RasAuto - ok
21:24:49.0351 0x0204 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:24:49.0354 0x0204 Rasl2tp - ok
21:24:49.0370 0x0204 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:24:49.0379 0x0204 RasMan - ok
21:24:49.0384 0x0204 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:24:49.0387 0x0204 RasPppoe - ok
21:24:49.0392 0x0204 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:24:49.0394 0x0204 RasSstp - ok
21:24:49.0403 0x0204 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:24:49.0410 0x0204 rdbss - ok
21:24:49.0414 0x0204 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:24:49.0415 0x0204 rdpbus - ok
21:24:49.0418 0x0204 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:24:49.0419 0x0204 RDPCDD - ok
21:24:49.0477 0x0204 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:24:49.0482 0x0204 RDPDR - ok
21:24:49.0489 0x0204 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:24:49.0489 0x0204 RDPENCDD - ok
21:24:49.0494 0x0204 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:24:49.0495 0x0204 RDPREFMP - ok
21:24:49.0523 0x0204 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:24:49.0531 0x0204 RDPWD - ok
21:24:49.0549 0x0204 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:24:49.0556 0x0204 rdyboost - ok
21:24:49.0632 0x0204 [ BC49E8BDBC6C1B161FDDB350CE423366, D98C7948EE36808164766DD9934C204599275BE9FCD83515F9C0153202D38C34 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:24:49.0639 0x0204 RegSrvc - ok
21:24:49.0666 0x0204 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:24:49.0672 0x0204 RemoteAccess - ok
21:24:49.0696 0x0204 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:24:49.0701 0x0204 RemoteRegistry - ok
21:24:49.0733 0x0204 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:24:49.0737 0x0204 RFCOMM - ok
21:24:49.0750 0x0204 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:24:49.0752 0x0204 RpcEptMapper - ok
21:24:49.0771 0x0204 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:24:49.0773 0x0204 RpcLocator - ok
21:24:49.0793 0x0204 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:24:49.0803 0x0204 RpcSs - ok
21:24:49.0815 0x0204 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:24:49.0817 0x0204 rspndr - ok
21:24:49.0857 0x0204 [ 1BE36AB59242A109697870F16A8E0EF8, CAC949D97EEFA0CE5E89084D0950B6E331145870355367803530D0DED4962F2E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:24:49.0875 0x0204 RTL8167 - ok
21:24:49.0914 0x0204 [ 61EF084BB097FFAB50D05EE5115F7F98, 334E691C45A473977301DB8E8D03747388D2A2D940D3BC15493476404D801645 ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
21:24:49.0925 0x0204 RTSPER - ok
21:24:49.0940 0x0204 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:24:49.0942 0x0204 s3cap - ok
21:24:49.0947 0x0204 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
21:24:49.0949 0x0204 SamSs - ok
21:24:49.0952 0x0204 SAService - ok
21:24:49.0957 0x0204 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:24:49.0960 0x0204 sbp2port - ok
21:24:49.0974 0x0204 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:24:49.0979 0x0204 SCardSvr - ok
21:24:49.0984 0x0204 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:24:49.0986 0x0204 scfilter - ok
21:24:50.0037 0x0204 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:24:50.0060 0x0204 Schedule - ok
21:24:50.0083 0x0204 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:24:50.0086 0x0204 SCPolicySvc - ok
21:24:50.0100 0x0204 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:24:50.0106 0x0204 SDRSVC - ok
21:24:50.0109 0x0204 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:24:50.0110 0x0204 secdrv - ok
21:24:50.0121 0x0204 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:24:50.0124 0x0204 seclogon - ok
21:24:50.0134 0x0204 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:24:50.0137 0x0204 SENS - ok
21:24:50.0159 0x0204 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:24:50.0161 0x0204 SensrSvc - ok
21:24:50.0166 0x0204 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:24:50.0167 0x0204 Serenum - ok
21:24:50.0172 0x0204 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
21:24:50.0174 0x0204 Serial - ok
21:24:50.0189 0x0204 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:24:50.0190 0x0204 sermouse - ok
21:24:50.0221 0x0204 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:24:50.0225 0x0204 SessionEnv - ok
21:24:50.0229 0x0204 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:24:50.0230 0x0204 sffdisk - ok
21:24:50.0233 0x0204 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:24:50.0234 0x0204 sffp_mmc - ok
21:24:50.0237 0x0204 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:24:50.0238 0x0204 sffp_sd - ok
21:24:50.0241 0x0204 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:24:50.0243 0x0204 sfloppy - ok
21:24:50.0288 0x0204 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:24:50.0296 0x0204 SharedAccess - ok
21:24:50.0317 0x0204 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:24:50.0328 0x0204 ShellHWDetection - ok
21:24:50.0349 0x0204 [ 07514491857759A5D02A741C9DB6ECA2, D3EB21D90DB68F8BE695961BFA1256E4FA1274D59B3AA465A5485215ABBAA8C5 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
21:24:50.0354 0x0204 Shockprf - ok
21:24:50.0365 0x0204 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:24:50.0367 0x0204 SiSRaid2 - ok
21:24:50.0385 0x0204 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:24:50.0388 0x0204 SiSRaid4 - ok
21:24:50.0392 0x0204 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:24:50.0395 0x0204 Smb - ok
21:24:50.0434 0x0204 [ 7C5B431BB6CD52C46295D9752C1C5A45, CBC2A342F019359629B7141ADD1A5AE3E97785D39ADD398EC60F897FABDD5554 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
21:24:50.0435 0x0204 SmbDrvI - ok
21:24:50.0445 0x0204 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:24:50.0447 0x0204 SNMPTRAP - ok
21:24:50.0506 0x0204 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:24:50.0510 0x0204 Sony PC Companion - ok
21:24:50.0514 0x0204 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:24:50.0515 0x0204 spldr - ok
21:24:50.0538 0x0204 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:24:50.0551 0x0204 Spooler - ok
21:24:50.0648 0x0204 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:24:50.0781 0x0204 sppsvc - ok
21:24:50.0790 0x0204 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:24:50.0793 0x0204 sppuinotify - ok
21:24:50.0818 0x0204 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:24:50.0828 0x0204 srv - ok
21:24:50.0840 0x0204 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:24:50.0849 0x0204 srv2 - ok
21:24:50.0856 0x0204 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:24:50.0860 0x0204 srvnet - ok
21:24:50.0878 0x0204 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:24:50.0884 0x0204 SSDPSRV - ok
21:24:50.0890 0x0204 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:24:50.0893 0x0204 SstpSvc - ok
21:24:50.0897 0x0204 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:24:50.0898 0x0204 stexstor - ok
21:24:50.0925 0x0204 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:24:50.0927 0x0204 StillCam - ok
21:24:50.0948 0x0204 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:24:50.0961 0x0204 stisvc - ok
21:24:50.0973 0x0204 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:24:50.0975 0x0204 storflt - ok
21:24:51.0001 0x0204 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:24:51.0003 0x0204 StorSvc - ok
21:24:51.0008 0x0204 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:24:51.0010 0x0204 storvsc - ok
21:24:51.0099 0x0204 [ 4219A2A1C9049CC35ADC65C1E2AC8842, 7B52107880251C7BA75E5A083A80B25FDC6C6AB34ACE7CDDAA990A04D76FB98E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:24:51.0102 0x0204 SUService - ok
21:24:51.0109 0x0204 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:24:51.0111 0x0204 swenum - ok
21:24:51.0151 0x0204 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:24:51.0170 0x0204 swprv - ok
21:24:51.0205 0x0204 [ 16021E640CFA11BFA5F4D789322CFC39, E7249AFD865607502A36A6EC931AA9D04185A255B568F9401D45608305DFBF83 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:24:51.0223 0x0204 SynTP - ok
21:24:51.0337 0x0204 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:24:51.0370 0x0204 SysMain - ok
21:24:51.0389 0x0204 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:24:51.0393 0x0204 TabletInputService - ok
21:24:51.0405 0x0204 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:24:51.0413 0x0204 TapiSrv - ok
21:24:51.0421 0x0204 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:24:51.0423 0x0204 TBS - ok
21:24:51.0517 0x0204 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:24:51.0589 0x0204 Tcpip - ok
21:24:51.0659 0x0204 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:24:51.0708 0x0204 TCPIP6 - ok
21:24:51.0742 0x0204 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:24:51.0745 0x0204 tcpipreg - ok
21:24:51.0750 0x0204 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:24:51.0751 0x0204 TDPIPE - ok
21:24:51.0768 0x0204 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:24:51.0770 0x0204 TDTCP - ok
21:24:51.0786 0x0204 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:24:51.0790 0x0204 tdx - ok
21:24:51.0794 0x0204 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:24:51.0796 0x0204 TermDD - ok
21:24:51.0839 0x0204 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:24:51.0854 0x0204 TermService - ok
21:24:51.0866 0x0204 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:24:51.0868 0x0204 Themes - ok
21:24:51.0890 0x0204 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:24:51.0892 0x0204 THREADORDER - ok
21:24:51.0907 0x0204 [ D34181414FB3060A968DF24C4BA98764, EDD1AC4D41C8F9B32E47FF03A391AAC6BDB26D00A8C43898D35610EB08EEA25C ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
21:24:51.0908 0x0204 TPDIGIMN - ok
21:24:51.0922 0x0204 [ F3B696FD7CFBB5D73FF59E1018D8043D, 20B96C409FCB67AA24D417CACBA516756EAE5D4574FDA7951BDB1FA1DF67209B ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
21:24:51.0926 0x0204 TPHDEXLGSVC - ok
21:24:51.0940 0x0204 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
21:24:51.0941 0x0204 TPM - ok
21:24:51.0954 0x0204 [ A9EF6C7E62DC3B01C51CFB92C1596C62, 432335FDA5DF9FF8C9B86767980A07C720E7158D5362E40D3A745817D4275A07 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
21:24:51.0955 0x0204 TPPWRIF - ok
21:24:51.0968 0x0204 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:24:51.0972 0x0204 TrkWks - ok
21:24:52.0009 0x0204 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:24:52.0014 0x0204 TrustedInstaller - ok
21:24:52.0043 0x0204 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:24:52.0046 0x0204 tssecsrv - ok
21:24:52.0050 0x0204 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:24:52.0052 0x0204 TsUsbFlt - ok
21:24:52.0057 0x0204 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:24:52.0058 0x0204 TsUsbGD - ok
21:24:52.0064 0x0204 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:24:52.0067 0x0204 tunnel - ok
21:24:52.0082 0x0204 [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
21:24:52.0084 0x0204 tvtvcamd - ok
21:24:52.0100 0x0204 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:24:52.0102 0x0204 uagp35 - ok
21:24:52.0116 0x0204 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:24:52.0125 0x0204 udfs - ok
21:24:52.0140 0x0204 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
|
|
29.11.2015, 21:50
| #5 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU Logfile von TDSS, Teil 2: Code:
ATTFilter 21:24:52.0143 0x0204 UI0Detect - ok 21:24:52.0150 0x0204 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:24:52.0152 0x0204 uliagpkx - ok 21:24:52.0166 0x0204 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:24:52.0168 0x0204 umbus - ok 21:24:52.0172 0x0204 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 21:24:52.0173 0x0204 UmPass - ok 21:24:52.0191 0x0204 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 21:24:52.0197 0x0204 UmRdpService - ok 21:24:52.0219 0x0204 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 21:24:52.0228 0x0204 upnphost - ok 21:24:52.0268 0x0204 [ 524BFB402B1AB1007ED91E94D6AB6F72, 5A970292D2E7A580FAD86615BC6E66C2A5C74044EFF6C1543E928773E5B9C0F8 ] usb3Hub C:\Windows\system32\DRIVERS\usb3Hub.sys 21:24:52.0273 0x0204 usb3Hub - ok 21:24:52.0289 0x0204 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:24:52.0292 0x0204 usbccgp - ok 21:24:52.0298 0x0204 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:24:52.0301 0x0204 usbcir - ok 21:24:52.0314 0x0204 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:24:52.0316 0x0204 usbehci - ok 21:24:52.0331 0x0204 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:24:52.0339 0x0204 usbhub - ok 21:24:52.0349 0x0204 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:24:52.0351 0x0204 usbohci - ok 21:24:52.0362 0x0204 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 21:24:52.0365 0x0204 usbprint - ok 21:24:52.0373 0x0204 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:24:52.0376 0x0204 USBSTOR - ok 21:24:52.0389 0x0204 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:24:52.0391 0x0204 usbuhci - ok 21:24:52.0411 0x0204 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:24:52.0416 0x0204 usbvideo - ok 21:24:52.0430 0x0204 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 21:24:52.0433 0x0204 UxSms - ok 21:24:52.0461 0x0204 [ 19B5A2B908BF97E81BA195B2321A9D8B, 08B0BBB5D0348D6C201137725FE0D5232C15889F6CB907DBA823F36036D89BAD ] ValBioService C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe 21:24:52.0462 0x0204 ValBioService - ok 21:24:52.0489 0x0204 [ BF7FFCD223323F80E4DDB9ADB5DDF1AE, 4BC7EE65C577D93DBF25EC253526F2FE642F32017C1DA52CFEA83AC8BF3E18CA ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe 21:24:52.0493 0x0204 valWBFPolicyService - ok 21:24:52.0502 0x0204 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe 21:24:52.0504 0x0204 VaultSvc - ok 21:24:52.0509 0x0204 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:24:52.0511 0x0204 vdrvroot - ok 21:24:52.0538 0x0204 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 21:24:52.0550 0x0204 vds - ok 21:24:52.0556 0x0204 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:24:52.0557 0x0204 vga - ok 21:24:52.0560 0x0204 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:24:52.0562 0x0204 VgaSave - ok 21:24:52.0573 0x0204 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:24:52.0579 0x0204 vhdmp - ok 21:24:52.0584 0x0204 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 21:24:52.0586 0x0204 viaide - ok 21:24:52.0656 0x0204 [ D339DF97110C5E2C01FA191787E60CA0, 0798E9CB36BFC439CF536870E9B7594491D6027DC3FA89779B322761C1B8372D ] vm331avs C:\Windows\system32\Drivers\vm331avs.sys 21:24:52.0691 0x0204 vm331avs - ok 21:24:52.0726 0x0204 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 21:24:52.0731 0x0204 vmbus - ok 21:24:52.0735 0x0204 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 21:24:52.0736 0x0204 VMBusHID - ok 21:24:52.0749 0x0204 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:24:52.0751 0x0204 volmgr - ok 21:24:52.0768 0x0204 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:24:52.0776 0x0204 volmgrx - ok 21:24:52.0786 0x0204 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:24:52.0792 0x0204 volsnap - ok 21:24:52.0811 0x0204 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:24:52.0815 0x0204 vsmraid - ok 21:24:52.0864 0x0204 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 21:24:52.0900 0x0204 VSS - ok 21:24:52.0906 0x0204 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:24:52.0907 0x0204 vwifibus - ok 21:24:52.0913 0x0204 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:24:52.0916 0x0204 vwififlt - ok 21:24:52.0999 0x0204 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 21:24:53.0001 0x0204 vwifimp - ok 21:24:53.0025 0x0204 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 21:24:53.0038 0x0204 W32Time - ok 21:24:53.0044 0x0204 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:24:53.0048 0x0204 WacomPen - ok 21:24:53.0054 0x0204 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:24:53.0057 0x0204 WANARP - ok 21:24:53.0062 0x0204 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:24:53.0065 0x0204 Wanarpv6 - ok 21:24:53.0111 0x0204 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 21:24:53.0151 0x0204 wbengine - ok 21:24:53.0160 0x0204 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:24:53.0166 0x0204 WbioSrvc - ok 21:24:53.0176 0x0204 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:24:53.0186 0x0204 wcncsvc - ok 21:24:53.0195 0x0204 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:24:53.0198 0x0204 WcsPlugInService - ok 21:24:53.0202 0x0204 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 21:24:53.0203 0x0204 Wd - ok 21:24:53.0229 0x0204 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:24:53.0246 0x0204 Wdf01000 - ok 21:24:53.0262 0x0204 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:24:53.0282 0x0204 WdiServiceHost - ok 21:24:53.0286 0x0204 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:24:53.0289 0x0204 WdiSystemHost - ok 21:24:53.0325 0x0204 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 21:24:53.0333 0x0204 WebClient - ok 21:24:53.0347 0x0204 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:24:53.0354 0x0204 Wecsvc - ok 21:24:53.0361 0x0204 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:24:53.0365 0x0204 wercplsupport - ok 21:24:53.0370 0x0204 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 21:24:53.0374 0x0204 WerSvc - ok 21:24:53.0378 0x0204 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:24:53.0379 0x0204 WfpLwf - ok 21:24:53.0392 0x0204 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:24:53.0393 0x0204 WIMMount - ok 21:24:53.0439 0x0204 WinDefend - ok 21:24:53.0445 0x0204 WinHttpAutoProxySvc - ok 21:24:53.0482 0x0204 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:24:53.0489 0x0204 Winmgmt - ok 21:24:53.0559 0x0204 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 21:24:53.0651 0x0204 WinRM - ok 21:24:53.0683 0x0204 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys 21:24:53.0686 0x0204 WinUsb - ok 21:24:53.0714 0x0204 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:24:53.0735 0x0204 Wlansvc - ok 21:24:53.0742 0x0204 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:24:53.0744 0x0204 WmiAcpi - ok 21:24:53.0786 0x0204 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:24:53.0791 0x0204 wmiApSrv - ok 21:24:53.0804 0x0204 WMPNetworkSvc - ok 21:24:53.0822 0x0204 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:24:53.0824 0x0204 WPCSvc - ok 21:24:53.0839 0x0204 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:24:53.0844 0x0204 WPDBusEnum - ok 21:24:53.0852 0x0204 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:24:53.0853 0x0204 ws2ifsl - ok 21:24:53.0877 0x0204 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 21:24:53.0880 0x0204 wscsvc - ok 21:24:53.0885 0x0204 WSearch - ok 21:24:53.0986 0x0204 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll 21:24:54.0059 0x0204 wuauserv - ok 21:24:54.0182 0x0204 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:24:54.0189 0x0204 WudfPf - ok 21:24:54.0222 0x0204 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:24:54.0230 0x0204 WUDFRd - ok 21:24:54.0238 0x0204 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:24:54.0244 0x0204 wudfsvc - ok 21:24:54.0302 0x0204 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 21:24:54.0316 0x0204 WwanSvc - ok 21:24:54.0514 0x0204 [ C3FFB098C24A82B61E1818C3BB978B48, C7BC57A8D549B7478052F05FD0B4C623F1B70187358FD3CB5A7E9B5092FBD75F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 21:24:54.0668 0x0204 ZeroConfigService - ok 21:24:54.0700 0x0204 ================ Scan global =============================== 21:24:54.0728 0x0204 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 21:24:54.0756 0x0204 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 21:24:54.0769 0x0204 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 21:24:54.0786 0x0204 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 21:24:54.0814 0x0204 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 21:24:54.0822 0x0204 [ Global ] - ok 21:24:54.0822 0x0204 ================ Scan MBR ================================== 21:24:54.0836 0x0204 [ 3C10CC64408FD361AA392029816603BE ] \Device\Harddisk0\DR0 21:24:55.0091 0x0204 \Device\Harddisk0\DR0 - ok 21:24:55.0092 0x0204 ================ Scan VBR ================================== 21:24:55.0095 0x0204 [ A268329E47236A1427D06FE623E25EDF ] \Device\Harddisk0\DR0\Partition1 21:24:55.0109 0x0204 \Device\Harddisk0\DR0\Partition1 - ok 21:24:55.0113 0x0204 [ 1BCC9905345EA33A52D3456ED16A5665 ] \Device\Harddisk0\DR0\Partition2 21:24:55.0120 0x0204 \Device\Harddisk0\DR0\Partition2 - ok 21:24:55.0142 0x0204 [ B54B30046ACAA40F06DB991EADCAD0E4 ] \Device\Harddisk0\DR0\Partition3 21:24:55.0145 0x0204 \Device\Harddisk0\DR0\Partition3 - ok 21:24:55.0150 0x0204 [ DFCA5FC290B016A3096325987A5D7C65 ] \Device\Harddisk0\DR0\Partition4 21:24:55.0173 0x0204 \Device\Harddisk0\DR0\Partition4 - ok 21:24:55.0173 0x0204 ================ Scan generic autorun ====================== 21:24:55.0310 0x0204 [ 18CE3B3E42FBDF53883AE982152A0B45, E9E0DBA4CBE3B6CA7CE76591D65878ADB65DD4F3AF2CEAD0BD63559AE646AEB6 ] C:\Windows\system32\igfxtray.exe 21:24:55.0315 0x0204 IgfxTray - ok 21:24:55.0329 0x0204 [ FF71518046D79001513377100B79E2A3, 668057BF2B23212DA0C83849339D74949AE24E7F7866A2B9DE1D973E52F1BC3A ] C:\Windows\system32\hkcmd.exe 21:24:55.0340 0x0204 HotKeysCmds - ok 21:24:55.0374 0x0204 [ 763F57136C09C4A9E5B7C155400239CC, B661C8137322562E9014D946C7B58FAA15BC3948A1509A1B5A6DAEDCBF9FCA8C ] C:\Windows\system32\igfxpers.exe 21:24:55.0385 0x0204 Persistence - ok 21:24:55.0429 0x0204 [ 9E1738D18C61E6935AD0E8EE19D100D8, C2864677359A977CB67F16664DF44C4001CF4C04AD29401450D1BC3CDD9421AD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe 21:24:55.0448 0x0204 cAudioFilterAgent - ok 21:24:55.0473 0x0204 [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe 21:24:55.0475 0x0204 ForteConfig - ok 21:24:55.0540 0x0204 [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe 21:24:55.0590 0x0204 SmartAudio - ok 21:24:55.0615 0x0204 [ 78C0F0EA63438D2441E7F9CAC9619889, DA121F5637D8BA09EE9BFAD58757775B4775EFCCC06DC1DEF68F26C90C0F985F ] C:\Windows\system32\TpShocks.exe 21:24:55.0624 0x0204 TpShocks - ok 21:24:55.0667 0x0204 [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe 21:24:55.0672 0x0204 BLEServicesCtrl - ok 21:24:55.0674 0x0204 BTMTrayAgent - ok 21:24:55.0674 0x0204 SynTPEnh - ok 21:24:55.0713 0x0204 [ 2438CD7EFF8399E41B29A3D0DB0873D9, 5EA16FBF213E81013DE3FC83319C6A75214513A2AEE6A5403742348F739031D4 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe 21:24:55.0717 0x0204 IMSS - ok 21:24:55.0803 0x0204 [ E0E7C48CAF25943DB1B034364501134A, 6F3D325F82448668EBEBEE1DEA7CC686DE6ED37E903F28FE3521B4018F427B62 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 21:24:55.0818 0x0204 USB3MON - ok 21:24:55.0862 0x0204 [ FA6220C7FDF2D94CFF82D45B72E5C929, C3E414388F8818EC4B3BEABC8ED16DE6CBF965A6603328A45AD6D9A1808F3E55 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE 21:24:55.0874 0x0204 331BigDog - ok 21:24:55.0876 0x0204 PWMTRV - ok 21:24:55.0976 0x0204 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe 21:24:56.0009 0x0204 avgnt - ok 21:24:56.0080 0x0204 [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 21:24:56.0085 0x0204 HP Software Update - ok 21:24:56.0214 0x0204 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 21:24:56.0259 0x0204 Sidebar - ok 21:24:56.0287 0x0204 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 21:24:56.0289 0x0204 mctadmin - ok 21:24:56.0336 0x0204 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 21:24:56.0355 0x0204 Sidebar - ok 21:24:56.0363 0x0204 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 21:24:56.0365 0x0204 mctadmin - ok 21:24:56.0601 0x0204 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe 21:24:56.0672 0x0204 HP Officejet 6700 (NET) - ok 21:24:56.0675 0x0204 Web Companion - ok 21:24:57.0508 0x0204 [ 1FA9AC9760AA04253B4D5D7DD8BF1073, 8514D8C242495A2214321A501C04455428471A884C558B4983CEBC6FD71B11F7 ] C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe 21:24:57.0564 0x0204 Screenleap - ok 21:24:57.0602 0x0204 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe 21:24:57.0608 0x0204 Uninstall C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64 - ok 21:24:57.0609 0x0204 Waiting for KSN requests completion. In queue: 123 21:24:58.0609 0x0204 Waiting for KSN requests completion. In queue: 123 21:24:59.0609 0x0204 Waiting for KSN requests completion. In queue: 123 21:25:00.0609 0x0204 Waiting for KSN requests completion. In queue: 123 21:25:01.0642 0x0204 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated ) 21:25:01.0699 0x0204 Win FW state via NFP2: enabled ( trusted ) 21:25:04.0101 0x0204 ============================================================ 21:25:04.0101 0x0204 Scan finished 21:25:04.0101 0x0204 ============================================================ 21:25:04.0109 0x1d00 Detected object count: 0 21:25:04.0109 0x1d00 Actual detected object count: 0 21:27:18.0622 0x1a90 ============================================================ 21:27:18.0622 0x1a90 Scan started 21:27:18.0622 0x1a90 Mode: Manual; 21:27:18.0623 0x1a90 ============================================================ 21:27:18.0623 0x1a90 KSN ping started 21:27:20.0969 0x1a90 KSN ping finished: true 21:27:21.0457 0x1a90 ================ Scan system memory ======================== 21:27:21.0457 0x1a90 System memory - ok 21:27:21.0457 0x1a90 ================ Scan services ============================= 21:27:21.0569 0x1a90 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:27:21.0581 0x1a90 1394ohci - ok 21:27:21.0598 0x1a90 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:27:21.0608 0x1a90 ACPI - ok 21:27:21.0616 0x1a90 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:27:21.0616 0x1a90 AcpiPmi - ok 21:27:21.0674 0x1a90 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:27:21.0678 0x1a90 AdobeARMservice - ok 21:27:21.0783 0x1a90 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:27:21.0797 0x1a90 AdobeFlashPlayerUpdateSvc - ok 21:27:21.0828 0x1a90 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:27:21.0841 0x1a90 adp94xx - ok 21:27:21.0862 0x1a90 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:27:21.0868 0x1a90 adpahci - ok 21:27:21.0876 0x1a90 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:27:21.0879 0x1a90 adpu320 - ok 21:27:21.0905 0x1a90 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:27:21.0907 0x1a90 AeLookupSvc - ok 21:27:21.0943 0x1a90 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 21:27:21.0951 0x1a90 AFD - ok 21:27:21.0968 0x1a90 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 21:27:21.0969 0x1a90 agp440 - ok 21:27:21.0976 0x1a90 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 21:27:21.0978 0x1a90 ALG - ok 21:27:21.0981 0x1a90 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 21:27:21.0982 0x1a90 aliide - ok 21:27:21.0985 0x1a90 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 21:27:21.0986 0x1a90 amdide - ok 21:27:21.0993 0x1a90 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:27:21.0994 0x1a90 AmdK8 - ok 21:27:21.0999 0x1a90 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:27:22.0000 0x1a90 AmdPPM - ok 21:27:22.0005 0x1a90 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:27:22.0007 0x1a90 amdsata - ok 21:27:22.0019 0x1a90 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:27:22.0022 0x1a90 amdsbs - ok 21:27:22.0025 0x1a90 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:27:22.0027 0x1a90 amdxata - ok 21:27:22.0132 0x1a90 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe 21:27:22.0155 0x1a90 AntiVirMailService - ok 21:27:22.0247 0x1a90 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe 21:27:22.0261 0x1a90 AntiVirSchedulerService - ok 21:27:22.0314 0x1a90 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe 21:27:22.0333 0x1a90 AntiVirService - ok 21:27:22.0385 0x1a90 [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe 21:27:22.0405 0x1a90 AntiVirWebService - ok 21:27:22.0438 0x1a90 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys 21:27:22.0439 0x1a90 AppID - ok 21:27:22.0448 0x1a90 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:27:22.0449 0x1a90 AppIDSvc - ok 21:27:22.0471 0x1a90 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll 21:27:22.0473 0x1a90 Appinfo - ok 21:27:22.0502 0x1a90 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 21:27:22.0506 0x1a90 AppMgmt - ok 21:27:22.0511 0x1a90 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 21:27:22.0513 0x1a90 arc - ok 21:27:22.0518 0x1a90 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:27:22.0520 0x1a90 arcsas - ok 21:27:22.0584 0x1a90 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 21:27:22.0587 0x1a90 aspnet_state - ok 21:27:22.0594 0x1a90 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:27:22.0595 0x1a90 AsyncMac - ok 21:27:22.0602 0x1a90 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 21:27:22.0604 0x1a90 atapi - ok 21:27:22.0667 0x1a90 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:27:22.0680 0x1a90 AudioEndpointBuilder - ok 21:27:22.0698 0x1a90 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:27:22.0710 0x1a90 AudioSrv - ok 21:27:22.0738 0x1a90 [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 21:27:22.0741 0x1a90 avgntflt - ok 21:27:22.0771 0x1a90 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 21:27:22.0774 0x1a90 avipbb - ok 21:27:22.0858 0x1a90 [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 21:27:22.0871 0x1a90 Avira.ServiceHost - ok 21:27:22.0872 0x1a90 Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost 21:27:25.0312 0x1a90 Object send P2P result: true 21:27:25.0379 0x1a90 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 21:27:25.0381 0x1a90 avkmgr - ok 21:27:25.0418 0x1a90 [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 21:27:25.0422 0x1a90 avnetflt - ok 21:27:25.0452 0x1a90 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:27:25.0456 0x1a90 AxInstSV - ok 21:27:25.0483 0x1a90 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:27:25.0493 0x1a90 b06bdrv - ok 21:27:25.0502 0x1a90 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:27:25.0508 0x1a90 b57nd60a - ok 21:27:25.0570 0x1a90 [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe 21:27:25.0573 0x1a90 BBSvc - ok 21:27:25.0617 0x1a90 [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe 21:27:25.0621 0x1a90 BBUpdate - ok 21:27:25.0646 0x1a90 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 21:27:25.0649 0x1a90 BDESVC - ok 21:27:25.0652 0x1a90 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 21:27:25.0654 0x1a90 Beep - ok 21:27:25.0675 0x1a90 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 21:27:25.0689 0x1a90 BFE - ok 21:27:25.0731 0x1a90 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 21:27:25.0749 0x1a90 BITS - ok 21:27:25.0755 0x1a90 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:27:25.0756 0x1a90 blbdrive - ok 21:27:25.0825 0x1a90 [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 21:27:25.0844 0x1a90 Bluetooth Device Monitor - ok 21:27:25.0895 0x1a90 [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 21:27:25.0918 0x1a90 Bluetooth Media Service - ok 21:27:25.0955 0x1a90 [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 21:27:25.0974 0x1a90 Bluetooth OBEX Service - ok 21:27:26.0003 0x1a90 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:27:26.0006 0x1a90 bowser - ok 21:27:26.0010 0x1a90 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:27:26.0010 0x1a90 BrFiltLo - ok 21:27:26.0014 0x1a90 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:27:26.0014 0x1a90 BrFiltUp - ok 21:27:26.0029 0x1a90 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 21:27:26.0032 0x1a90 Browser - ok 21:27:26.0041 0x1a90 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:27:26.0047 0x1a90 Brserid - ok 21:27:26.0051 0x1a90 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:27:26.0052 0x1a90 BrSerWdm - ok 21:27:26.0057 0x1a90 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:27:26.0058 0x1a90 BrUsbMdm - ok 21:27:26.0061 0x1a90 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:27:26.0062 0x1a90 BrUsbSer - ok 21:27:26.0085 0x1a90 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 21:27:26.0087 0x1a90 BthEnum - ok 21:27:26.0091 0x1a90 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:27:26.0093 0x1a90 BTHMODEM - ok 21:27:26.0109 0x1a90 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:27:26.0112 0x1a90 BthPan - ok 21:27:26.0130 0x1a90 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 21:27:26.0142 0x1a90 BTHPORT - ok 21:27:26.0150 0x1a90 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 21:27:26.0152 0x1a90 bthserv - ok 21:27:26.0163 0x1a90 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 21:27:26.0165 0x1a90 BTHUSB - ok 21:27:26.0182 0x1a90 [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 21:27:26.0186 0x1a90 btmaux - ok 21:27:26.0232 0x1a90 [ D66F3A4F11E42142722DCF9DC5A451D6, 6576421E24ABB4F0A7B5EFB5CF6F9C6F510AFDD0087415D57A5ABBB0866B3E39 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 21:27:26.0257 0x1a90 btmhsf - ok 21:27:26.0267 0x1a90 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:27:26.0270 0x1a90 cdfs - ok 21:27:26.0276 0x1a90 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:27:26.0279 0x1a90 cdrom - ok 21:27:26.0293 0x1a90 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 21:27:26.0295 0x1a90 CertPropSvc - ok 21:27:26.0298 0x1a90 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 21:27:26.0300 0x1a90 circlass - ok 21:27:26.0322 0x1a90 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 21:27:26.0328 0x1a90 CLFS - ok 21:27:26.0578 0x1a90 [ 2CE5D5AEE7EC90FE0CF8A8FBBB1B1A6C, E93E8362FB1D173D8F15C753190CF41474C183A667AF90378389563A70D93864 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 21:27:26.0629 0x1a90 ClickToRunSvc - ok 21:27:26.0691 0x1a90 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:27:26.0694 0x1a90 clr_optimization_v2.0.50727_32 - ok 21:27:26.0726 0x1a90 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:27:26.0732 0x1a90 clr_optimization_v2.0.50727_64 - ok 21:27:26.0771 0x1a90 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:27:26.0774 0x1a90 clr_optimization_v4.0.30319_32 - ok 21:27:26.0799 0x1a90 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:27:26.0803 0x1a90 clr_optimization_v4.0.30319_64 - ok 21:27:26.0808 0x1a90 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:27:26.0810 0x1a90 CmBatt - ok 21:27:26.0815 0x1a90 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:27:26.0816 0x1a90 cmdide - ok 21:27:26.0849 0x1a90 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys 21:27:26.0863 0x1a90 CNG - ok 21:27:26.0925 0x1a90 [ CE6D6C023F23F968ABF03892972A9DCF, EBF415F15A30ED76C1D416D3D7E2D0558273DF08A134BFEF108BBE2410803ECC ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 21:27:26.0991 0x1a90 CnxtHdAudService - ok 21:27:27.0006 0x1a90 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:27:27.0008 0x1a90 Compbatt - ok 21:27:27.0011 0x1a90 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:27:27.0013 0x1a90 CompositeBus - ok 21:27:27.0016 0x1a90 COMSysApp - ok 21:27:27.0066 0x1a90 [ 76FE8C1490B70250921EC88D833742D0, 19625C894E457300641456F5BE0AEB8A7AE96661B5DE49EE772E2621FAAB92AA ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 21:27:27.0072 0x1a90 cphs - ok 21:27:27.0076 0x1a90 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:27:27.0077 0x1a90 crcdisk - ok 21:27:27.0105 0x1a90 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:27:27.0109 0x1a90 CryptSvc - ok 21:27:27.0140 0x1a90 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 21:27:27.0151 0x1a90 CSC - ok 21:27:27.0170 0x1a90 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 21:27:27.0182 0x1a90 CscService - ok 21:27:27.0204 0x1a90 [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe 21:27:27.0208 0x1a90 CxAudMsg - ok 21:27:27.0241 0x1a90 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:27:27.0250 0x1a90 DcomLaunch - ok 21:27:27.0375 0x1a90 [ CC8B5C964B777F4EC3E89F13B4B5FF0F, 75E161265CCFFCB61FCE855C9790E2E06531E6B1C3DCCB1E3018466D03AD3919 ] DCService.exe C:\ProgramData\DatacardService\DCService.exe 21:27:27.0387 0x1a90 DCService.exe - ok 21:27:27.0427 0x1a90 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 21:27:27.0436 0x1a90 defragsvc - ok 21:27:27.0443 0x1a90 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:27:27.0447 0x1a90 DfsC - ok 21:27:27.0481 0x1a90 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:27:27.0487 0x1a90 Dhcp - ok 21:27:27.0492 0x1a90 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 21:27:27.0493 0x1a90 discache - ok 21:27:27.0497 0x1a90 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 21:27:27.0499 0x1a90 Disk - ok 21:27:27.0766 0x1a90 [ 260169AFE0247D3817DDD7EC6C6AD0BC, 2C0FB869A23AC18B7874899C5599691464C158E1881AD5EEEE95D6D0B182C9CF ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe 21:27:28.0017 0x1a90 DisplayLinkService - ok 21:27:28.0046 0x1a90 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 21:27:28.0049 0x1a90 dmvsc - ok 21:27:28.0066 0x1a90 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:27:28.0070 0x1a90 Dnscache - ok 21:27:28.0078 0x1a90 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 21:27:28.0084 0x1a90 dot3svc - ok 21:27:28.0099 0x1a90 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 21:27:28.0103 0x1a90 DPS - ok 21:27:28.0108 0x1a90 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:27:28.0109 0x1a90 drmkaud - ok 21:27:28.0150 0x1a90 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:27:28.0171 0x1a90 DXGKrnl - ok 21:27:28.0182 0x1a90 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 21:27:28.0185 0x1a90 EapHost - ok 21:27:28.0275 0x1a90 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:27:28.0359 0x1a90 ebdrv - ok 21:27:28.0372 0x1a90 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe 21:27:28.0373 0x1a90 EFS - ok 21:27:28.0452 0x1a90 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:27:28.0475 0x1a90 ehRecvr - ok 21:27:28.0482 0x1a90 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 21:27:28.0485 0x1a90 ehSched - ok 21:27:28.0508 0x1a90 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:27:28.0519 0x1a90 elxstor - ok 21:27:28.0523 0x1a90 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:27:28.0524 0x1a90 ErrDev - ok 21:27:28.0550 0x1a90 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 21:27:28.0557 0x1a90 EventSystem - ok 21:27:28.0662 0x1a90 [ 7876CB89775B67347797E04775B2FAF9, F62D2778F7399B04E3A0DDE2E87428AB92D9FA63FBDF943709BC38A94F0015E6 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 21:27:28.0676 0x1a90 EvtEng - ok 21:27:28.0713 0x1a90 [ 23B79B19F49A037EBA4A9A3BB03ED91D, 2E0918B20188CBFAC0E64A5B36739DF4638A343553908888DFDD708743370F3F ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys 21:27:28.0719 0x1a90 ewusbnet - ok 21:27:28.0746 0x1a90 [ E2CBB821C7CAE0EF8B56DE28ED85C740, 4AB358FEBC7B57774B2DD54705FAD3F5E0308F1E1FECBED73231DCEF11CF7D3B ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 21:27:28.0750 0x1a90 ew_hwusbdev - ok 21:27:28.0757 0x1a90 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 21:27:28.0761 0x1a90 exfat - ok 21:27:28.0768 0x1a90 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:27:28.0773 0x1a90 fastfat - ok 21:27:28.0799 0x1a90 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 21:27:28.0813 0x1a90 Fax - ok 21:27:28.0818 0x1a90 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 21:27:28.0819 0x1a90 fdc - ok 21:27:28.0829 0x1a90 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 21:27:28.0830 0x1a90 fdPHost - ok 21:27:28.0837 0x1a90 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 21:27:28.0838 0x1a90 FDResPub - ok 21:27:28.0842 0x1a90 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:27:28.0844 0x1a90 FileInfo - ok 21:27:28.0848 0x1a90 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:27:28.0850 0x1a90 Filetrace - ok 21:27:28.0853 0x1a90 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:27:28.0854 0x1a90 flpydisk - ok 21:27:28.0869 0x1a90 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:27:28.0874 0x1a90 FltMgr - ok 21:27:28.0927 0x1a90 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll 21:27:28.0961 0x1a90 FontCache - ok 21:27:28.0987 0x1a90 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:27:28.0989 0x1a90 FontCache3.0.0.0 - ok 21:27:28.0993 0x1a90 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:27:28.0994 0x1a90 FsDepends - ok 21:27:28.0998 0x1a90 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:27:28.0999 0x1a90 Fs_Rec - ok 21:27:29.0006 0x1a90 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:27:29.0010 0x1a90 fvevol - ok 21:27:29.0023 0x1a90 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:27:29.0025 0x1a90 gagp30kx - ok 21:27:29.0057 0x1a90 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 21:27:29.0073 0x1a90 gpsvc - ok 21:27:29.0087 0x1a90 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:27:29.0088 0x1a90 hcw85cir - ok 21:27:29.0106 0x1a90 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:27:29.0114 0x1a90 HdAudAddService - ok 21:27:29.0140 0x1a90 [ 12DED0995AE2BA68EBBE70E14A76EE02, 54A658F4E8D6D98594BE43289083AD4267EB6B3F99D789A75719DBCA5188E87F ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:27:29.0143 0x1a90 HDAudBus - ok 21:27:29.0148 0x1a90 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:27:29.0150 0x1a90 HidBatt - ok 21:27:29.0154 0x1a90 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:27:29.0157 0x1a90 HidBth - ok 21:27:29.0161 0x1a90 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 21:27:29.0162 0x1a90 HidIr - ok 21:27:29.0178 0x1a90 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 21:27:29.0179 0x1a90 hidserv - ok 21:27:29.0184 0x1a90 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:27:29.0185 0x1a90 HidUsb - ok 21:27:29.0196 0x1a90 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:27:29.0198 0x1a90 hkmsvc - ok 21:27:29.0216 0x1a90 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:27:29.0222 0x1a90 HomeGroupListener - ok 21:27:29.0239 0x1a90 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:27:29.0243 0x1a90 HomeGroupProvider - ok 21:27:29.0251 0x1a90 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:27:29.0254 0x1a90 HpSAMD - ok 21:27:29.0293 0x1a90 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:27:29.0306 0x1a90 HTTP - ok 21:27:29.0329 0x1a90 [ 08B1A06A55F068A17A51BA26618CF50F, 8ADFC9D3003208A9B3BE12DCD1418A13C4D19E13E00EFEE556EF87B70F49B2E6 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys 21:27:29.0331 0x1a90 huawei_enumerator - ok 21:27:29.0348 0x1a90 [ 6E5CD3984742A922D0C183C7E82C3C94, EE350C8736F0AC6751E18694E1F1142477112C8C2D83347C1EE9483BEC0DA117 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 21:27:29.0352 0x1a90 hwdatacard - ok 21:27:29.0361 0x1a90 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:27:29.0361 0x1a90 hwpolicy - ok 21:27:29.0369 0x1a90 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:27:29.0371 0x1a90 i8042prt - ok 21:27:29.0407 0x1a90 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys 21:27:29.0421 0x1a90 iaStorA - ok 21:27:29.0435 0x1a90 [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys 21:27:29.0436 0x1a90 iaStorF - ok 21:27:29.0447 0x1a90 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:27:29.0455 0x1a90 iaStorV - ok 21:27:29.0468 0x1a90 [ B005844661028E11480D724A709CC298, DC738AA0246581814915160BA824C2DB9009E6CFCCDB6A268F08C8D13F52BEB0 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 21:27:29.0470 0x1a90 IBMPMDRV - ok 21:27:29.0480 0x1a90 [ ED802CE6B36E280401197F593634C1DD, 620F2D5F40B8E61DE606FC1B1B1DCDD12BE7431E065F9CB776FDCFF915B1D243 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 21:27:29.0481 0x1a90 IBMPMSVC - ok 21:27:29.0506 0x1a90 [ 617EEDD27FB557C9D95D68096564C930, 59AA6F9884C9B504D5B524B6EFF8148669251085FAF12AE3634F0C753850CDC3 ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys 21:27:29.0509 0x1a90 ibtusb - ok 21:27:29.0553 0x1a90 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:27:29.0572 0x1a90 idsvc - ok 21:27:29.0576 0x1a90 IEEtwCollectorService - ok 21:27:29.0714 0x1a90 [ AEF200DC087141A5F66A6B006D2F0FD4, A38A0684637D9FE58271D91B93184A72414948E35145D19246BF6FBC60E28B3C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:27:29.0832 0x1a90 igfx - ok 21:27:29.0844 0x1a90 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:27:29.0845 0x1a90 iirsp - ok 21:27:29.0877 0x1a90 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 21:27:29.0894 0x1a90 IKEEXT - ok 21:27:29.0915 0x1a90 [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 21:27:29.0917 0x1a90 intaud_WaveExtensible - ok 21:27:29.0947 0x1a90 [ EEE7376243CD8A4B49B885EF122D25E5, A3B89E7B513C95558C4DA41D3C136D464381263BA43E00EC136FC776DAA0BA94 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 21:27:29.0957 0x1a90 IntcDAud - ok 21:27:30.0010 0x1a90 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 21:27:30.0025 0x1a90 Intel(R) Capability Licensing Service Interface - ok 21:27:30.0055 0x1a90 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 21:27:30.0072 0x1a90 Intel(R) Capability Licensing Service TCP IP Interface - ok 21:27:30.0077 0x1a90 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 21:27:30.0078 0x1a90 intelide - ok 21:27:30.0099 0x1a90 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:27:30.0101 0x1a90 intelppm - ok 21:27:30.0112 0x1a90 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:27:30.0115 0x1a90 IPBusEnum - ok 21:27:30.0119 0x1a90 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:27:30.0121 0x1a90 IpFilterDriver - ok 21:27:30.0146 0x1a90 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:27:30.0158 0x1a90 iphlpsvc - ok 21:27:30.0163 0x1a90 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:27:30.0165 0x1a90 IPMIDRV - ok 21:27:30.0171 0x1a90 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:27:30.0173 0x1a90 IPNAT - ok 21:27:30.0177 0x1a90 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:27:30.0178 0x1a90 IRENUM - ok 21:27:30.0181 0x1a90 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:27:30.0182 0x1a90 isapnp - ok 21:27:30.0208 0x1a90 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:27:30.0215 0x1a90 iScsiPrt - ok 21:27:30.0232 0x1a90 [ 72B203A1F805C07E920E537414A0EA5F, 7EFB2A397034FF3D451D1763865E8AA330D8D4656E7C6F8CDA6489868023C36E ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 21:27:30.0235 0x1a90 iusb3hcs - ok 21:27:30.0253 0x1a90 [ 474BFFCF3214208C5FD440217D34FE6E, 181E4A091B24E8FBB9C1072E1FD2BABB1B0AD68D1112563A70A791FA3546D4CE ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 21:27:30.0261 0x1a90 iusb3hub - ok 21:27:30.0303 0x1a90 [ 842A11F2020CD94A0120E61F902E3664, 464EDED37258A22AC38C007524E34ED1A795E5607FF8BD322455A8F76CB4BDCE ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 21:27:30.0320 0x1a90 iusb3xhc - ok 21:27:30.0333 0x1a90 [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys 21:27:30.0334 0x1a90 iwdbus - ok 21:27:30.0390 0x1a90 [ 9BFDEFD51800A2D47D43919653F4BEF4, C7221D9F82F7F04343EDA6FE41A4EC4C97F6DC4170780AA3983C8735369A5026 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 21:27:30.0397 0x1a90 jhi_service - ok 21:27:30.0404 0x1a90 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:27:30.0407 0x1a90 kbdclass - ok 21:27:30.0414 0x1a90 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:27:30.0415 0x1a90 kbdhid - ok 21:27:30.0432 0x1a90 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe 21:27:30.0433 0x1a90 KeyIso - ok 21:27:30.0449 0x1a90 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:27:30.0451 0x1a90 KSecDD - ok 21:27:30.0464 0x1a90 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:27:30.0469 0x1a90 KSecPkg - ok 21:27:30.0480 0x1a90 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:27:30.0481 0x1a90 ksthunk - ok 21:27:30.0505 0x1a90 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 21:27:30.0514 0x1a90 KtmRm - ok 21:27:30.0533 0x1a90 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:27:30.0539 0x1a90 LanmanServer - ok 21:27:30.0556 0x1a90 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:27:30.0559 0x1a90 LanmanWorkstation - ok 21:27:30.0590 0x1a90 [ D253E6009F05776F505F96866CCF460F, 8A39E77B4FC780BB9C6C8A892603248D87ED70255BF9BED0218BE2420B5E8C53 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 21:27:30.0592 0x1a90 Lenovo.VIRTSCRLSVC - ok 21:27:30.0596 0x1a90 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:27:30.0598 0x1a90 lltdio - ok 21:27:30.0616 0x1a90 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:27:30.0623 0x1a90 lltdsvc - ok 21:27:30.0632 0x1a90 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:27:30.0633 0x1a90 lmhosts - ok 21:27:30.0664 0x1a90 [ 9FE032AD8751C5DDCF01DE26C1EE84BC, FAE072D7FCAED0987EA7D822238521A7CF96662F8EFD154515EA2A6C5B4E64F5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 21:27:30.0671 0x1a90 LMS - ok 21:27:30.0750 0x1a90 [ CE87E8E09273791172F7A1C60B225648, 03AB8A69C5A58FD3BCFF9E36FF83338B6866D82E4E550CD7CED686C4CC096DC1 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe 21:27:30.0763 0x1a90 LSCWinService - ok 21:27:30.0769 0x1a90 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:27:30.0774 0x1a90 LSI_FC - ok 21:27:30.0780 0x1a90 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:27:30.0783 0x1a90 LSI_SAS - ok 21:27:30.0788 0x1a90 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:27:30.0790 0x1a90 LSI_SAS2 - ok 21:27:30.0796 0x1a90 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:27:30.0799 0x1a90 LSI_SCSI - ok 21:27:30.0813 0x1a90 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 21:27:30.0818 0x1a90 luafv - ok 21:27:30.0845 0x1a90 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:27:30.0847 0x1a90 MBAMProtector - ok 21:27:30.0912 0x1a90 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 21:27:30.0953 0x1a90 MBAMScheduler - ok 21:27:31.0005 0x1a90 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 21:27:31.0038 0x1a90 MBAMService - ok 21:27:31.0064 0x1a90 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 21:27:31.0068 0x1a90 MBAMSwissArmy - ok 21:27:31.0084 0x1a90 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 21:27:31.0085 0x1a90 MBAMWebAccessControl - ok 21:27:31.0140 0x1a90 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe 21:27:31.0154 0x1a90 McComponentHostService - ok 21:27:31.0177 0x1a90 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:27:31.0181 0x1a90 Mcx2Svc - ok 21:27:31.0185 0x1a90 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 21:27:31.0187 0x1a90 megasas - ok 21:27:31.0205 0x1a90 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:27:31.0214 0x1a90 MegaSR - ok 21:27:31.0237 0x1a90 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 21:27:31.0239 0x1a90 MEIx64 - ok 21:27:31.0250 0x1a90 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 21:27:31.0253 0x1a90 MMCSS - ok 21:27:31.0261 0x1a90 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 21:27:31.0262 0x1a90 Modem - ok 21:27:31.0282 0x1a90 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:27:31.0283 0x1a90 monitor - ok 21:27:31.0288 0x1a90 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:27:31.0289 0x1a90 mouclass - ok 21:27:31.0293 0x1a90 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:27:31.0294 0x1a90 mouhid - ok 21:27:31.0312 0x1a90 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:27:31.0314 0x1a90 mountmgr - ok 21:27:31.0320 0x1a90 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 21:27:31.0323 0x1a90 mpio - ok 21:27:31.0330 0x1a90 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:27:31.0332 0x1a90 mpsdrv - ok 21:27:31.0361 0x1a90 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:27:31.0377 0x1a90 MpsSvc - ok 21:27:31.0398 0x1a90 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:27:31.0402 0x1a90 MRxDAV - ok 21:27:31.0424 0x1a90 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:27:31.0428 0x1a90 mrxsmb - ok 21:27:31.0454 0x1a90 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:27:31.0461 0x1a90 mrxsmb10 - ok 21:27:31.0484 0x1a90 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:27:31.0487 0x1a90 mrxsmb20 - ok 21:27:31.0491 0x1a90 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 21:27:31.0492 0x1a90 msahci - ok 21:27:31.0506 0x1a90 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:27:31.0510 0x1a90 msdsm - ok 21:27:31.0529 0x1a90 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 21:27:31.0534 0x1a90 MSDTC - ok 21:27:31.0540 0x1a90 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:27:31.0541 0x1a90 Msfs - ok 21:27:31.0544 0x1a90 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:27:31.0545 0x1a90 mshidkmdf - ok 21:27:31.0550 0x1a90 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:27:31.0551 0x1a90 msisadrv - ok 21:27:31.0563 0x1a90 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:27:31.0568 0x1a90 MSiSCSI - ok 21:27:31.0570 0x1a90 msiserver - ok 21:27:31.0575 0x1a90 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:27:31.0576 0x1a90 MSKSSRV - ok 21:27:31.0579 0x1a90 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:27:31.0580 0x1a90 MSPCLOCK - ok 21:27:31.0583 0x1a90 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:27:31.0584 0x1a90 MSPQM - ok 21:27:31.0602 0x1a90 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:27:31.0610 0x1a90 MsRPC - ok 21:27:31.0615 0x1a90 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:27:31.0616 0x1a90 mssmbios - ok 21:27:31.0620 0x1a90 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:27:31.0621 0x1a90 MSTEE - ok 21:27:31.0624 0x1a90 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:27:31.0625 0x1a90 MTConfig - ok 21:27:31.0630 0x1a90 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 21:27:31.0632 0x1a90 Mup - ok 21:27:31.0658 0x1a90 [ 35739E6A0C67147A9B75226946CDC903, C9DE77D6812C778F601F52E87ECDD228E52EA691AB9CEAD388998A7B5AFC3B89 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 21:27:31.0665 0x1a90 MyWiFiDHCPDNS - ok 21:27:31.0691 0x1a90 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 21:27:31.0699 0x1a90 napagent - ok 21:27:31.0714 0x1a90 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:27:31.0722 0x1a90 NativeWifiP - ok 21:27:31.0763 0x1a90 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:27:31.0782 0x1a90 NDIS - ok 21:27:31.0796 0x1a90 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:27:31.0798 0x1a90 NdisCap - ok 21:27:31.0801 0x1a90 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:27:31.0802 0x1a90 NdisTapi - ok 21:27:31.0806 0x1a90 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:27:31.0808 0x1a90 Ndisuio - ok 21:27:31.0817 0x1a90 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:27:31.0821 0x1a90 NdisWan - ok 21:27:31.0827 0x1a90 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:27:31.0829 0x1a90 NDProxy - ok 21:27:31.0835 0x1a90 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:27:31.0837 0x1a90 NetBIOS - ok 21:27:31.0845 0x1a90 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:27:31.0850 0x1a90 NetBT - ok 21:27:31.0861 0x1a90 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe 21:27:31.0863 0x1a90 Netlogon - ok 21:27:31.0879 0x1a90 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 21:27:31.0887 0x1a90 Netman - ok 21:27:31.0931 0x1a90 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:27:31.0934 0x1a90 NetMsmqActivator - ok 21:27:31.0940 0x1a90 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:27:31.0943 0x1a90 NetPipeActivator - ok 21:27:31.0964 0x1a90 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 21:27:31.0973 0x1a90 netprofm - ok 21:27:31.0979 0x1a90 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:27:31.0981 0x1a90 NetTcpActivator - ok 21:27:31.0987 0x1a90 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:27:31.0990 0x1a90 NetTcpPortSharing - ok 21:27:32.0094 0x1a90 [ C873B801A7D628474313B2887D051607, 894877BAB599F52FB606B240D53FEB84CC4A6BAD8A45CB1983231CD2AE0C7A79 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw02.sys 21:27:32.0188 0x1a90 NETwNs64 - ok 21:27:32.0200 0x1a90 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:27:32.0201 0x1a90 nfrd960 - ok 21:27:32.0225 0x1a90 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 21:27:32.0232 0x1a90 NlaSvc - ok 21:27:32.0236 0x1a90 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:27:32.0237 0x1a90 Npfs - ok 21:27:32.0245 0x1a90 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 21:27:32.0247 0x1a90 nsi - ok 21:27:32.0251 0x1a90 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:27:32.0251 0x1a90 nsiproxy - ok 21:27:32.0299 0x1a90 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:27:32.0342 0x1a90 Ntfs - ok 21:27:32.0347 0x1a90 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 21:27:32.0348 0x1a90 Null - ok 21:27:32.0354 0x1a90 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:27:32.0358 0x1a90 nvraid - ok 21:27:32.0364 0x1a90 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:27:32.0368 0x1a90 nvstor - ok 21:27:32.0373 0x1a90 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:27:32.0376 0x1a90 nv_agp - ok 21:27:32.0382 0x1a90 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:27:32.0385 0x1a90 ohci1394 - ok 21:27:32.0441 0x1a90 [ 1B9E7338761DAE4839ED87D7A248F817, 03AF40570DD8F8326EAF2A18227280DF0CEFFF1E12966E2829839C4B1E7F700E ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:27:32.0446 0x1a90 ose - ok 21:27:32.0636 0x1a90 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:27:32.0721 0x1a90 osppsvc - ok 21:27:32.0756 0x1a90 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:27:32.0762 0x1a90 p2pimsvc - ok 21:27:32.0782 0x1a90 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 21:27:32.0790 0x1a90 p2psvc - ok 21:27:32.0795 0x1a90 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 21:27:32.0797 0x1a90 Parport - ok 21:27:32.0801 0x1a90 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:27:32.0803 0x1a90 partmgr - ok 21:27:32.0835 0x1a90 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:27:32.0839 0x1a90 PcaSvc - ok 21:27:32.0845 0x1a90 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 21:27:32.0850 0x1a90 pci - ok 21:27:32.0853 0x1a90 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 21:27:32.0854 0x1a90 pciide - ok 21:27:32.0871 0x1a90 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:27:32.0876 0x1a90 pcmcia - ok 21:27:32.0880 0x1a90 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 21:27:32.0882 0x1a90 pcw - ok 21:27:32.0907 0x1a90 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:27:32.0923 0x1a90 PEAUTH - ok 21:27:32.0983 0x1a90 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:27:33.0007 0x1a90 PeerDistSvc - ok 21:27:33.0052 0x1a90 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:27:33.0055 0x1a90 PerfHost - ok 21:27:33.0107 0x1a90 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 21:27:33.0143 0x1a90 pla - ok 21:27:33.0176 0x1a90 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:27:33.0183 0x1a90 PlugPlay - ok 21:27:33.0194 0x1a90 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:27:33.0196 0x1a90 PNRPAutoReg - ok 21:27:33.0205 0x1a90 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:27:33.0212 0x1a90 PNRPsvc - ok 21:27:33.0279 0x1a90 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:27:33.0294 0x1a90 PolicyAgent - ok 21:27:33.0315 0x1a90 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll 21:27:33.0320 0x1a90 Power - ok 21:27:33.0393 0x1a90 [ 552F3539C70D010F97001E9B7228210B, 9CB45B7D67E0B99C78D0091173C983AB272FA8A18E1CB5AC3B1519B37964A11E ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 21:27:33.0422 0x1a90 Power Manager DBC Service - ok 21:27:33.0466 0x1a90 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:27:33.0472 0x1a90 PptpMiniport - ok 21:27:33.0485 0x1a90 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 21:27:33.0489 0x1a90 Processor - ok 21:27:33.0517 0x1a90 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 21:27:33.0523 0x1a90 ProfSvc - ok 21:27:33.0540 0x1a90 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:27:33.0542 0x1a90 ProtectedStorage - ok 21:27:33.0555 0x1a90 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 21:27:33.0557 0x1a90 psadd - ok 21:27:33.0567 0x1a90 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:27:33.0571 0x1a90 Psched - ok 21:27:33.0626 0x1a90 [ FB3D6070413925193EA32D1652B921F0, 5D0EEDC966BD5A042A761411E69B376BC16339032BCC460CD4F2965DF05C1033 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE 21:27:33.0671 0x1a90 PwmEWSvc - ok 21:27:33.0718 0x1a90 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:27:33.0761 0x1a90 ql2300 - ok 21:27:33.0767 0x1a90 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:27:33.0771 0x1a90 ql40xx - ok 21:27:33.0786 0x1a90 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 21:27:33.0794 0x1a90 QWAVE - ok 21:27:33.0799 0x1a90 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:27:33.0801 0x1a90 QWAVEdrv - ok 21:27:33.0804 0x1a90 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:27:33.0805 0x1a90 RasAcd - ok 21:27:33.0831 0x1a90 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:27:33.0833 0x1a90 RasAgileVpn - ok 21:27:33.0847 0x1a90 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 21:27:33.0851 0x1a90 RasAuto - ok 21:27:33.0856 0x1a90 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:27:33.0859 0x1a90 Rasl2tp - ok 21:27:33.0880 0x1a90 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 21:27:33.0888 0x1a90 RasMan - ok 21:27:33.0893 0x1a90 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:27:33.0895 0x1a90 RasPppoe - ok 21:27:33.0900 0x1a90 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:27:33.0902 0x1a90 RasSstp - ok 21:27:33.0912 0x1a90 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:27:33.0919 0x1a90 rdbss - ok 21:27:33.0922 0x1a90 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:27:33.0923 0x1a90 rdpbus - ok 21:27:33.0926 0x1a90 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:27:33.0928 0x1a90 RDPCDD - ok 21:27:33.0954 0x1a90 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:27:33.0959 0x1a90 RDPDR - ok 21:27:33.0961 0x1a90 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:27:33.0962 0x1a90 RDPENCDD - ok 21:27:33.0974 0x1a90 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:27:33.0975 0x1a90 RDPREFMP - ok 21:27:34.0000 0x1a90 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:27:34.0005 0x1a90 RDPWD - ok 21:27:34.0013 0x1a90 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:27:34.0018 0x1a90 rdyboost - ok 21:27:34.0067 0x1a90 [ BC49E8BDBC6C1B161FDDB350CE423366, D98C7948EE36808164766DD9934C204599275BE9FCD83515F9C0153202D38C34 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 21:27:34.0075 0x1a90 RegSrvc - ok 21:27:34.0093 0x1a90 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:27:34.0097 0x1a90 RemoteAccess - ok 21:27:34.0117 0x1a90 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:27:34.0124 0x1a90 RemoteRegistry - ok 21:27:34.0161 0x1a90 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:27:34.0168 0x1a90 RFCOMM - ok 21:27:34.0177 0x1a90 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:27:34.0181 0x1a90 RpcEptMapper - ok 21:27:34.0190 0x1a90 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 21:27:34.0192 0x1a90 RpcLocator - ok 21:27:34.0212 0x1a90 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 21:27:34.0221 0x1a90 RpcSs - ok 21:27:34.0229 0x1a90 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:27:34.0231 0x1a90 rspndr - ok 21:27:34.0267 0x1a90 [ 1BE36AB59242A109697870F16A8E0EF8, CAC949D97EEFA0CE5E89084D0950B6E331145870355367803530D0DED4962F2E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:27:34.0285 0x1a90 RTL8167 - ok 21:27:34.0307 0x1a90 [ 61EF084BB097FFAB50D05EE5115F7F98, 334E691C45A473977301DB8E8D03747388D2A2D940D3BC15493476404D801645 ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys 21:27:34.0316 0x1a90 RTSPER - ok 21:27:34.0334 0x1a90 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 21:27:34.0335 0x1a90 s3cap - ok 21:27:34.0340 0x1a90 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe 21:27:34.0342 0x1a90 SamSs - ok 21:27:34.0345 0x1a90 SAService - ok 21:27:34.0356 0x1a90 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:27:34.0358 0x1a90 sbp2port - ok 21:27:34.0376 0x1a90 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:27:34.0381 0x1a90 SCardSvr - ok 21:27:34.0384 0x1a90 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:27:34.0386 0x1a90 scfilter - ok 21:27:34.0459 0x1a90 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 21:27:34.0480 0x1a90 Schedule - ok 21:27:34.0501 0x1a90 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 21:27:34.0503 0x1a90 SCPolicySvc - ok 21:27:34.0519 0x1a90 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:27:34.0524 0x1a90 SDRSVC - ok 21:27:34.0529 0x1a90 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:27:34.0530 0x1a90 secdrv - ok 21:27:34.0540 0x1a90 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 21:27:34.0542 0x1a90 seclogon - ok 21:27:34.0553 0x1a90 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 21:27:34.0555 0x1a90 SENS - ok 21:27:34.0559 0x1a90 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:27:34.0561 0x1a90 SensrSvc - ok 21:27:34.0564 0x1a90 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 21:27:34.0565 0x1a90 Serenum - ok 21:27:34.0571 0x1a90 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 21:27:34.0573 0x1a90 Serial - ok 21:27:34.0577 0x1a90 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:27:34.0578 0x1a90 sermouse - ok 21:27:34.0596 0x1a90 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 21:27:34.0599 0x1a90 SessionEnv - ok 21:27:34.0603 0x1a90 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:27:34.0604 0x1a90 sffdisk - ok 21:27:34.0609 0x1a90 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:27:34.0609 0x1a90 sffp_mmc - ok 21:27:34.0612 0x1a90 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:27:34.0614 0x1a90 sffp_sd - ok 21:27:34.0617 0x1a90 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:27:34.0619 0x1a90 sfloppy - ok 21:27:34.0648 0x1a90 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:27:34.0657 0x1a90 SharedAccess - ok 21:27:34.0676 0x1a90 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:27:34.0683 0x1a90 ShellHWDetection - ok 21:27:34.0702 0x1a90 [ 07514491857759A5D02A741C9DB6ECA2, D3EB21D90DB68F8BE695961BFA1256E4FA1274D59B3AA465A5485215ABBAA8C5 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 21:27:34.0706 0x1a90 Shockprf - ok 21:27:34.0711 0x1a90 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:27:34.0712 0x1a90 SiSRaid2 - ok 21:27:34.0729 0x1a90 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:27:34.0732 0x1a90 SiSRaid4 - ok 21:27:34.0736 0x1a90 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:27:34.0739 0x1a90 Smb - ok 21:27:34.0761 0x1a90 [ 7C5B431BB6CD52C46295D9752C1C5A45, CBC2A342F019359629B7141ADD1A5AE3E97785D39ADD398EC60F897FABDD5554 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 21:27:34.0763 0x1a90 SmbDrvI - ok 21:27:34.0780 0x1a90 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:27:34.0783 0x1a90 SNMPTRAP - ok 21:27:34.0841 0x1a90 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe 21:27:34.0850 0x1a90 Sony PC Companion - ok 21:27:34.0859 0x1a90 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 21:27:34.0861 0x1a90 spldr - ok 21:27:34.0893 0x1a90 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 21:27:34.0909 0x1a90 Spooler - ok 21:27:35.0017 0x1a90 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 21:27:35.0101 0x1a90 sppsvc - ok 21:27:35.0110 0x1a90 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:27:35.0113 0x1a90 sppuinotify - ok 21:27:35.0136 0x1a90 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:27:35.0146 0x1a90 srv - ok 21:27:35.0158 0x1a90 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:27:35.0167 0x1a90 srv2 - ok 21:27:35.0174 0x1a90 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:27:35.0178 0x1a90 srvnet - ok 21:27:35.0197 0x1a90 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:27:35.0202 0x1a90 SSDPSRV - ok 21:27:35.0208 0x1a90 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:27:35.0212 0x1a90 SstpSvc - ok 21:27:35.0216 0x1a90 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:27:35.0217 0x1a90 stexstor - ok 21:27:35.0244 0x1a90 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 21:27:35.0246 0x1a90 StillCam - ok 21:27:35.0275 0x1a90 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 21:27:35.0288 0x1a90 stisvc - ok 21:27:35.0300 0x1a90 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 21:27:35.0303 0x1a90 storflt - ok 21:27:35.0328 0x1a90 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 21:27:35.0330 0x1a90 StorSvc - ok 21:27:35.0344 0x1a90 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 21:27:35.0346 0x1a90 storvsc - ok 21:27:35.0435 0x1a90 [ 4219A2A1C9049CC35ADC65C1E2AC8842, 7B52107880251C7BA75E5A083A80B25FDC6C6AB34ACE7CDDAA990A04D76FB98E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe 21:27:35.0437 0x1a90 SUService - ok 21:27:35.0443 0x1a90 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:27:35.0444 0x1a90 swenum - ok 21:27:35.0485 0x1a90 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 21:27:35.0501 0x1a90 swprv - ok 21:27:35.0526 0x1a90 [ 16021E640CFA11BFA5F4D789322CFC39, E7249AFD865607502A36A6EC931AA9D04185A255B568F9401D45608305DFBF83 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 21:27:35.0538 0x1a90 SynTP - ok 21:27:35.0596 0x1a90 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 21:27:35.0626 0x1a90 SysMain - ok 21:27:35.0658 0x1a90 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:27:35.0662 0x1a90 TabletInputService - ok 21:27:35.0674 0x1a90 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 21:27:35.0682 0x1a90 TapiSrv - ok 21:27:35.0690 0x1a90 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 21:27:35.0692 0x1a90 TBS - ok 21:27:35.0750 0x1a90 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:27:35.0781 0x1a90 Tcpip - ok 21:27:35.0841 0x1a90 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:27:35.0873 0x1a90 TCPIP6 - ok 21:27:35.0887 0x1a90 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:27:35.0889 0x1a90 tcpipreg - ok 21:27:35.0894 0x1a90 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:27:35.0896 0x1a90 TDPIPE - ok 21:27:35.0913 0x1a90 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:27:35.0915 0x1a90 TDTCP - ok 21:27:35.0939 0x1a90 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:27:35.0942 0x1a90 tdx - ok 21:27:35.0946 0x1a90 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:27:35.0949 0x1a90 TermDD - ok 21:27:35.0983 0x1a90 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 21:27:35.0997 0x1a90 TermService - ok 21:27:36.0011 0x1a90 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 21:27:36.0013 0x1a90 Themes - ok 21:27:36.0034 0x1a90 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 21:27:36.0036 0x1a90 THREADORDER - ok 21:27:36.0051 0x1a90 [ D34181414FB3060A968DF24C4BA98764, EDD1AC4D41C8F9B32E47FF03A391AAC6BDB26D00A8C43898D35610EB08EEA25C ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys 21:27:36.0052 0x1a90 TPDIGIMN - ok 21:27:36.0067 0x1a90 [ F3B696FD7CFBB5D73FF59E1018D8043D, 20B96C409FCB67AA24D417CACBA516756EAE5D4574FDA7951BDB1FA1DF67209B ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe 21:27:36.0069 0x1a90 TPHDEXLGSVC - ok 21:27:36.0073 0x1a90 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys 21:27:36.0074 0x1a90 TPM - ok 21:27:36.0081 0x1a90 [ A9EF6C7E62DC3B01C51CFB92C1596C62, 432335FDA5DF9FF8C9B86767980A07C720E7158D5362E40D3A745817D4275A07 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys 21:27:36.0082 0x1a90 TPPWRIF - ok 21:27:36.0095 0x1a90 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 21:27:36.0099 0x1a90 TrkWks - ok 21:27:36.0137 0x1a90 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:27:36.0140 0x1a90 TrustedInstaller - ok 21:27:36.0163 0x1a90 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:27:36.0164 0x1a90 tssecsrv - ok 21:27:36.0170 0x1a90 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:27:36.0171 0x1a90 TsUsbFlt - ok 21:27:36.0175 0x1a90 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:27:36.0176 0x1a90 TsUsbGD - ok 21:27:36.0181 0x1a90 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:27:36.0183 0x1a90 tunnel - ok 21:27:36.0202 0x1a90 [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys 21:27:36.0202 0x1a90 tvtvcamd - ok 21:27:36.0219 0x1a90 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:27:36.0221 0x1a90 uagp35 - ok 21:27:36.0230 0x1a90 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:27:36.0235 0x1a90 udfs - ok 21:27:36.0251 0x1a90 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:27:36.0253 0x1a90 UI0Detect - ok 21:27:36.0257 0x1a90 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:27:36.0258 0x1a90 uliagpkx - ok 21:27:36.0262 0x1a90 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:27:36.0263 0x1a90 umbus - ok 21:27:36.0268 0x1a90 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 21:27:36.0269 0x1a90 UmPass - ok 21:27:36.0286 0x1a90 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 21:27:36.0291 0x1a90 UmRdpService - ok 21:27:36.0314 0x1a90 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 21:27:36.0321 0x1a90 upnphost - ok 21:27:36.0345 0x1a90 [ 524BFB402B1AB1007ED91E94D6AB6F72, 5A970292D2E7A580FAD86615BC6E66C2A5C74044EFF6C1543E928773E5B9C0F8 ] usb3Hub C:\Windows\system32\DRIVERS\usb3Hub.sys 21:27:36.0349 0x1a90 usb3Hub - ok 21:27:36.0367 0x1a90 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:27:36.0369 0x1a90 usbccgp - ok 21:27:36.0385 0x1a90 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:27:36.0387 0x1a90 usbcir - ok 21:27:36.0400 0x1a90 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:27:36.0402 0x1a90 usbehci - ok 21:27:36.0418 0x1a90 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:27:36.0424 0x1a90 usbhub - ok 21:27:36.0436 0x1a90 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:27:36.0436 0x1a90 usbohci - ok 21:27:36.0449 0x1a90 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 21:27:36.0450 0x1a90 usbprint - ok 21:27:36.0454 0x1a90 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:27:36.0456 0x1a90 USBSTOR - ok 21:27:36.0468 0x1a90 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:27:36.0469 0x1a90 usbuhci - ok 21:27:36.0475 0x1a90 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:27:36.0479 0x1a90 usbvideo - ok 21:27:36.0492 0x1a90 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 21:27:36.0494 0x1a90 UxSms - ok 21:27:36.0514 0x1a90 [ 19B5A2B908BF97E81BA195B2321A9D8B, 08B0BBB5D0348D6C201137725FE0D5232C15889F6CB907DBA823F36036D89BAD ] ValBioService C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe 21:27:36.0515 0x1a90 ValBioService - ok 21:27:36.0534 0x1a90 [ BF7FFCD223323F80E4DDB9ADB5DDF1AE, 4BC7EE65C577D93DBF25EC253526F2FE642F32017C1DA52CFEA83AC8BF3E18CA ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe 21:27:36.0536 0x1a90 valWBFPolicyService - ok 21:27:36.0547 0x1a90 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe 21:27:36.0548 0x1a90 VaultSvc - ok 21:27:36.0552 0x1a90 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:27:36.0553 0x1a90 vdrvroot - ok 21:27:36.0583 0x1a90 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 21:27:36.0593 0x1a90 vds - ok 21:27:36.0597 0x1a90 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:27:36.0598 0x1a90 vga - ok 21:27:36.0601 0x1a90 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:27:36.0602 0x1a90 VgaSave - ok 21:27:36.0619 0x1a90 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:27:36.0622 0x1a90 vhdmp - ok 21:27:36.0628 0x1a90 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 21:27:36.0629 0x1a90 viaide - ok 21:27:36.0685 0x1a90 [ D339DF97110C5E2C01FA191787E60CA0, 0798E9CB36BFC439CF536870E9B7594491D6027DC3FA89779B322761C1B8372D ] vm331avs C:\Windows\system32\Drivers\vm331avs.sys 21:27:36.0717 0x1a90 vm331avs - ok 21:27:36.0738 0x1a90 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 21:27:36.0741 0x1a90 vmbus - ok 21:27:36.0745 0x1a90 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 21:27:36.0745 0x1a90 VMBusHID - ok 21:27:36.0751 0x1a90 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:27:36.0753 0x1a90 volmgr - ok 21:27:36.0771 0x1a90 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:27:36.0777 0x1a90 volmgrx - ok 21:27:36.0787 0x1a90 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:27:36.0792 0x1a90 volsnap - ok 21:27:36.0798 0x1a90 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:27:36.0801 0x1a90 vsmraid - ok 21:27:36.0849 0x1a90 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 21:27:36.0886 0x1a90 VSS - ok 21:27:36.0891 0x1a90 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:27:36.0892 0x1a90 vwifibus - ok 21:27:36.0896 0x1a90 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:27:36.0898 0x1a90 vwififlt - ok 21:27:36.0901 0x1a90 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 21:27:36.0902 0x1a90 vwifimp - ok 21:27:36.0914 0x1a90 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 21:27:36.0921 0x1a90 W32Time - ok 21:27:36.0929 0x1a90 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:27:36.0930 0x1a90 WacomPen - ok 21:27:36.0934 0x1a90 [ 356AFD78A6ED4457169241AC3965230C, |
|
29.11.2015, 21:52
| #6 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU logfile, TDSS, Teil 3 Code:
ATTFilter CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:27:36.0936 0x1a90 WANARP - ok 21:27:36.0940 0x1a90 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:27:36.0942 0x1a90 Wanarpv6 - ok 21:27:36.0987 0x1a90 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 21:27:37.0027 0x1a90 wbengine - ok 21:27:37.0037 0x1a90 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:27:37.0042 0x1a90 WbioSrvc - ok 21:27:37.0052 0x1a90 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:27:37.0059 0x1a90 wcncsvc - ok 21:27:37.0076 0x1a90 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:27:37.0078 0x1a90 WcsPlugInService - ok 21:27:37.0081 0x1a90 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 21:27:37.0082 0x1a90 Wd - ok 21:27:37.0108 0x1a90 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:27:37.0121 0x1a90 Wdf01000 - ok 21:27:37.0131 0x1a90 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:27:37.0134 0x1a90 WdiServiceHost - ok 21:27:37.0137 0x1a90 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:27:37.0140 0x1a90 WdiSystemHost - ok 21:27:37.0160 0x1a90 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 21:27:37.0165 0x1a90 WebClient - ok 21:27:37.0182 0x1a90 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:27:37.0188 0x1a90 Wecsvc - ok 21:27:37.0197 0x1a90 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:27:37.0200 0x1a90 wercplsupport - ok 21:27:37.0205 0x1a90 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 21:27:37.0208 0x1a90 WerSvc - ok 21:27:37.0211 0x1a90 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:27:37.0212 0x1a90 WfpLwf - ok 21:27:37.0215 0x1a90 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:27:37.0216 0x1a90 WIMMount - ok 21:27:37.0242 0x1a90 WinDefend - ok 21:27:37.0248 0x1a90 WinHttpAutoProxySvc - ok 21:27:37.0318 0x1a90 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:27:37.0332 0x1a90 Winmgmt - ok 21:27:37.0420 0x1a90 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 21:27:37.0455 0x1a90 WinRM - ok 21:27:37.0472 0x1a90 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys 21:27:37.0473 0x1a90 WinUsb - ok 21:27:37.0509 0x1a90 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:27:37.0524 0x1a90 Wlansvc - ok 21:27:37.0529 0x1a90 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:27:37.0530 0x1a90 WmiAcpi - ok 21:27:37.0547 0x1a90 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:27:37.0551 0x1a90 wmiApSrv - ok 21:27:37.0565 0x1a90 WMPNetworkSvc - ok 21:27:37.0575 0x1a90 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:27:37.0577 0x1a90 WPCSvc - ok 21:27:37.0592 0x1a90 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:27:37.0596 0x1a90 WPDBusEnum - ok 21:27:37.0599 0x1a90 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:27:37.0600 0x1a90 ws2ifsl - ok 21:27:37.0614 0x1a90 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 21:27:37.0616 0x1a90 wscsvc - ok 21:27:37.0619 0x1a90 WSearch - ok 21:27:37.0745 0x1a90 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll 21:27:37.0790 0x1a90 wuauserv - ok 21:27:37.0824 0x1a90 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:27:37.0826 0x1a90 WudfPf - ok 21:27:37.0842 0x1a90 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:27:37.0846 0x1a90 WUDFRd - ok 21:27:37.0851 0x1a90 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:27:37.0854 0x1a90 wudfsvc - ok 21:27:37.0880 0x1a90 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 21:27:37.0885 0x1a90 WwanSvc - ok 21:27:38.0074 0x1a90 [ C3FFB098C24A82B61E1818C3BB978B48, C7BC57A8D549B7478052F05FD0B4C623F1B70187358FD3CB5A7E9B5092FBD75F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 21:27:38.0141 0x1a90 ZeroConfigService - ok 21:27:38.0155 0x1a90 ================ Scan global =============================== 21:27:38.0190 0x1a90 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 21:27:38.0218 0x1a90 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 21:27:38.0229 0x1a90 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 21:27:38.0257 0x1a90 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 21:27:38.0285 0x1a90 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 21:27:38.0291 0x1a90 [ Global ] - ok 21:27:38.0292 0x1a90 ================ Scan MBR ================================== 21:27:38.0307 0x1a90 [ 3C10CC64408FD361AA392029816603BE ] \Device\Harddisk0\DR0 21:27:38.0573 0x1a90 \Device\Harddisk0\DR0 - ok 21:27:38.0575 0x1a90 ================ Scan VBR ================================== 21:27:38.0577 0x1a90 [ A268329E47236A1427D06FE623E25EDF ] \Device\Harddisk0\DR0\Partition1 21:27:38.0589 0x1a90 \Device\Harddisk0\DR0\Partition1 - ok 21:27:38.0593 0x1a90 [ 1BCC9905345EA33A52D3456ED16A5665 ] \Device\Harddisk0\DR0\Partition2 21:27:38.0607 0x1a90 \Device\Harddisk0\DR0\Partition2 - ok 21:27:38.0630 0x1a90 [ B54B30046ACAA40F06DB991EADCAD0E4 ] \Device\Harddisk0\DR0\Partition3 21:27:38.0633 0x1a90 \Device\Harddisk0\DR0\Partition3 - ok 21:27:38.0638 0x1a90 [ DFCA5FC290B016A3096325987A5D7C65 ] \Device\Harddisk0\DR0\Partition4 21:27:38.0660 0x1a90 \Device\Harddisk0\DR0\Partition4 - ok 21:27:38.0661 0x1a90 ================ Scan generic autorun ====================== 21:27:38.0711 0x1a90 [ 18CE3B3E42FBDF53883AE982152A0B45, E9E0DBA4CBE3B6CA7CE76591D65878ADB65DD4F3AF2CEAD0BD63559AE646AEB6 ] C:\Windows\system32\igfxtray.exe 21:27:38.0719 0x1a90 IgfxTray - ok 21:27:38.0742 0x1a90 [ FF71518046D79001513377100B79E2A3, 668057BF2B23212DA0C83849339D74949AE24E7F7866A2B9DE1D973E52F1BC3A ] C:\Windows\system32\hkcmd.exe 21:27:38.0750 0x1a90 HotKeysCmds - ok 21:27:38.0767 0x1a90 [ 763F57136C09C4A9E5B7C155400239CC, B661C8137322562E9014D946C7B58FAA15BC3948A1509A1B5A6DAEDCBF9FCA8C ] C:\Windows\system32\igfxpers.exe 21:27:38.0775 0x1a90 Persistence - ok 21:27:38.0816 0x1a90 [ 9E1738D18C61E6935AD0E8EE19D100D8, C2864677359A977CB67F16664DF44C4001CF4C04AD29401450D1BC3CDD9421AD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe 21:27:38.0831 0x1a90 cAudioFilterAgent - ok 21:27:38.0844 0x1a90 [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe 21:27:38.0845 0x1a90 ForteConfig - ok 21:27:38.0914 0x1a90 [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe 21:27:38.0941 0x1a90 SmartAudio - ok 21:27:38.0961 0x1a90 [ 78C0F0EA63438D2441E7F9CAC9619889, DA121F5637D8BA09EE9BFAD58757775B4775EFCCC06DC1DEF68F26C90C0F985F ] C:\Windows\system32\TpShocks.exe 21:27:38.0967 0x1a90 TpShocks - ok 21:27:39.0016 0x1a90 [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe 21:27:39.0024 0x1a90 BLEServicesCtrl - ok 21:27:39.0028 0x1a90 BTMTrayAgent - ok 21:27:39.0030 0x1a90 SynTPEnh - ok 21:27:39.0080 0x1a90 [ 2438CD7EFF8399E41B29A3D0DB0873D9, 5EA16FBF213E81013DE3FC83319C6A75214513A2AEE6A5403742348F739031D4 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe 21:27:39.0087 0x1a90 IMSS - ok 21:27:39.0133 0x1a90 [ E0E7C48CAF25943DB1B034364501134A, 6F3D325F82448668EBEBEE1DEA7CC686DE6ED37E903F28FE3521B4018F427B62 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 21:27:39.0139 0x1a90 USB3MON - ok 21:27:39.0175 0x1a90 [ FA6220C7FDF2D94CFF82D45B72E5C929, C3E414388F8818EC4B3BEABC8ED16DE6CBF965A6603328A45AD6D9A1808F3E55 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE 21:27:39.0184 0x1a90 331BigDog - ok 21:27:39.0189 0x1a90 PWMTRV - ok 21:27:39.0286 0x1a90 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe 21:27:39.0317 0x1a90 avgnt - ok 21:27:39.0364 0x1a90 [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 21:27:39.0364 0x1a90 HP Software Update - ok 21:27:39.0442 0x1a90 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 21:27:39.0489 0x1a90 Sidebar - ok 21:27:39.0505 0x1a90 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 21:27:39.0505 0x1a90 mctadmin - ok 21:27:39.0551 0x1a90 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 21:27:39.0567 0x1a90 Sidebar - ok 21:27:39.0567 0x1a90 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 21:27:39.0567 0x1a90 mctadmin - ok 21:27:39.0692 0x1a90 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe 21:27:39.0723 0x1a90 HP Officejet 6700 (NET) - ok 21:27:39.0723 0x1a90 Web Companion - ok 21:27:40.0300 0x1a90 [ 1FA9AC9760AA04253B4D5D7DD8BF1073, 8514D8C242495A2214321A501C04455428471A884C558B4983CEBC6FD71B11F7 ] C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe 21:27:40.0347 0x1a90 Screenleap - ok 21:27:40.0378 0x1a90 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe 21:27:40.0378 0x1a90 Uninstall C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64 - ok 21:27:40.0394 0x1a90 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated ) 21:27:40.0394 0x1a90 Win FW state via NFP2: enabled ( trusted ) 21:27:53.0857 0x1a90 ============================================================ 21:27:53.0857 0x1a90 Scan finished 21:27:53.0857 0x1a90 ============================================================ 21:27:53.0857 0x0ddc Detected object count: 0 21:27:53.0857 0x0ddc Actual detected object count: 0 21:29:56.0590 0x17a0 ============================================================ 21:29:56.0590 0x17a0 Scan started 21:29:56.0590 0x17a0 Mode: Manual; SigCheck; TDLFS; 21:29:56.0590 0x17a0 ============================================================ 21:29:56.0590 0x17a0 KSN ping started 21:30:11.0250 0x17a0 KSN ping finished: true 21:30:11.0930 0x17a0 ================ Scan system memory ======================== 21:30:11.0931 0x17a0 System memory - ok 21:30:11.0931 0x17a0 ================ Scan services ============================= 21:30:12.0039 0x17a0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:30:12.0086 0x17a0 1394ohci - ok 21:30:12.0096 0x17a0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:30:12.0112 0x17a0 ACPI - ok 21:30:12.0116 0x17a0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:30:12.0126 0x17a0 AcpiPmi - ok 21:30:12.0189 0x17a0 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:30:12.0211 0x17a0 AdobeARMservice - ok 21:30:12.0297 0x17a0 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:30:12.0308 0x17a0 AdobeFlashPlayerUpdateSvc - ok 21:30:12.0323 0x17a0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:30:12.0340 0x17a0 adp94xx - ok 21:30:12.0360 0x17a0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:30:12.0374 0x17a0 adpahci - ok 21:30:12.0381 0x17a0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:30:12.0392 0x17a0 adpu320 - ok 21:30:12.0411 0x17a0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:30:12.0439 0x17a0 AeLookupSvc - ok 21:30:12.0473 0x17a0 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 21:30:12.0502 0x17a0 AFD - ok 21:30:12.0516 0x17a0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 21:30:12.0524 0x17a0 agp440 - ok 21:30:12.0528 0x17a0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 21:30:12.0540 0x17a0 ALG - ok 21:30:12.0545 0x17a0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 21:30:12.0553 0x17a0 aliide - ok 21:30:12.0556 0x17a0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 21:30:12.0564 0x17a0 amdide - ok 21:30:12.0568 0x17a0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:30:12.0579 0x17a0 AmdK8 - ok 21:30:12.0583 0x17a0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:30:12.0592 0x17a0 AmdPPM - ok 21:30:12.0597 0x17a0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:30:12.0606 0x17a0 amdsata - ok 21:30:12.0615 0x17a0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:30:12.0626 0x17a0 amdsbs - ok 21:30:12.0632 0x17a0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:30:12.0639 0x17a0 amdxata - ok 21:30:12.0739 0x17a0 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe 21:30:12.0823 0x17a0 AntiVirMailService - ok 21:30:12.0905 0x17a0 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe 21:30:12.0939 0x17a0 AntiVirSchedulerService - ok 21:30:12.0984 0x17a0 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe 21:30:13.0009 0x17a0 AntiVirService - ok 21:30:13.0060 0x17a0 [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe 21:30:13.0097 0x17a0 AntiVirWebService - ok 21:30:13.0127 0x17a0 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys 21:30:13.0138 0x17a0 AppID - ok 21:30:13.0153 0x17a0 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:30:13.0162 0x17a0 AppIDSvc - ok 21:30:13.0184 0x17a0 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll 21:30:13.0195 0x17a0 Appinfo - ok 21:30:13.0224 0x17a0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 21:30:13.0238 0x17a0 AppMgmt - ok 21:30:13.0243 0x17a0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 21:30:13.0253 0x17a0 arc - ok 21:30:13.0279 0x17a0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:30:13.0290 0x17a0 arcsas - ok 21:30:13.0356 0x17a0 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 21:30:13.0379 0x17a0 aspnet_state - ok 21:30:13.0385 0x17a0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:30:13.0418 0x17a0 AsyncMac - ok 21:30:13.0421 0x17a0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 21:30:13.0429 0x17a0 atapi - ok 21:30:13.0472 0x17a0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:30:13.0494 0x17a0 AudioEndpointBuilder - ok 21:30:13.0511 0x17a0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:30:13.0533 0x17a0 AudioSrv - ok 21:30:13.0560 0x17a0 [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 21:30:13.0571 0x17a0 avgntflt - ok 21:30:13.0601 0x17a0 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 21:30:13.0612 0x17a0 avipbb - ok 21:30:13.0697 0x17a0 [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 21:30:13.0788 0x17a0 Avira.ServiceHost - ok 21:30:13.0788 0x17a0 Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost 21:30:16.0287 0x17a0 Object send P2P result: true 21:30:16.0349 0x17a0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 21:30:16.0365 0x17a0 avkmgr - ok 21:30:16.0380 0x17a0 [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 21:30:16.0396 0x17a0 avnetflt - ok 21:30:16.0427 0x17a0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:30:16.0443 0x17a0 AxInstSV - ok 21:30:16.0458 0x17a0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:30:16.0490 0x17a0 b06bdrv - ok 21:30:16.0521 0x17a0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:30:16.0536 0x17a0 b57nd60a - ok 21:30:16.0583 0x17a0 [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe 21:30:16.0614 0x17a0 BBSvc - ok 21:30:16.0646 0x17a0 [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe 21:30:16.0661 0x17a0 BBUpdate - ok 21:30:16.0677 0x17a0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 21:30:16.0692 0x17a0 BDESVC - ok 21:30:16.0692 0x17a0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 21:30:16.0739 0x17a0 Beep - ok 21:30:16.0755 0x17a0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 21:30:16.0786 0x17a0 BFE - ok 21:30:16.0817 0x17a0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 21:30:16.0864 0x17a0 BITS - ok 21:30:16.0864 0x17a0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:30:16.0880 0x17a0 blbdrive - ok 21:30:16.0942 0x17a0 [ E7429ECD0C47CC065EEACF7E9D0E6341, 10D8231E14C908A0949108EB5F84E17BA10ABFC370D0C5F65945B23879AB12BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 21:30:16.0973 0x17a0 Bluetooth Device Monitor - ok 21:30:17.0020 0x17a0 [ 0F432B34D80351EFC5E35F14D9798CFD, 591D913E069C1C69212A7742D7182E24E669FE7B50680D8D337F32CF9F72B163 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 21:30:17.0051 0x17a0 Bluetooth Media Service - ok 21:30:17.0098 0x17a0 [ 96924B1D3060B0C0FFD77D01CB234D9F, 2A02EEC4092646A0BD26B8E8BA8B75F82EB6F46003C56C9A838E412006457DD2 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 21:30:17.0129 0x17a0 Bluetooth OBEX Service - ok 21:30:17.0160 0x17a0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:30:17.0192 0x17a0 bowser - ok 21:30:17.0192 0x17a0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:30:17.0207 0x17a0 BrFiltLo - ok 21:30:17.0207 0x17a0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:30:17.0223 0x17a0 BrFiltUp - ok 21:30:17.0238 0x17a0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 21:30:17.0254 0x17a0 Browser - ok 21:30:17.0270 0x17a0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:30:17.0285 0x17a0 Brserid - ok 21:30:17.0285 0x17a0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:30:17.0301 0x17a0 BrSerWdm - ok 21:30:17.0301 0x17a0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:30:17.0316 0x17a0 BrUsbMdm - ok 21:30:17.0316 0x17a0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:30:17.0316 0x17a0 BrUsbSer - ok 21:30:17.0348 0x17a0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 21:30:17.0363 0x17a0 BthEnum - ok 21:30:17.0363 0x17a0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:30:17.0379 0x17a0 BTHMODEM - ok 21:30:17.0394 0x17a0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:30:17.0410 0x17a0 BthPan - ok 21:30:17.0441 0x17a0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 21:30:17.0457 0x17a0 BTHPORT - ok 21:30:17.0457 0x17a0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 21:30:17.0488 0x17a0 bthserv - ok 21:30:17.0504 0x17a0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 21:30:17.0519 0x17a0 BTHUSB - ok 21:30:17.0535 0x17a0 [ 5B8D71504FA8BFA308F6E1169B89D322, 1DC0CF47C5F655EA0F0992020C17A86D05637F55ACBB17380283EBB883A4D14D ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 21:30:17.0550 0x17a0 btmaux - ok 21:30:17.0582 0x17a0 [ D66F3A4F11E42142722DCF9DC5A451D6, 6576421E24ABB4F0A7B5EFB5CF6F9C6F510AFDD0087415D57A5ABBB0866B3E39 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 21:30:17.0628 0x17a0 btmhsf - ok 21:30:17.0628 0x17a0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:30:17.0660 0x17a0 cdfs - ok 21:30:17.0660 0x17a0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:30:17.0675 0x17a0 cdrom - ok 21:30:17.0691 0x17a0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 21:30:17.0722 0x17a0 CertPropSvc - ok 21:30:17.0722 0x17a0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 21:30:17.0738 0x17a0 circlass - ok 21:30:17.0769 0x17a0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 21:30:17.0784 0x17a0 CLFS - ok 21:30:18.0018 0x17a0 [ 2CE5D5AEE7EC90FE0CF8A8FBBB1B1A6C, E93E8362FB1D173D8F15C753190CF41474C183A667AF90378389563A70D93864 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 21:30:18.0081 0x17a0 ClickToRunSvc - ok 21:30:18.0143 0x17a0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:30:18.0159 0x17a0 clr_optimization_v2.0.50727_32 - ok 21:30:18.0190 0x17a0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:30:18.0206 0x17a0 clr_optimization_v2.0.50727_64 - ok 21:30:18.0252 0x17a0 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:30:18.0284 0x17a0 clr_optimization_v4.0.30319_32 - ok 21:30:18.0299 0x17a0 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:30:18.0330 0x17a0 clr_optimization_v4.0.30319_64 - ok 21:30:18.0330 0x17a0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:30:18.0346 0x17a0 CmBatt - ok 21:30:18.0346 0x17a0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:30:18.0362 0x17a0 cmdide - ok 21:30:18.0377 0x17a0 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys 21:30:18.0408 0x17a0 CNG - ok 21:30:18.0455 0x17a0 [ CE6D6C023F23F968ABF03892972A9DCF, EBF415F15A30ED76C1D416D3D7E2D0558273DF08A134BFEF108BBE2410803ECC ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 21:30:18.0502 0x17a0 CnxtHdAudService - ok 21:30:18.0502 0x17a0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:30:18.0518 0x17a0 Compbatt - ok 21:30:18.0533 0x17a0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:30:18.0533 0x17a0 CompositeBus - ok 21:30:18.0549 0x17a0 COMSysApp - ok 21:30:18.0596 0x17a0 [ 76FE8C1490B70250921EC88D833742D0, 19625C894E457300641456F5BE0AEB8A7AE96661B5DE49EE772E2621FAAB92AA ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 21:30:18.0611 0x17a0 cphs - ok 21:30:18.0611 0x17a0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:30:18.0627 0x17a0 crcdisk - ok 21:30:18.0642 0x17a0 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:30:18.0658 0x17a0 CryptSvc - ok 21:30:18.0689 0x17a0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 21:30:18.0720 0x17a0 CSC - ok 21:30:18.0736 0x17a0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 21:30:18.0752 0x17a0 CscService - ok 21:30:18.0783 0x17a0 [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe 21:30:18.0798 0x17a0 CxAudMsg - ok 21:30:18.0830 0x17a0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:30:18.0861 0x17a0 DcomLaunch - ok 21:30:19.0001 0x17a0 [ CC8B5C964B777F4EC3E89F13B4B5FF0F, 75E161265CCFFCB61FCE855C9790E2E06531E6B1C3DCCB1E3018466D03AD3919 ] DCService.exe C:\ProgramData\DatacardService\DCService.exe 21:30:19.0017 0x17a0 DCService.exe - detected UnsignedFile.Multi.Generic ( 1 ) 21:30:19.0017 0x17a0 Detect skipped due to KSN trusted 21:30:19.0017 0x17a0 DCService.exe - ok 21:30:19.0048 0x17a0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 21:30:19.0095 0x17a0 defragsvc - ok 21:30:19.0095 0x17a0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:30:19.0126 0x17a0 DfsC - ok 21:30:19.0142 0x17a0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:30:19.0173 0x17a0 Dhcp - ok 21:30:19.0173 0x17a0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 21:30:19.0204 0x17a0 discache - ok 21:30:19.0204 0x17a0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 21:30:19.0220 0x17a0 Disk - ok 21:30:19.0516 0x17a0 [ 260169AFE0247D3817DDD7EC6C6AD0BC, 2C0FB869A23AC18B7874899C5599691464C158E1881AD5EEEE95D6D0B182C9CF ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe 21:30:19.0734 0x17a0 DisplayLinkService - ok 21:30:19.0812 0x17a0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 21:30:19.0844 0x17a0 dmvsc - ok 21:30:19.0859 0x17a0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:30:19.0875 0x17a0 Dnscache - ok 21:30:19.0875 0x17a0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 21:30:19.0906 0x17a0 dot3svc - ok 21:30:19.0922 0x17a0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 21:30:19.0953 0x17a0 DPS - ok 21:30:19.0953 0x17a0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:30:19.0968 0x17a0 drmkaud - ok 21:30:20.0015 0x17a0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:30:20.0031 0x17a0 DXGKrnl - ok 21:30:20.0046 0x17a0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 21:30:20.0078 0x17a0 EapHost - ok 21:30:20.0187 0x17a0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:30:20.0265 0x17a0 ebdrv - ok 21:30:20.0280 0x17a0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe 21:30:20.0296 0x17a0 EFS - ok 21:30:20.0358 0x17a0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:30:20.0374 0x17a0 ehRecvr - ok 21:30:20.0374 0x17a0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 21:30:20.0390 0x17a0 ehSched - ok 21:30:20.0421 0x17a0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:30:20.0436 0x17a0 elxstor - ok 21:30:20.0436 0x17a0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:30:20.0452 0x17a0 ErrDev - ok 21:30:20.0468 0x17a0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 21:30:20.0499 0x17a0 EventSystem - ok 21:30:20.0608 0x17a0 [ 7876CB89775B67347797E04775B2FAF9, F62D2778F7399B04E3A0DDE2E87428AB92D9FA63FBDF943709BC38A94F0015E6 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 21:30:20.0639 0x17a0 EvtEng - ok 21:30:20.0670 0x17a0 [ 23B79B19F49A037EBA4A9A3BB03ED91D, 2E0918B20188CBFAC0E64A5B36739DF4638A343553908888DFDD708743370F3F ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys 21:30:20.0702 0x17a0 ewusbnet - ok 21:30:20.0717 0x17a0 [ E2CBB821C7CAE0EF8B56DE28ED85C740, 4AB358FEBC7B57774B2DD54705FAD3F5E0308F1E1FECBED73231DCEF11CF7D3B ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 21:30:20.0733 0x17a0 ew_hwusbdev - ok 21:30:20.0748 0x17a0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 21:30:20.0780 0x17a0 exfat - ok 21:30:20.0795 0x17a0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:30:20.0826 0x17a0 fastfat - ok 21:30:20.0858 0x17a0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 21:30:20.0889 0x17a0 Fax - ok 21:30:20.0889 0x17a0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 21:30:20.0904 0x17a0 fdc - ok 21:30:20.0920 0x17a0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 21:30:20.0951 0x17a0 fdPHost - ok 21:30:20.0951 0x17a0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 21:30:20.0982 0x17a0 FDResPub - ok 21:30:20.0982 0x17a0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:30:20.0998 0x17a0 FileInfo - ok 21:30:20.0998 0x17a0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:30:21.0029 0x17a0 Filetrace - ok 21:30:21.0029 0x17a0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:30:21.0045 0x17a0 flpydisk - ok 21:30:21.0045 0x17a0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:30:21.0060 0x17a0 FltMgr - ok 21:30:21.0138 0x17a0 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll 21:30:21.0170 0x17a0 FontCache - ok 21:30:21.0201 0x17a0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:30:21.0201 0x17a0 FontCache3.0.0.0 - ok 21:30:21.0216 0x17a0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:30:21.0216 0x17a0 FsDepends - ok 21:30:21.0216 0x17a0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:30:21.0232 0x17a0 Fs_Rec - ok 21:30:21.0248 0x17a0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:30:21.0248 0x17a0 fvevol - ok 21:30:21.0263 0x17a0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:30:21.0263 0x17a0 gagp30kx - ok 21:30:21.0294 0x17a0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 21:30:21.0341 0x17a0 gpsvc - ok 21:30:21.0357 0x17a0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:30:21.0357 0x17a0 hcw85cir - ok 21:30:21.0372 0x17a0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:30:21.0388 0x17a0 HdAudAddService - ok 21:30:21.0419 0x17a0 [ 12DED0995AE2BA68EBBE70E14A76EE02, 54A658F4E8D6D98594BE43289083AD4267EB6B3F99D789A75719DBCA5188E87F ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:30:21.0435 0x17a0 HDAudBus - ok 21:30:21.0435 0x17a0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:30:21.0450 0x17a0 HidBatt - ok 21:30:21.0450 0x17a0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:30:21.0466 0x17a0 HidBth - ok 21:30:21.0482 0x17a0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 21:30:21.0482 0x17a0 HidIr - ok 21:30:21.0497 0x17a0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 21:30:21.0528 0x17a0 hidserv - ok 21:30:21.0544 0x17a0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:30:21.0560 0x17a0 HidUsb - ok 21:30:21.0560 0x17a0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:30:21.0591 0x17a0 hkmsvc - ok 21:30:21.0606 0x17a0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:30:21.0622 0x17a0 HomeGroupListener - ok 21:30:21.0653 0x17a0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:30:21.0669 0x17a0 HomeGroupProvider - ok 21:30:21.0669 0x17a0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:30:21.0684 0x17a0 HpSAMD - ok 21:30:21.0716 0x17a0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:30:21.0747 0x17a0 HTTP - ok 21:30:21.0762 0x17a0 [ 08B1A06A55F068A17A51BA26618CF50F, 8ADFC9D3003208A9B3BE12DCD1418A13C4D19E13E00EFEE556EF87B70F49B2E6 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys 21:30:21.0778 0x17a0 huawei_enumerator - ok 21:30:21.0809 0x17a0 [ 6E5CD3984742A922D0C183C7E82C3C94, EE350C8736F0AC6751E18694E1F1142477112C8C2D83347C1EE9483BEC0DA117 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 21:30:21.0825 0x17a0 hwdatacard - ok 21:30:21.0825 0x17a0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:30:21.0840 0x17a0 hwpolicy - ok 21:30:21.0840 0x17a0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:30:21.0856 0x17a0 i8042prt - ok 21:30:21.0903 0x17a0 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys 21:30:21.0918 0x17a0 iaStorA - ok 21:30:21.0934 0x17a0 [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys 21:30:21.0950 0x17a0 iaStorF - ok 21:30:21.0965 0x17a0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:30:21.0981 0x17a0 iaStorV - ok 21:30:21.0996 0x17a0 [ B005844661028E11480D724A709CC298, DC738AA0246581814915160BA824C2DB9009E6CFCCDB6A268F08C8D13F52BEB0 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 21:30:21.0996 0x17a0 IBMPMDRV - ok 21:30:22.0012 0x17a0 [ ED802CE6B36E280401197F593634C1DD, 620F2D5F40B8E61DE606FC1B1B1DCDD12BE7431E065F9CB776FDCFF915B1D243 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 21:30:22.0028 0x17a0 IBMPMSVC - ok 21:30:22.0043 0x17a0 [ 617EEDD27FB557C9D95D68096564C930, 59AA6F9884C9B504D5B524B6EFF8148669251085FAF12AE3634F0C753850CDC3 ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys 21:30:22.0059 0x17a0 ibtusb - ok 21:30:22.0106 0x17a0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:30:22.0137 0x17a0 idsvc - ok 21:30:22.0137 0x17a0 IEEtwCollectorService - ok 21:30:22.0324 0x17a0 [ AEF200DC087141A5F66A6B006D2F0FD4, A38A0684637D9FE58271D91B93184A72414948E35145D19246BF6FBC60E28B3C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:30:22.0433 0x17a0 igfx - ok 21:30:22.0449 0x17a0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:30:22.0464 0x17a0 iirsp - ok 21:30:22.0496 0x17a0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 21:30:22.0527 0x17a0 IKEEXT - ok 21:30:22.0542 0x17a0 [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 21:30:22.0558 0x17a0 intaud_WaveExtensible - ok 21:30:22.0589 0x17a0 [ EEE7376243CD8A4B49B885EF122D25E5, A3B89E7B513C95558C4DA41D3C136D464381263BA43E00EC136FC776DAA0BA94 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 21:30:22.0605 0x17a0 IntcDAud - ok 21:30:22.0667 0x17a0 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 21:30:22.0683 0x17a0 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 21:30:22.0683 0x17a0 Detect skipped due to KSN trusted 21:30:22.0683 0x17a0 Intel(R) Capability Licensing Service Interface - ok 21:30:22.0698 0x17a0 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 21:30:22.0730 0x17a0 Intel(R) Capability Licensing Service TCP IP Interface - ok 21:30:22.0730 0x17a0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 21:30:22.0745 0x17a0 intelide - ok 21:30:22.0745 0x17a0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:30:22.0761 0x17a0 intelppm - ok 21:30:22.0776 0x17a0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:30:22.0808 0x17a0 IPBusEnum - ok 21:30:22.0823 0x17a0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:30:22.0839 0x17a0 IpFilterDriver - ok 21:30:22.0870 0x17a0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:30:22.0886 0x17a0 iphlpsvc - ok 21:30:22.0901 0x17a0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:30:22.0901 0x17a0 IPMIDRV - ok 21:30:22.0917 0x17a0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:30:22.0948 0x17a0 IPNAT - ok 21:30:22.0948 0x17a0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:30:22.0964 0x17a0 IRENUM - ok 21:30:22.0964 0x17a0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:30:22.0964 0x17a0 isapnp - ok 21:30:22.0995 0x17a0 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:30:23.0010 0x17a0 iScsiPrt - ok 21:30:23.0026 0x17a0 [ 72B203A1F805C07E920E537414A0EA5F, 7EFB2A397034FF3D451D1763865E8AA330D8D4656E7C6F8CDA6489868023C36E ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 21:30:23.0042 0x17a0 iusb3hcs - ok 21:30:23.0057 0x17a0 [ 474BFFCF3214208C5FD440217D34FE6E, 181E4A091B24E8FBB9C1072E1FD2BABB1B0AD68D1112563A70A791FA3546D4CE ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 21:30:23.0073 0x17a0 iusb3hub - ok 21:30:23.0120 0x17a0 [ 842A11F2020CD94A0120E61F902E3664, 464EDED37258A22AC38C007524E34ED1A795E5607FF8BD322455A8F76CB4BDCE ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 21:30:23.0135 0x17a0 iusb3xhc - ok 21:30:23.0151 0x17a0 [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys 21:30:23.0166 0x17a0 iwdbus - ok 21:30:23.0229 0x17a0 [ 9BFDEFD51800A2D47D43919653F4BEF4, C7221D9F82F7F04343EDA6FE41A4EC4C97F6DC4170780AA3983C8735369A5026 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 21:30:23.0244 0x17a0 jhi_service - ok 21:30:23.0260 0x17a0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:30:23.0276 0x17a0 kbdclass - ok 21:30:23.0276 0x17a0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 21:30:23.0291 0x17a0 kbdhid - ok 21:30:23.0291 0x17a0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe 21:30:23.0307 0x17a0 KeyIso - ok 21:30:23.0338 0x17a0 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:30:23.0338 0x17a0 KSecDD - ok 21:30:23.0354 0x17a0 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:30:23.0369 0x17a0 KSecPkg - ok 21:30:23.0369 0x17a0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:30:23.0400 0x17a0 ksthunk - ok 21:30:23.0432 0x17a0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 21:30:23.0463 0x17a0 KtmRm - ok 21:30:23.0494 0x17a0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:30:23.0525 0x17a0 LanmanServer - ok 21:30:23.0541 0x17a0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:30:23.0572 0x17a0 LanmanWorkstation - ok 21:30:23.0603 0x17a0 [ D253E6009F05776F505F96866CCF460F, 8A39E77B4FC780BB9C6C8A892603248D87ED70255BF9BED0218BE2420B5E8C53 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 21:30:23.0603 0x17a0 Lenovo.VIRTSCRLSVC - ok 21:30:23.0619 0x17a0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:30:23.0650 0x17a0 lltdio - ok 21:30:23.0666 0x17a0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:30:23.0712 0x17a0 lltdsvc - ok 21:30:23.0712 0x17a0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:30:23.0744 0x17a0 lmhosts - ok 21:30:23.0775 0x17a0 [ 9FE032AD8751C5DDCF01DE26C1EE84BC, FAE072D7FCAED0987EA7D822238521A7CF96662F8EFD154515EA2A6C5B4E64F5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 21:30:23.0806 0x17a0 LMS - ok 21:30:23.0884 0x17a0 [ CE87E8E09273791172F7A1C60B225648, 03AB8A69C5A58FD3BCFF9E36FF83338B6866D82E4E550CD7CED686C4CC096DC1 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe 21:30:23.0931 0x17a0 LSCWinService - ok 21:30:23.0931 0x17a0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:30:23.0946 0x17a0 LSI_FC - ok 21:30:23.0962 0x17a0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:30:23.0962 0x17a0 LSI_SAS - ok 21:30:23.0978 0x17a0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:30:23.0978 0x17a0 LSI_SAS2 - ok 21:30:23.0993 0x17a0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:30:23.0993 0x17a0 LSI_SCSI - ok 21:30:24.0024 0x17a0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 21:30:24.0056 0x17a0 luafv - ok 21:30:24.0134 0x17a0 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:30:24.0149 0x17a0 MBAMProtector - ok 21:30:24.0258 0x17a0 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 21:30:24.0290 0x17a0 MBAMScheduler - ok 21:30:24.0336 0x17a0 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 21:30:24.0368 0x17a0 MBAMService - ok 21:30:24.0383 0x17a0 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 21:30:24.0399 0x17a0 MBAMSwissArmy - ok 21:30:24.0414 0x17a0 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 21:30:24.0430 0x17a0 MBAMWebAccessControl - ok 21:30:24.0461 0x17a0 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe 21:30:24.0477 0x17a0 McComponentHostService - ok 21:30:24.0492 0x17a0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:30:24.0508 0x17a0 Mcx2Svc - ok 21:30:24.0508 0x17a0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 21:30:24.0508 0x17a0 megasas - ok 21:30:24.0524 0x17a0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:30:24.0539 0x17a0 MegaSR - ok 21:30:24.0555 0x17a0 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 21:30:24.0570 0x17a0 MEIx64 - ok 21:30:24.0586 0x17a0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 21:30:24.0617 0x17a0 MMCSS - ok 21:30:24.0617 0x17a0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 21:30:24.0648 0x17a0 Modem - ok 21:30:24.0664 0x17a0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:30:24.0680 0x17a0 monitor - ok 21:30:24.0695 0x17a0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:30:24.0695 0x17a0 mouclass - ok 21:30:24.0711 0x17a0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:30:24.0711 0x17a0 mouhid - ok 21:30:24.0742 0x17a0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:30:24.0742 0x17a0 mountmgr - ok 21:30:24.0758 0x17a0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 21:30:24.0773 0x17a0 mpio - ok 21:30:24.0773 0x17a0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:30:24.0804 0x17a0 mpsdrv - ok 21:30:24.0851 0x17a0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:30:24.0898 0x17a0 MpsSvc - ok 21:30:24.0914 0x17a0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:30:24.0945 0x17a0 MRxDAV - ok 21:30:24.0976 0x17a0 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:30:24.0992 0x17a0 mrxsmb - ok 21:30:25.0023 0x17a0 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:30:25.0038 0x17a0 mrxsmb10 - ok 21:30:25.0054 0x17a0 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:30:25.0070 0x17a0 mrxsmb20 - ok 21:30:25.0070 0x17a0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 21:30:25.0085 0x17a0 msahci - ok 21:30:25.0101 0x17a0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:30:25.0101 0x17a0 msdsm - ok 21:30:25.0116 0x17a0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 21:30:25.0132 0x17a0 MSDTC - ok 21:30:25.0132 0x17a0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:30:25.0179 0x17a0 Msfs - ok 21:30:25.0179 0x17a0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:30:25.0210 0x17a0 mshidkmdf - ok 21:30:25.0210 0x17a0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:30:25.0226 0x17a0 msisadrv - ok 21:30:25.0257 0x17a0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:30:25.0288 0x17a0 MSiSCSI - ok 21:30:25.0288 0x17a0 msiserver - ok 21:30:25.0288 0x17a0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:30:25.0319 0x17a0 MSKSSRV - ok 21:30:25.0335 0x17a0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:30:25.0350 0x17a0 MSPCLOCK - ok 21:30:25.0366 0x17a0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:30:25.0382 0x17a0 MSPQM - ok 21:30:25.0397 0x17a0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:30:25.0413 0x17a0 MsRPC - ok 21:30:25.0413 0x17a0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:30:25.0428 0x17a0 mssmbios - ok 21:30:25.0428 0x17a0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:30:25.0460 0x17a0 MSTEE - ok 21:30:25.0460 0x17a0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:30:25.0475 0x17a0 MTConfig - ok 21:30:25.0475 0x17a0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 21:30:25.0491 0x17a0 Mup - ok 21:30:25.0506 0x17a0 [ 35739E6A0C67147A9B75226946CDC903, C9DE77D6812C778F601F52E87ECDD228E52EA691AB9CEAD388998A7B5AFC3B89 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 21:30:25.0522 0x17a0 MyWiFiDHCPDNS - ok 21:30:25.0538 0x17a0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 21:30:25.0584 0x17a0 napagent - ok 21:30:25.0600 0x17a0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:30:25.0616 0x17a0 NativeWifiP - ok 21:30:25.0662 0x17a0 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:30:25.0694 0x17a0 NDIS - ok 21:30:25.0694 0x17a0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:30:25.0725 0x17a0 NdisCap - ok 21:30:25.0725 0x17a0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:30:25.0756 0x17a0 NdisTapi - ok 21:30:25.0772 0x17a0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:30:25.0787 0x17a0 Ndisuio - ok 21:30:25.0803 0x17a0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:30:25.0834 0x17a0 NdisWan - ok 21:30:25.0834 0x17a0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:30:25.0865 0x17a0 NDProxy - ok 21:30:25.0865 0x17a0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:30:25.0896 0x17a0 NetBIOS - ok 21:30:25.0912 0x17a0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:30:25.0943 0x17a0 NetBT - ok 21:30:25.0943 0x17a0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe 21:30:25.0959 0x17a0 Netlogon - ok 21:30:25.0974 0x17a0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 21:30:26.0006 0x17a0 Netman - ok 21:30:26.0052 0x17a0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:30:26.0084 0x17a0 NetMsmqActivator - ok 21:30:26.0099 0x17a0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:30:26.0130 0x17a0 NetPipeActivator - ok 21:30:26.0162 0x17a0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 21:30:26.0208 0x17a0 netprofm - ok 21:30:26.0208 0x17a0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:30:26.0224 0x17a0 NetTcpActivator - ok 21:30:26.0224 0x17a0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:30:26.0240 0x17a0 NetTcpPortSharing - ok 21:30:26.0333 0x17a0 [ C873B801A7D628474313B2887D051607, 894877BAB599F52FB606B240D53FEB84CC4A6BAD8A45CB1983231CD2AE0C7A79 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw02.sys 21:30:26.0411 0x17a0 NETwNs64 - ok 21:30:26.0411 0x17a0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:30:26.0427 0x17a0 nfrd960 - ok 21:30:26.0458 0x17a0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 21:30:26.0489 0x17a0 NlaSvc - ok 21:30:26.0489 0x17a0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:30:26.0536 0x17a0 Npfs - ok 21:30:26.0536 0x17a0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 21:30:26.0567 0x17a0 nsi - ok 21:30:26.0583 0x17a0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:30:26.0614 0x17a0 nsiproxy - ok 21:30:26.0661 0x17a0 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:30:26.0708 0x17a0 Ntfs - ok 21:30:26.0708 0x17a0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 21:30:26.0754 0x17a0 Null - ok 21:30:26.0754 0x17a0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:30:26.0770 0x17a0 nvraid - ok 21:30:26.0770 0x17a0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:30:26.0786 0x17a0 nvstor - ok 21:30:26.0801 0x17a0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:30:26.0801 0x17a0 nv_agp - ok 21:30:26.0817 0x17a0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:30:26.0817 0x17a0 ohci1394 - ok 21:30:26.0879 0x17a0 [ 1B9E7338761DAE4839ED87D7A248F817, 03AF40570DD8F8326EAF2A18227280DF0CEFFF1E12966E2829839C4B1E7F700E ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:30:26.0926 0x17a0 ose - ok 21:30:27.0129 0x17a0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:30:27.0238 0x17a0 osppsvc - ok 21:30:27.0285 0x17a0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:30:27.0316 0x17a0 p2pimsvc - ok 21:30:27.0347 0x17a0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 21:30:27.0363 0x17a0 p2psvc - ok 21:30:27.0378 0x17a0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 21:30:27.0394 0x17a0 Parport - ok 21:30:27.0394 0x17a0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:30:27.0394 0x17a0 partmgr - ok 21:30:27.0472 0x17a0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:30:27.0503 0x17a0 PcaSvc - ok 21:30:27.0519 0x17a0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 21:30:27.0534 0x17a0 pci - ok 21:30:27.0534 0x17a0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 21:30:27.0534 0x17a0 pciide - ok 21:30:27.0550 0x17a0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:30:27.0566 0x17a0 pcmcia - ok 21:30:27.0566 0x17a0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 21:30:27.0581 0x17a0 pcw - ok 21:30:27.0612 0x17a0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:30:27.0628 0x17a0 PEAUTH - ok 21:30:27.0737 0x17a0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:30:27.0800 0x17a0 PeerDistSvc - ok 21:30:27.0846 0x17a0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:30:27.0862 0x17a0 PerfHost - ok 21:30:27.0924 0x17a0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 21:30:27.0987 0x17a0 pla - ok 21:30:28.0018 0x17a0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:30:28.0049 0x17a0 PlugPlay - ok 21:30:28.0049 0x17a0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:30:28.0065 0x17a0 PNRPAutoReg - ok 21:30:28.0080 0x17a0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:30:28.0096 0x17a0 PNRPsvc - ok 21:30:28.0127 0x17a0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:30:28.0158 0x17a0 PolicyAgent - ok 21:30:28.0190 0x17a0 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll 21:30:28.0205 0x17a0 Power - ok 21:30:28.0268 0x17a0 [ 552F3539C70D010F97001E9B7228210B, 9CB45B7D67E0B99C78D0091173C983AB272FA8A18E1CB5AC3B1519B37964A11E ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 21:30:28.0299 0x17a0 Power Manager DBC Service - ok 21:30:28.0314 0x17a0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:30:28.0346 0x17a0 PptpMiniport - ok 21:30:28.0346 0x17a0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 21:30:28.0361 0x17a0 Processor - ok 21:30:28.0377 0x17a0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 21:30:28.0408 0x17a0 ProfSvc - ok 21:30:28.0408 0x17a0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:30:28.0424 0x17a0 ProtectedStorage - ok 21:30:28.0439 0x17a0 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 21:30:28.0439 0x17a0 psadd - ok 21:30:28.0455 0x17a0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:30:28.0486 0x17a0 Psched - ok 21:30:28.0533 0x17a0 [ FB3D6070413925193EA32D1652B921F0, 5D0EEDC966BD5A042A761411E69B376BC16339032BCC460CD4F2965DF05C1033 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE 21:30:28.0580 0x17a0 PwmEWSvc - ok 21:30:28.0626 0x17a0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:30:28.0673 0x17a0 ql2300 - ok 21:30:28.0673 0x17a0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:30:28.0689 0x17a0 ql40xx - ok 21:30:28.0704 0x17a0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 21:30:28.0720 0x17a0 QWAVE - ok 21:30:28.0720 0x17a0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:30:28.0736 0x17a0 QWAVEdrv - ok 21:30:28.0751 0x17a0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:30:28.0767 0x17a0 RasAcd - ok 21:30:28.0782 0x17a0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:30:28.0814 0x17a0 RasAgileVpn - ok 21:30:28.0829 0x17a0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 21:30:28.0860 0x17a0 RasAuto - ok 21:30:28.0860 0x17a0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:30:28.0892 0x17a0 Rasl2tp - ok 21:30:28.0907 0x17a0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 21:30:28.0954 0x17a0 RasMan - ok 21:30:28.0954 0x17a0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:30:28.0985 0x17a0 RasPppoe - ok 21:30:28.0985 0x17a0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:30:29.0016 0x17a0 RasSstp - ok 21:30:29.0032 0x17a0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:30:29.0063 0x17a0 rdbss - ok 21:30:29.0063 0x17a0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:30:29.0079 0x17a0 rdpbus - ok 21:30:29.0079 0x17a0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:30:29.0110 0x17a0 RDPCDD - ok 21:30:29.0141 0x17a0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:30:29.0141 0x17a0 RDPDR - ok 21:30:29.0157 0x17a0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:30:29.0188 0x17a0 RDPENCDD - ok 21:30:29.0188 0x17a0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:30:29.0219 0x17a0 RDPREFMP - ok 21:30:29.0235 0x17a0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:30:29.0266 0x17a0 RDPWD - ok 21:30:29.0266 0x17a0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:30:29.0282 0x17a0 rdyboost - ok 21:30:29.0328 0x17a0 [ BC49E8BDBC6C1B161FDDB350CE423366, D98C7948EE36808164766DD9934C204599275BE9FCD83515F9C0153202D38C34 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 21:30:29.0344 0x17a0 RegSrvc - ok 21:30:29.0360 0x17a0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:30:29.0406 0x17a0 RemoteAccess - ok 21:30:29.0406 0x17a0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:30:29.0438 0x17a0 RemoteRegistry - ok 21:30:29.0469 0x17a0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:30:29.0484 0x17a0 RFCOMM - ok 21:30:29.0500 0x17a0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:30:29.0516 0x17a0 RpcEptMapper - ok 21:30:29.0531 0x17a0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 21:30:29.0547 0x17a0 RpcLocator - ok 21:30:29.0562 0x17a0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 21:30:29.0594 0x17a0 RpcSs - ok 21:30:29.0609 0x17a0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:30:29.0625 0x17a0 rspndr - ok 21:30:29.0672 0x17a0 [ 1BE36AB59242A109697870F16A8E0EF8, CAC949D97EEFA0CE5E89084D0950B6E331145870355367803530D0DED4962F2E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:30:29.0687 0x17a0 RTL8167 - ok 21:30:29.0718 0x17a0 [ 61EF084BB097FFAB50D05EE5115F7F98, 334E691C45A473977301DB8E8D03747388D2A2D940D3BC15493476404D801645 ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys 21:30:29.0734 0x17a0 RTSPER - ok 21:30:29.0750 0x17a0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 21:30:29.0765 0x17a0 s3cap - ok 21:30:29.0765 0x17a0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe 21:30:29.0781 0x17a0 SamSs - ok 21:30:29.0781 0x17a0 SAService - ok 21:30:29.0796 0x17a0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:30:29.0796 0x17a0 sbp2port - ok 21:30:29.0828 0x17a0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:30:29.0859 0x17a0 SCardSvr - ok 21:30:29.0874 0x17a0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:30:29.0906 0x17a0 scfilter - ok 21:30:29.0952 0x17a0 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 21:30:29.0999 0x17a0 Schedule - ok 21:30:30.0015 0x17a0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 21:30:30.0046 0x17a0 SCPolicySvc - ok 21:30:30.0077 0x17a0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:30:30.0093 0x17a0 SDRSVC - ok 21:30:30.0093 0x17a0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:30:30.0108 0x17a0 secdrv - ok 21:30:30.0124 0x17a0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 21:30:30.0155 0x17a0 seclogon - ok 21:30:30.0171 0x17a0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 21:30:30.0202 0x17a0 SENS - ok 21:30:30.0202 0x17a0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:30:30.0218 0x17a0 SensrSvc - ok 21:30:30.0218 0x17a0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 21:30:30.0233 0x17a0 Serenum - ok 21:30:30.0233 0x17a0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 21:30:30.0249 0x17a0 Serial - ok 21:30:30.0249 0x17a0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:30:30.0249 0x17a0 sermouse - ok 21:30:30.0280 0x17a0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 21:30:30.0311 0x17a0 SessionEnv - ok 21:30:30.0311 0x17a0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:30:30.0327 0x17a0 sffdisk - ok 21:30:30.0327 0x17a0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:30:30.0342 0x17a0 sffp_mmc - ok 21:30:30.0342 0x17a0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:30:30.0358 0x17a0 sffp_sd - ok 21:30:30.0358 0x17a0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:30:30.0374 0x17a0 sfloppy - ok 21:30:30.0389 0x17a0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:30:30.0420 0x17a0 SharedAccess - ok 21:30:30.0436 0x17a0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:30:30.0483 0x17a0 ShellHWDetection - ok 21:30:30.0498 0x17a0 [ 07514491857759A5D02A741C9DB6ECA2, D3EB21D90DB68F8BE695961BFA1256E4FA1274D59B3AA465A5485215ABBAA8C5 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 21:30:30.0498 0x17a0 Shockprf - ok 21:30:30.0498 0x17a0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:30:30.0514 0x17a0 SiSRaid2 - ok 21:30:30.0514 0x17a0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:30:30.0530 0x17a0 SiSRaid4 - ok 21:30:30.0530 0x17a0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:30:30.0561 0x17a0 Smb - ok 21:30:30.0592 0x17a0 [ 7C5B431BB6CD52C46295D9752C1C5A45, CBC2A342F019359629B7141ADD1A5AE3E97785D39ADD398EC60F897FABDD5554 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 21:30:30.0592 0x17a0 SmbDrvI - ok 21:30:30.0608 0x17a0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:30:30.0608 0x17a0 SNMPTRAP - ok 21:30:30.0670 0x17a0 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, |
|
29.11.2015, 21:52
| #7 | |
| /// TB-Ausbilder | Windows7: Trojaner, registy befallen, HKU, HKCU Servus, die IP 150.206.1.3 in den Interneteinstellungen zeigt nach Neuseeland, ist das ok? Zitat:
Wenn ja, klär mich bitte kurz auf. |
|
29.11.2015, 21:52
| #8 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU logfile TDSS, 4 und letzte Teil. Code:
ATTFilter 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:30:30.0686 0x17a0 Sony PC Companion - detected UnsignedFile.Multi.Generic ( 1 )
21:30:30.0686 0x17a0 Detect skipped due to KSN trusted
21:30:30.0686 0x17a0 Sony PC Companion - ok
21:30:30.0701 0x17a0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:30:30.0717 0x17a0 spldr - ok
21:30:30.0748 0x17a0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:30:30.0779 0x17a0 Spooler - ok
21:30:30.0873 0x17a0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:30:30.0966 0x17a0 sppsvc - ok
21:30:30.0982 0x17a0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:30:30.0998 0x17a0 sppuinotify - ok
21:30:31.0029 0x17a0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:30:31.0060 0x17a0 srv - ok
21:30:31.0060 0x17a0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:30:31.0091 0x17a0 srv2 - ok
21:30:31.0091 0x17a0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:30:31.0107 0x17a0 srvnet - ok
21:30:31.0122 0x17a0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:30:31.0154 0x17a0 SSDPSRV - ok
21:30:31.0154 0x17a0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:30:31.0185 0x17a0 SstpSvc - ok
21:30:31.0185 0x17a0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:30:31.0200 0x17a0 stexstor - ok
21:30:31.0232 0x17a0 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:30:31.0263 0x17a0 StillCam - ok
21:30:31.0294 0x17a0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:30:31.0325 0x17a0 stisvc - ok
21:30:31.0325 0x17a0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:30:31.0341 0x17a0 storflt - ok
21:30:31.0356 0x17a0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:30:31.0372 0x17a0 StorSvc - ok
21:30:31.0372 0x17a0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:30:31.0388 0x17a0 storvsc - ok
21:30:31.0481 0x17a0 [ 4219A2A1C9049CC35ADC65C1E2AC8842, 7B52107880251C7BA75E5A083A80B25FDC6C6AB34ACE7CDDAA990A04D76FB98E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:30:31.0497 0x17a0 SUService - ok
21:30:31.0497 0x17a0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:30:31.0512 0x17a0 swenum - ok
21:30:31.0544 0x17a0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:30:31.0590 0x17a0 swprv - ok
21:30:31.0622 0x17a0 [ 16021E640CFA11BFA5F4D789322CFC39, E7249AFD865607502A36A6EC931AA9D04185A255B568F9401D45608305DFBF83 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:30:31.0637 0x17a0 SynTP - ok
21:30:31.0700 0x17a0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:30:31.0746 0x17a0 SysMain - ok
21:30:31.0762 0x17a0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:30:31.0778 0x17a0 TabletInputService - ok
21:30:31.0793 0x17a0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:30:31.0824 0x17a0 TapiSrv - ok
21:30:31.0840 0x17a0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:30:31.0871 0x17a0 TBS - ok
21:30:31.0934 0x17a0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:30:31.0980 0x17a0 Tcpip - ok
21:30:32.0043 0x17a0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:30:32.0090 0x17a0 TCPIP6 - ok
21:30:32.0105 0x17a0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:30:32.0105 0x17a0 tcpipreg - ok
21:30:32.0121 0x17a0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:30:32.0136 0x17a0 TDPIPE - ok
21:30:32.0152 0x17a0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:30:32.0168 0x17a0 TDTCP - ok
21:30:32.0183 0x17a0 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:30:32.0199 0x17a0 tdx - ok
21:30:32.0199 0x17a0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:30:32.0214 0x17a0 TermDD - ok
21:30:32.0246 0x17a0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:30:32.0261 0x17a0 TermService - ok
21:30:32.0277 0x17a0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:30:32.0292 0x17a0 Themes - ok
21:30:32.0308 0x17a0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:30:32.0339 0x17a0 THREADORDER - ok
21:30:32.0355 0x17a0 [ D34181414FB3060A968DF24C4BA98764, EDD1AC4D41C8F9B32E47FF03A391AAC6BDB26D00A8C43898D35610EB08EEA25C ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
21:30:32.0355 0x17a0 TPDIGIMN - ok
21:30:32.0370 0x17a0 [ F3B696FD7CFBB5D73FF59E1018D8043D, 20B96C409FCB67AA24D417CACBA516756EAE5D4574FDA7951BDB1FA1DF67209B ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
21:30:32.0370 0x17a0 TPHDEXLGSVC - ok
21:30:32.0386 0x17a0 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
21:30:32.0402 0x17a0 TPM - ok
21:30:32.0417 0x17a0 [ A9EF6C7E62DC3B01C51CFB92C1596C62, 432335FDA5DF9FF8C9B86767980A07C720E7158D5362E40D3A745817D4275A07 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
21:30:32.0417 0x17a0 TPPWRIF - ok
21:30:32.0433 0x17a0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:30:32.0464 0x17a0 TrkWks - ok
21:30:32.0495 0x17a0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:30:32.0526 0x17a0 TrustedInstaller - ok
21:30:32.0558 0x17a0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:30:32.0558 0x17a0 tssecsrv - ok
21:30:32.0558 0x17a0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:30:32.0573 0x17a0 TsUsbFlt - ok
21:30:32.0573 0x17a0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:30:32.0589 0x17a0 TsUsbGD - ok
21:30:32.0589 0x17a0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:30:32.0620 0x17a0 tunnel - ok
21:30:32.0636 0x17a0 [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
21:30:32.0636 0x17a0 tvtvcamd - ok
21:30:32.0651 0x17a0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:30:32.0667 0x17a0 uagp35 - ok
21:30:32.0682 0x17a0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:30:32.0714 0x17a0 udfs - ok
21:30:32.0729 0x17a0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:30:32.0729 0x17a0 UI0Detect - ok
21:30:32.0729 0x17a0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:30:32.0745 0x17a0 uliagpkx - ok
21:30:32.0745 0x17a0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:30:32.0760 0x17a0 umbus - ok
21:30:32.0760 0x17a0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:30:32.0776 0x17a0 UmPass - ok
21:30:32.0792 0x17a0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:30:32.0807 0x17a0 UmRdpService - ok
21:30:32.0823 0x17a0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:30:32.0854 0x17a0 upnphost - ok
21:30:32.0870 0x17a0 [ 524BFB402B1AB1007ED91E94D6AB6F72, 5A970292D2E7A580FAD86615BC6E66C2A5C74044EFF6C1543E928773E5B9C0F8 ] usb3Hub C:\Windows\system32\DRIVERS\usb3Hub.sys
21:30:32.0885 0x17a0 usb3Hub - ok
21:30:32.0901 0x17a0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:30:32.0932 0x17a0 usbccgp - ok
21:30:32.0932 0x17a0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:30:32.0948 0x17a0 usbcir - ok
21:30:32.0979 0x17a0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:30:32.0979 0x17a0 usbehci - ok
21:30:32.0994 0x17a0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:30:33.0010 0x17a0 usbhub - ok
21:30:33.0026 0x17a0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:30:33.0026 0x17a0 usbohci - ok
21:30:33.0041 0x17a0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:30:33.0057 0x17a0 usbprint - ok
21:30:33.0057 0x17a0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:30:33.0072 0x17a0 USBSTOR - ok
21:30:33.0088 0x17a0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:30:33.0104 0x17a0 usbuhci - ok
21:30:33.0104 0x17a0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:30:33.0119 0x17a0 usbvideo - ok
21:30:33.0135 0x17a0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:30:33.0166 0x17a0 UxSms - ok
21:30:33.0197 0x17a0 [ 19B5A2B908BF97E81BA195B2321A9D8B, 08B0BBB5D0348D6C201137725FE0D5232C15889F6CB907DBA823F36036D89BAD ] ValBioService C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
21:30:33.0197 0x17a0 ValBioService - ok
21:30:33.0228 0x17a0 [ BF7FFCD223323F80E4DDB9ADB5DDF1AE, 4BC7EE65C577D93DBF25EC253526F2FE642F32017C1DA52CFEA83AC8BF3E18CA ] valWBFPolicyService C:\Windows\system32\valWBFPolicyService.exe
21:30:33.0228 0x17a0 valWBFPolicyService - ok
21:30:33.0244 0x17a0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
21:30:33.0260 0x17a0 VaultSvc - ok
21:30:33.0260 0x17a0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:30:33.0260 0x17a0 vdrvroot - ok
21:30:33.0291 0x17a0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:30:33.0338 0x17a0 vds - ok
21:30:33.0338 0x17a0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:30:33.0353 0x17a0 vga - ok
21:30:33.0353 0x17a0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:30:33.0384 0x17a0 VgaSave - ok
21:30:33.0384 0x17a0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:30:33.0400 0x17a0 vhdmp - ok
21:30:33.0400 0x17a0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:30:33.0416 0x17a0 viaide - ok
21:30:33.0447 0x17a0 [ D339DF97110C5E2C01FA191787E60CA0, 0798E9CB36BFC439CF536870E9B7594491D6027DC3FA89779B322761C1B8372D ] vm331avs C:\Windows\system32\Drivers\vm331avs.sys
21:30:33.0494 0x17a0 vm331avs - ok
21:30:33.0509 0x17a0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:30:33.0525 0x17a0 vmbus - ok
21:30:33.0525 0x17a0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:30:33.0540 0x17a0 VMBusHID - ok
21:30:33.0540 0x17a0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:30:33.0556 0x17a0 volmgr - ok
21:30:33.0572 0x17a0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:30:33.0587 0x17a0 volmgrx - ok
21:30:33.0587 0x17a0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:30:33.0603 0x17a0 volsnap - ok
21:30:33.0618 0x17a0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:30:33.0634 0x17a0 vsmraid - ok
21:30:33.0681 0x17a0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:30:33.0743 0x17a0 VSS - ok
21:30:33.0743 0x17a0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:30:33.0759 0x17a0 vwifibus - ok
21:30:33.0759 0x17a0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:30:33.0774 0x17a0 vwififlt - ok
21:30:33.0774 0x17a0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:30:33.0790 0x17a0 vwifimp - ok
21:30:33.0806 0x17a0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:30:33.0837 0x17a0 W32Time - ok
21:30:33.0837 0x17a0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:30:33.0852 0x17a0 WacomPen - ok
21:30:33.0852 0x17a0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:30:33.0884 0x17a0 WANARP - ok
21:30:33.0884 0x17a0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:30:33.0915 0x17a0 Wanarpv6 - ok
21:30:33.0962 0x17a0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:30:34.0008 0x17a0 wbengine - ok
21:30:34.0008 0x17a0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:30:34.0024 0x17a0 WbioSrvc - ok
21:30:34.0040 0x17a0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:30:34.0055 0x17a0 wcncsvc - ok
21:30:34.0071 0x17a0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:30:34.0086 0x17a0 WcsPlugInService - ok
21:30:34.0086 0x17a0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:30:34.0102 0x17a0 Wd - ok
21:30:34.0118 0x17a0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:30:34.0133 0x17a0 Wdf01000 - ok
21:30:34.0149 0x17a0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:30:34.0164 0x17a0 WdiServiceHost - ok
21:30:34.0164 0x17a0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:30:34.0196 0x17a0 WdiSystemHost - ok
21:30:34.0211 0x17a0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
21:30:34.0258 0x17a0 WebClient - ok
21:30:34.0274 0x17a0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:30:34.0305 0x17a0 Wecsvc - ok
21:30:34.0320 0x17a0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:30:34.0352 0x17a0 wercplsupport - ok
21:30:34.0367 0x17a0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:30:34.0398 0x17a0 WerSvc - ok
21:30:34.0398 0x17a0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:30:34.0430 0x17a0 WfpLwf - ok
21:30:34.0430 0x17a0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:30:34.0445 0x17a0 WIMMount - ok
21:30:34.0476 0x17a0 WinDefend - ok
21:30:34.0476 0x17a0 WinHttpAutoProxySvc - ok
21:30:34.0508 0x17a0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:30:34.0554 0x17a0 Winmgmt - ok
21:30:34.0617 0x17a0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:30:34.0695 0x17a0 WinRM - ok
21:30:34.0710 0x17a0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:30:34.0710 0x17a0 WinUsb - ok
21:30:34.0742 0x17a0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:30:34.0773 0x17a0 Wlansvc - ok
21:30:34.0773 0x17a0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:30:34.0788 0x17a0 WmiAcpi - ok
21:30:34.0804 0x17a0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:30:34.0820 0x17a0 wmiApSrv - ok
21:30:34.0835 0x17a0 WMPNetworkSvc - ok
21:30:34.0851 0x17a0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:30:34.0866 0x17a0 WPCSvc - ok
21:30:34.0866 0x17a0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:30:34.0882 0x17a0 WPDBusEnum - ok
21:30:34.0882 0x17a0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:30:34.0913 0x17a0 ws2ifsl - ok
21:30:34.0929 0x17a0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:30:34.0944 0x17a0 wscsvc - ok
21:30:34.0944 0x17a0 WSearch - ok
21:30:35.0085 0x17a0 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
21:30:35.0147 0x17a0 wuauserv - ok
21:30:35.0178 0x17a0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:30:35.0194 0x17a0 WudfPf - ok
21:30:35.0210 0x17a0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:30:35.0210 0x17a0 WUDFRd - ok
21:30:35.0225 0x17a0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:30:35.0225 0x17a0 wudfsvc - ok
21:30:35.0241 0x17a0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:30:35.0272 0x17a0 WwanSvc - ok
21:30:35.0428 0x17a0 [ C3FFB098C24A82B61E1818C3BB978B48, C7BC57A8D549B7478052F05FD0B4C623F1B70187358FD3CB5A7E9B5092FBD75F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:30:35.0522 0x17a0 ZeroConfigService - ok
21:30:35.0553 0x17a0 ================ Scan global ===============================
21:30:35.0568 0x17a0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:30:35.0600 0x17a0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
21:30:35.0615 0x17a0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
21:30:35.0646 0x17a0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:30:35.0678 0x17a0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:30:35.0678 0x17a0 [ Global ] - ok
21:30:35.0678 0x17a0 ================ Scan MBR ==================================
21:30:35.0693 0x17a0 [ 3C10CC64408FD361AA392029816603BE ] \Device\Harddisk0\DR0
21:30:36.0052 0x17a0 \Device\Harddisk0\DR0 - ok
21:30:36.0052 0x17a0 ================ Scan VBR ==================================
21:30:36.0052 0x17a0 [ A268329E47236A1427D06FE623E25EDF ] \Device\Harddisk0\DR0\Partition1
21:30:36.0083 0x17a0 \Device\Harddisk0\DR0\Partition1 - ok
21:30:36.0083 0x17a0 [ 1BCC9905345EA33A52D3456ED16A5665 ] \Device\Harddisk0\DR0\Partition2
21:30:36.0099 0x17a0 \Device\Harddisk0\DR0\Partition2 - ok
21:30:36.0146 0x17a0 [ B54B30046ACAA40F06DB991EADCAD0E4 ] \Device\Harddisk0\DR0\Partition3
21:30:36.0146 0x17a0 \Device\Harddisk0\DR0\Partition3 - ok
21:30:36.0146 0x17a0 [ DFCA5FC290B016A3096325987A5D7C65 ] \Device\Harddisk0\DR0\Partition4
21:30:36.0177 0x17a0 \Device\Harddisk0\DR0\Partition4 - ok
21:30:36.0177 0x17a0 ================ Scan generic autorun ======================
21:30:36.0224 0x17a0 [ 18CE3B3E42FBDF53883AE982152A0B45, E9E0DBA4CBE3B6CA7CE76591D65878ADB65DD4F3AF2CEAD0BD63559AE646AEB6 ] C:\Windows\system32\igfxtray.exe
21:30:36.0224 0x17a0 IgfxTray - ok
21:30:36.0239 0x17a0 [ FF71518046D79001513377100B79E2A3, 668057BF2B23212DA0C83849339D74949AE24E7F7866A2B9DE1D973E52F1BC3A ] C:\Windows\system32\hkcmd.exe
21:30:36.0255 0x17a0 HotKeysCmds - ok
21:30:36.0270 0x17a0 [ 763F57136C09C4A9E5B7C155400239CC, B661C8137322562E9014D946C7B58FAA15BC3948A1509A1B5A6DAEDCBF9FCA8C ] C:\Windows\system32\igfxpers.exe
21:30:36.0286 0x17a0 Persistence - ok
21:30:36.0333 0x17a0 [ 9E1738D18C61E6935AD0E8EE19D100D8, C2864677359A977CB67F16664DF44C4001CF4C04AD29401450D1BC3CDD9421AD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
21:30:36.0364 0x17a0 cAudioFilterAgent - ok
21:30:36.0380 0x17a0 [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
21:30:36.0380 0x17a0 ForteConfig - ok
21:30:36.0473 0x17a0 [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
21:30:36.0504 0x17a0 SmartAudio - detected UnsignedFile.Multi.Generic ( 1 )
21:30:36.0504 0x17a0 Detect skipped due to KSN trusted
21:30:36.0504 0x17a0 SmartAudio - ok
21:30:36.0536 0x17a0 [ 78C0F0EA63438D2441E7F9CAC9619889, DA121F5637D8BA09EE9BFAD58757775B4775EFCCC06DC1DEF68F26C90C0F985F ] C:\Windows\system32\TpShocks.exe
21:30:36.0551 0x17a0 TpShocks - ok
21:30:36.0582 0x17a0 [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
21:30:36.0598 0x17a0 BLEServicesCtrl - ok
21:30:36.0598 0x17a0 BTMTrayAgent - ok
21:30:36.0598 0x17a0 SynTPEnh - ok
21:30:36.0660 0x17a0 [ 2438CD7EFF8399E41B29A3D0DB0873D9, 5EA16FBF213E81013DE3FC83319C6A75214513A2AEE6A5403742348F739031D4 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:30:36.0660 0x17a0 IMSS - ok
21:30:36.0707 0x17a0 [ E0E7C48CAF25943DB1B034364501134A, 6F3D325F82448668EBEBEE1DEA7CC686DE6ED37E903F28FE3521B4018F427B62 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:30:36.0723 0x17a0 USB3MON - ok
21:30:36.0754 0x17a0 [ FA6220C7FDF2D94CFF82D45B72E5C929, C3E414388F8818EC4B3BEABC8ED16DE6CBF965A6603328A45AD6D9A1808F3E55 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
21:30:36.0785 0x17a0 331BigDog - ok
21:30:36.0785 0x17a0 PWMTRV - ok
21:30:36.0879 0x17a0 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:30:36.0910 0x17a0 avgnt - ok
21:30:36.0941 0x17a0 [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
21:30:36.0957 0x17a0 HP Software Update - ok
21:30:37.0004 0x17a0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:30:37.0035 0x17a0 Sidebar - ok
21:30:37.0066 0x17a0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:30:37.0082 0x17a0 mctadmin - ok
21:30:37.0113 0x17a0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:30:37.0144 0x17a0 Sidebar - ok
21:30:37.0160 0x17a0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:30:37.0175 0x17a0 mctadmin - ok
21:30:37.0316 0x17a0 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
21:30:37.0362 0x17a0 HP Officejet 6700 (NET) - ok
21:30:37.0378 0x17a0 Web Companion - ok
21:30:37.0971 0x17a0 [ 1FA9AC9760AA04253B4D5D7DD8BF1073, 8514D8C242495A2214321A501C04455428471A884C558B4983CEBC6FD71B11F7 ] C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe
21:30:38.0049 0x17a0 Screenleap - ok
21:30:38.0080 0x17a0 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
21:30:38.0111 0x17a0 Uninstall C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64 - ok
21:30:38.0127 0x17a0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
21:30:38.0127 0x17a0 Win FW state via NFP2: enabled ( trusted )
21:30:40.0545 0x17a0 ============================================================
21:30:40.0545 0x17a0 Scan finished
21:30:40.0545 0x17a0 ============================================================
21:30:40.0560 0x0a40 Detected object count: 0
21:30:40.0560 0x0a40 Actual detected object count: 0
|
|
29.11.2015, 21:55
| #9 |
| /// TB-Ausbilder | Windows7: Trojaner, registy befallen, HKU, HKCU |
|
29.11.2015, 22:00
| #10 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU Die ersten drei Dateien habe ich heute installiert, gebraucht, um den Screenshot zu teilen über das Internet. Code:
ATTFilter 2015-11-25 21:59 - 2015-11-25 21:59 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\pendulum-28
2015-11-25 21:57 - 2015-11-25 21:57 - 00000000 ____D C:\ProgramData\molecule-26
2015-11-25 21:54 - 2015-11-28 21:07 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\doublers-6
2015-11-25 21:52 - 2015-11-25 23:02 - 00000000 ____D C:\ProgramData\powercap-44
2015-11-18 19:00 - 2015-11-18 21:40 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\glonass-89
Mit der Interneteinstellung nach Neuseeland war mir nicht bewusst. Viele Grüße Marie |
|
29.11.2015, 22:06
| #11 |
| /// TB-Ausbilder | Windows7: Trojaner, registy befallen, HKU, HKCU Servus, wir beginnen erst mal so: Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
Tcpip\..\Interfaces\{FC018661-EF6C-4533-B835-3D2AC0E19221}: [DhcpNameServer] 150.206.1.3
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3
Gibt es aktuell noch Probleme oder Funde? Wenn ja, welche? Bitte poste mit deiner nächsten Antwort
|
|
30.11.2015, 20:47
| #12 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU Danke! Anbei die Logdatei des FRST-Fix Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015
durchgeführt von Marie-Luise (2015-11-30 19:38:04) Run:1
Gestartet von C:\Users\Marie-Luise\Desktop
Geladene Profile: Marie-Luise & (Verfügbare Profile: Marie-Luise)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
Tcpip\..\Interfaces\{FC018661-EF6C-4533-B835-3D2AC0E19221}: [DhcpNameServer] 150.206.1.3
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FC018661-EF6C-4533-B835-3D2AC0E19221}\\DhcpNameServer => Wert erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 1.5 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 19:40:13 ====
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Professional x64
Ran by Marie-Luise (Administrator) on 30.11.2015 at 20:41:04,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\Users\Marie-Luise\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\extensions\mailcheck@gmx.net\searchplugins\mailcom-search.xml (File)
Deleted the following from C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\prefs.js
user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true);
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.11.2015 at 20:42:10,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Scan" gab es nicht, ich habe auf "Untersuchen" geklickt. FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015
durchgeführt von Marie-Luise (Administrator) auf MARIE-NOTEBOOK (30-11-2015 20:44:47)
Gestartet von C:\Users\Marie-Luise\Desktop
Geladene Profile: Marie-Luise (Verfügbare Profile: Marie-Luise)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\ProgramData\DatacardService\DCService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [900704 2013-03-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [384344 2013-11-29] (Lenovo.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-04-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-05-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-10-21] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [Screenleap] => C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe [2856992 2015-11-29] (Screenleap, Inc.)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [jedec-22] => C:\ProgramData\jedec-08\jedec-8.exe [439624 2015-11-30] (Enterprise Fighter)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\RunOnce: [Uninstall C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64"
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\RunOnce: [isotope-53] => C:\Users\Marie-Luise\AppData\Roaming\isotope-4\isotope-66.exe [619520 2015-11-30] (American Megatrends, Inc)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\MountPoints2: {8225d693-4841-11e5-9626-f8165465672d} - E:\AutoRun.exe
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\MountPoints2: {de3f79ed-2748-11e4-b820-806e6f6e6963} - Q:\LenovoQDrive.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\igpxtskmgn.lnk [2014-08-19]
ShortcutTarget: igpxtskmgn.lnk -> C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe (Docking Station)
Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-10-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\blvds-12.lnk [2015-11-30]
ShortcutTarget: blvds-12.lnk -> C:\Users\Marie-Luise\AppData\Roaming\blvds-47\blvds-56.exe (Intel(R) Corporation)
Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2015-11-30]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B3636DED-3BAF-45B6-A1E8-E155B3A14D72}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-1401465016-1591747146-3379758321-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012
FF Homepage: hxxp://www.jugendlosungen.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: GMX MailCheck - C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\extensions\mailcheck@gmx.net [2015-11-18]
FF Extension: Adblock Plus - C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-29]
FF HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [Datei ist nicht signiert]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-11] (DisplayLink Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-09-29] ()
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [22776 2015-03-03] (Validity Sensors, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-03-03] (Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-11] (Avira Operations GmbH & Co. KG)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-02] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [113096 2013-08-20] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429344 2014-02-18] (Intel Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Vimicro Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 20:42 - 2015-11-30 20:42 - 00001027 _____ C:\Users\Marie-Luise\Desktop\JRT.txt
2015-11-30 20:41 - 2015-11-30 20:41 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\blvds-47
2015-11-30 20:40 - 2015-11-30 20:40 - 00000000 ____D C:\ProgramData\diode-06
2015-11-30 20:39 - 2015-11-30 20:39 - 01599336 _____ (Malwarebytes) C:\Users\Marie-Luise\Desktop\JRT.exe
2015-11-30 19:38 - 2015-11-30 19:40 - 00002401 _____ C:\Users\Marie-Luise\Desktop\Fixlog.txt
2015-11-30 19:01 - 2015-11-30 19:01 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\isotope-4
2015-11-30 18:58 - 2015-11-30 18:58 - 00000000 ____D C:\ProgramData\jedec-08
2015-11-29 21:24 - 2015-11-29 21:58 - 00671528 _____ C:\TDSSKiller.3.1.0.6_29.11.2015_21.24.07_log.txt
2015-11-29 21:19 - 2015-11-29 21:23 - 00025671 _____ C:\Users\Marie-Luise\Desktop\Addition.txt
2015-11-29 21:19 - 2015-11-29 21:19 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Marie-Luise\Desktop\tdsskiller.exe
2015-11-29 21:18 - 2015-11-30 20:45 - 00018646 _____ C:\Users\Marie-Luise\Desktop\FRST.txt
2015-11-29 21:18 - 2015-11-30 20:44 - 00000000 ____D C:\FRST
2015-11-29 21:17 - 2015-11-29 21:17 - 02350080 _____ (Farbar) C:\Users\Marie-Luise\Desktop\FRST64.exe
2015-11-29 20:47 - 2015-11-29 20:47 - 00001025 _____ C:\Users\Marie-Luise\Desktop\AdwCleaner[C1].txt
2015-11-29 20:13 - 2015-11-29 20:19 - 00000000 ____D C:\AdwCleaner
2015-11-29 20:08 - 2015-11-29 20:08 - 01733632 _____ C:\Users\Marie-Luise\Desktop\adwcleaner_5.022.exe
2015-11-29 20:00 - 2015-11-30 19:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-29 20:00 - 2015-11-29 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-29 19:59 - 2015-11-29 20:00 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-29 19:59 - 2015-11-29 19:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-29 19:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-29 19:59 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-29 19:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-29 19:57 - 2015-11-29 19:59 - 22908888 _____ (Malwarebytes ) C:\Users\Marie-Luise\Desktop\mbam-setup-2.2.0.1024.exe.part
2015-11-29 19:57 - 2015-11-29 19:58 - 22908888 _____ (Malwarebytes ) C:\Users\Marie-Luise\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-29 19:51 - 2015-11-29 21:28 - 00000064 _____ C:\Users\Marie-Luise\.screenleap
2015-11-29 19:51 - 2015-11-29 20:29 - 00000000 ____D C:\Users\Marie-Luise\AppData\Local\Screenleap
2015-11-29 19:51 - 2015-11-29 19:51 - 00002000 _____ C:\Users\Marie-Luise\Desktop\Screenleap.lnk
2015-11-25 21:59 - 2015-11-30 19:05 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\pendulum-28
2015-11-18 19:00 - 2015-11-18 21:40 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\glonass-89
2015-11-15 17:20 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-13 08:38 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-13 08:38 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-13 08:38 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-13 08:38 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-13 08:38 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-13 08:38 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-13 08:38 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-13 08:38 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-13 08:38 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-13 08:38 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-13 08:38 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-13 08:38 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-13 08:38 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-13 08:38 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-13 08:38 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-13 08:38 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-13 08:35 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-13 08:35 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-13 08:35 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-13 08:35 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-13 08:35 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-13 08:35 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-13 08:35 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-13 08:35 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-13 08:35 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-13 08:35 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-13 08:35 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-13 08:35 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-13 08:35 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-13 08:35 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-13 08:35 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-13 08:35 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-13 08:35 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-13 08:35 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-13 08:35 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-13 08:35 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-13 08:35 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-13 08:35 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-13 08:35 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-13 08:35 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-13 08:35 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-13 08:35 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-13 08:35 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-13 08:35 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-13 08:35 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-13 08:35 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-13 08:35 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-13 08:35 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-13 08:35 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-13 08:35 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-13 08:35 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-13 08:35 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-13 08:35 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-13 08:35 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-13 08:35 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-13 08:35 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-13 08:35 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-13 08:35 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-13 08:35 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-13 08:35 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-13 08:35 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-13 08:35 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-13 08:35 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-13 08:35 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-13 08:35 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-13 08:35 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-13 08:35 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-13 08:35 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-13 08:35 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-13 08:35 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-13 08:35 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-13 08:35 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-13 08:35 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-13 08:35 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-13 08:35 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-13 08:35 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-13 08:35 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-13 08:35 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-13 08:35 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-13 08:35 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-13 08:33 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-13 08:32 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-13 08:32 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-13 08:32 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-13 08:32 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-13 08:32 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-13 08:32 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-13 08:32 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-13 08:32 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-13 08:32 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-13 08:32 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-13 08:32 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-13 08:32 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-13 08:32 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-13 08:32 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-13 08:32 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-13 08:32 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-13 08:32 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-13 08:32 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-13 08:32 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-13 08:32 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-13 08:32 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-13 08:32 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-13 08:32 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-13 08:32 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-13 08:32 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-13 08:32 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-13 08:32 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-13 08:32 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-13 08:32 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-13 08:32 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-13 08:32 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-13 08:32 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-13 08:32 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-13 08:32 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-13 08:32 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-13 08:32 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-13 08:32 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-13 08:32 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-13 08:32 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-13 08:31 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-13 08:31 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-13 08:31 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 21:39 - 2015-11-14 17:48 - 00000000 ____D C:\ProgramData\en
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 20:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-30 20:08 - 2015-08-18 19:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-30 19:50 - 2009-07-14 05:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-30 19:50 - 2009-07-14 05:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-30 19:47 - 2014-08-19 13:14 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-11-30 19:47 - 2014-08-19 13:14 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-11-30 19:47 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-30 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-30 19:41 - 2014-08-19 03:53 - 00000000 ____D C:\ProgramData\Validity
2015-11-30 19:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-30 19:05 - 2015-10-25 21:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-30 18:58 - 2015-05-05 19:39 - 00000000 ____D C:\Users\Marie-Luise\AppData\Local\VirtualStore
2015-11-29 21:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-11-29 19:51 - 2015-05-05 19:38 - 00000000 ____D C:\Users\Marie-Luise
2015-11-18 21:52 - 2014-08-19 04:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-18 21:50 - 2014-08-19 04:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-17 18:25 - 2014-01-30 22:17 - 00000000 __SHD C:\Users\Marie-Luise\AppData\Roaming\aghubwrh
2015-11-16 18:49 - 2009-07-14 05:45 - 00353816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-15 20:49 - 2014-08-18 20:55 - 00000000 ____D C:\ProgramData\Lenovo
2015-11-15 20:48 - 2014-08-19 03:55 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2015-11-15 20:48 - 2014-08-19 03:51 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-11-15 20:48 - 2014-08-19 03:41 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-11-15 17:08 - 2015-08-18 19:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-15 17:08 - 2015-05-23 19:20 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-15 17:08 - 2015-05-23 19:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-13 08:37 - 2014-01-30 22:46 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-13 08:35 - 2014-02-03 15:34 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-10 18:33 - 2015-05-16 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-10 18:33 - 2014-08-19 03:44 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-09 18:32 - 2015-05-16 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-01 20:08 - 2015-07-05 19:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-25 17:00 - 2015-05-25 17:00 - 16342352 _____ (Geek Software GmbH ) C:\Program Files (x86)\pdf24-creator-6.9.2.exe
2015-05-21 06:48 - 2015-05-21 06:48 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-08-19 03:53 - 2014-08-19 03:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-19 03:58 - 2014-08-19 03:59 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2014-08-19 03:56 - 2014-08-19 03:57 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-08-19 03:57 - 2014-08-19 03:58 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2014-08-19 03:58 - 2014-08-19 03:58 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Einige Dateien in TEMP:
====================
C:\Users\Marie-Luise\AppData\Local\Temp\avgnt.exe
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-30 20:04
==================== Ende von FRST.txt ============================
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015
durchgeführt von Marie-Luise (2015-11-30 20:45:23)
Gestartet von C:\Users\Marie-Luise\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-05-05 18:38:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1401465016-1591747146-3379758321-500 - Administrator - Disabled)
Gast (S-1-5-21-1401465016-1591747146-3379758321-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1401465016-1591747146-3379758321-1002 - Limited - Enabled)
Marie-Luise (S-1-5-21-1401465016-1591747146-3379758321-1001 - Administrator - Enabled) => C:\Users\Marie-Luise
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.62.50 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DisplayLink Core Software (HKLM\...\{BB07E020-7224-4EC3-864E-2AA0BF42A7DD}) (Version: 7.4.51572.0 - DisplayLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150424 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.64.1 - Lenovo Group Limited)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.911.3 - Vimicro)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.10 - )
Lenovo Fingerprint Manager (HKLM\...\{D6006D3A-B3F5-48DC-8CC0-D353912379F3}) (Version: 4.5.289.0 - Synaptics)
Lenovo Fingerprint Manager (HKLM\...\{F7AB2C19-6A27-4C75-A92A-8CC7C59E5FA2}) (Version: 4.5.289.0 - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0013 - Lenovo)
Lenovo USB Graphics (HKLM\...\{7257526E-B74A-488E-BA2E-56327482B06B}) (Version: 7.4.51587.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.15 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.04.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21234 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.40 - Synaptics Incorporated)
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (08/01/2013 12.8.0.1016) (HKLM\...\C8A921233C0C441A4E4EAABC2AB08C872FD77A6E) (Version: 08/01/2013 12.8.0.1016 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
15-11-2015 21:57:56 Windows Update
17-11-2015 18:31:47 Free Antivirus - 17.11.2015 18:31
30-11-2015 20:12:03 Geplanter Prüfpunkt
30-11-2015 20:41:04 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16A98A40-6353-410F-BD28-5345C3E2DBFE} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {170F753F-2D86-4F1F-9CE1-4AA1A116B757} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {2EFA6B85-313D-4DD0-B0EC-F2F364F27095} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {474F4629-0DE0-49C2-9D0C-EBF7918BE7D0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-29] ()
Task: {4E62F553-C70D-4BC3-B8D2-453C72CBEFF9} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {5F6F5F29-C047-400D-BD94-3D79F9F6CB0E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2013-10-21] (Lenovo Group Limited)
Task: {7B3C18C9-06C4-485E-AEE2-91B94C98115F} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {B2853026-549C-413A-AA6D-1DAF46B17F70} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {B9E972D3-A324-4B34-9048-0E6C4FC35A6E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {BDB79BDC-99DF-47C8-9513-0EFF6CD0C369} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {C3D0177B-A8A2-4DEE-B8BD-BDC9EAFD18DC} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {CD821E1D-24FE-4AC5-AE1D-F3A372670DF9} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {D29C9B0D-7B4F-442B-996D-3F2C93DED596} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {D5E0EB99-D92E-4F82-8685-FC48AC7298EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {E9CB273F-6CEF-4BA3-87EC-C20EE48E7600} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-15] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-08-19 03:51 - 2013-10-21 23:04 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-10-02 18:45 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2010-05-08 12:48 - 2010-05-08 12:48 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2014-08-19 03:39 - 2013-05-16 09:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{19CCF886-E8AC-4BE6-8588-095562D3E5F8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E6EE83DD-7E36-419E-9EAD-11E70FF5AC53}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{78EE11AE-7BAF-4D29-9A6B-D2DC562442FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F8B03271-CC30-4390-B53F-321E951E6ECB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3A91B0D-E7FA-477D-AC4E-3E9B2CCAE2B6}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{584F2355-8676-46E0-9165-282BAFE01DDC}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{17525D02-32D4-4C7B-8D25-7D7E990BAECB}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{C5EAB0C6-B0D9-4803-92E6-E3338DFEDD26}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{E3B484FE-6055-466D-B607-E6B57FF8676B}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0048073E-4041-42F9-94E3-F25516F9143D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3D2F336D-7117-49FD-B8A2-FC194C9598F5}] => (Allow) C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{9D60C568-89F2-42DB-9DEC-7D1704875119}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E921CD51-E941-4B81-A1A6-C79D2F14FDCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C7F4936-989A-4354-81B0-7FA153E46F75}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F808B78E-F593-47C1-B7ED-C600D8D5916B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/30/2015 07:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2015 07:05:34 PM) (Source: MsiInstaller) (EventID: 1024) (User: Marie-Notebook)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (11/30/2015 06:52:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 08:21:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 07:32:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/28/2015 08:47:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/27/2015 06:52:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/25/2015 10:54:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/25/2015 09:51:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/24/2015 06:30:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (11/30/2015 08:14:18 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:17 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:17 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:16 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:15 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:14 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:13 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:12 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:12 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
Error: (11/30/2015 08:14:11 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Windows7_OS" den Befehl "chkdsk" aus.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4100M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3810.46 MB
Verfügbarer physikalischer RAM: 2039.02 MB
Summe virtueller Speicher: 7619.12 MB
Verfügbarer virtueller Speicher: 5468.86 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:301.89 GB) (Free:252.77 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Volume) (Fixed) (Total:146.48 GB) (Free:120.8 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.92 GB) (Free:4.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 49FC2C21)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=301.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.11.2015, 20:52
| #13 |
| /// TB-Ausbilder | Windows7: Trojaner, registy befallen, HKU, HKCU Servus, Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 2 ESET Online Scanner
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
30.11.2015, 22:16
| #14 |
| | Windows7: Trojaner, registy befallen, HKU, HKCU Hallo, hier die Logdatei HitmanPro Code:
ATTFilter HitmanPro 3.7.10.251
www.hitmanpro.com
Computer name . . . . : MARIE-NOTEBOOK
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Marie-Notebook\Marie-Luise
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2015-11-30 21:01:33
Scan mode . . . . . . : Normal
Scan duration . . . . : 3m 47s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 3
Objects scanned . . . : 1.594.400
Files scanned . . . . : 12.456
Remnants scanned . . : 201.452 files / 1.380.492 keys
Suspicious files ____________________________________________________________
C:\ProgramData\jedec-08\jedec-8.exe
Size . . . . . . . : 439.624 bytes
Age . . . . . . . : 0.1 days (2015-11-30 18:58:32)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 9C9B997A01907D797A4ED4D80CF0994E86FF94FB225970913A25AA0928FD1418
Product . . . . . : Symantec Shared Components
Publisher . . . . : Enterprise Fighter
Description . . . : Symantec Shared Component
Version . . . . . : 3.7.6.3
Copyright . . . . : Copyright (c) 2010 Symantec Corporation. All rights reserved.
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Invalid
Fuzzy . . . . . . : 32.0
Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Program starts automatically without user intervention.
Uses the Windows Registry to run each time the user logs on.
Time indicates that the file appeared recently on this computer.
The file appears to be part of an installation package or setup program. This is typical for most programs.
Startup
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jedec-22
Forensic Cluster
0.0s C:\ProgramData\jedec-08\
0.0s C:\ProgramData\jedec-08\jedec-8.exe
0.4s C:\Users\Marie-Luise\AppData\Local\VirtualStore\Windows\SysWOW64\
0.4s C:\Users\Marie-Luise\AppData\Local\VirtualStore\Windows\
0.4s C:\Users\Marie-Luise\AppData\Local\VirtualStore\Windows\SysWOW64\쑧ཡ\
C:\Users\Marie-Luise\Desktop\FRST64.exe
Size . . . . . . . : 2.350.080 bytes
Age . . . . . . . : 1.0 days (2015-11-29 21:17:42)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 30CA3A4AACEF0010BC8EFDCCD96E0D319D3F64E70058EB3D45D9B8F11455F773
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0319899dd0f94649832c7c76301c9987
# end=init
# utc_time=2015-11-30 08:09:44
# local_time=2015-11-30 09:09:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26978
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0319899dd0f94649832c7c76301c9987
# end=updated
# utc_time=2015-11-30 08:14:54
# local_time=2015-11-30 09:14:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0319899dd0f94649832c7c76301c9987
# engine=26978
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-30 09:02:59
# local_time=2015-11-30 10:02:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15641512 200547229 0 0
# scanned=164836
# found=8
# cleaned=0
# scan_time=2885
sh=60919026F989953B9B75A2B53ED81B666862D550 ft=1 fh=a0eb4d35b0d10d8c vn="Win32/TrojanDownloader.Nymaim.BA Trojaner" ac=I fn="C:\ProgramData\jedec-08\jedec-8.exe"
sh=60919026F989953B9B75A2B53ED81B666862D550 ft=1 fh=a0eb4d35b0d10d8c vn="Win32/TrojanDownloader.Nymaim.BA Trojaner" ac=I fn="C:\Users\All Users\jedec-08\jedec-8.exe"
sh=709919F2DF08E8E228223DCE26E5086DE4B13252 ft=1 fh=f9249cec26af20c4 vn="Variante von Win32/Kryptik.EGPY Trojaner" ac=I fn="C:\Users\Marie-Luise\AppData\Roaming\isotope-4\isotope-66.exe"
sh=2DFE16FF0E5EAEC4DD1BCA5528D101275B2306CE ft=1 fh=7f251695af4b4876 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marie-Luise\Downloads\OpenOffice - CHIP-Installer.exe"
sh=813F3597C58FAA3BEA33996CBEDACBF10BEE6465 ft=1 fh=36bbe7146b0b791c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marie-Luise\Downloads\PDF24 Creator - CHIP-Installer.exe"
sh=FA76B7BE6E6C95BB40B51032DFFADC02C420E7BD ft=1 fh=246ca42c6e945b5a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marie-Luise\Downloads\Skype - CHIP-Installer.exe"
sh=3499B0B236DF2BAAD00B0F13A59AEB081F866BA5 ft=1 fh=e6f6e1ebb4631a06 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marie-Luise\Downloads\Sony PC Companion - CHIP-Installer.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/PSW.Papras.EH Trojaner" ac=I fn="${Memory}"
Anbei die beiden Dateien. FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015 durchgeführt von Marie-Luise (Administrator) auf MARIE-NOTEBOOK (30-11-2015 22:14:01) Gestartet von C:\Users\Marie-Luise\Desktop Geladene Profile: Marie-Luise (Verfügbare Profile: Marie-Luise) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe () C:\ProgramData\DatacardService\DCService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Screenleap, Inc.) C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe (Docking Station) C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [900704 2013-03-15] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [384344 2013-11-29] (Lenovo.) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-04-07] (Synaptics Incorporated) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-05-16] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-10-21] (Intel Corporation) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro) HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [Screenleap] => C:\Users\Marie-Luise\AppData\Local\Screenleap\Screenleap.exe [2856992 2015-11-29] (Screenleap, Inc.) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [jedec-22] => C:\ProgramData\jedec-08\jedec-8.exe [439624 2015-11-30] (Enterprise Fighter) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\RunOnce: [Uninstall C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64" HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\RunOnce: [isotope-53] => C:\Users\Marie-Luise\AppData\Roaming\isotope-4\isotope-66.exe [619520 2015-11-30] (American Megatrends, Inc) HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\MountPoints2: {8225d693-4841-11e5-9626-f8165465672d} - E:\AutoRun.exe HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\MountPoints2: {de3f79ed-2748-11e4-b820-806e6f6e6963} - Q:\LenovoQDrive.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\igpxtskmgn.lnk [2014-08-19] ShortcutTarget: igpxtskmgn.lnk -> C:\Program Files (x86)\Lenovo\USB3.0 DVI Adapter\igpxtskmgn64win7.exe (Docking Station) Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-10-02] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\blvds-12.lnk [2015-11-30] ShortcutTarget: blvds-12.lnk -> C:\Users\Marie-Luise\AppData\Roaming\blvds-47\blvds-56.exe (Intel(R) Corporation) Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2015-11-30] ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{B3636DED-3BAF-45B6-A1E8-E155B3A14D72}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad SearchScopes: HKU\S-1-5-21-1401465016-1591747146-3379758321-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012 FF Homepage: hxxp://www.jugendlosungen.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-15] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-15] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: GMX MailCheck - C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\extensions\mailcheck@gmx.net [2015-11-18] FF Extension: Adblock Plus - C:\Users\Marie-Luise\AppData\Roaming\Mozilla\Firefox\Profiles\26x876dm.default-1432661222012\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-29] FF HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-11] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-11] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation) R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [Datei ist nicht signiert] R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-11] (DisplayLink Corp.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] () S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert] S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-09-29] () R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [22776 2015-03-03] (Validity Sensors, Inc.) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-03-03] (Synaptics Incorporated) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-11] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-11] (Avira Operations GmbH & Co. KG) R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-02] (Intel Corporation) R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [113096 2013-08-20] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429344 2014-02-18] (Intel Corporation) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated) S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility) R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider) R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Vimicro Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-30 21:04 - 2015-11-30 21:04 - 02870984 _____ (ESET) C:\Users\Marie-Luise\Desktop\esetsmartinstaller_deu.exe 2015-11-30 21:00 - 2015-11-30 21:07 - 00000000 ____D C:\ProgramData\HitmanPro 2015-11-30 20:59 - 2015-11-30 20:59 - 11337112 _____ (SurfRight B.V.) C:\Users\Marie-Luise\Desktop\HitmanPro_x64.exe 2015-11-30 20:54 - 2015-11-30 20:54 - 00000000 ____D C:\Users\Marie-Luise\AppData\Local\CrashRpt 2015-11-30 20:42 - 2015-11-30 20:42 - 00001027 _____ C:\Users\Marie-Luise\Desktop\JRT.txt 2015-11-30 20:41 - 2015-11-30 20:41 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\blvds-47 2015-11-30 20:40 - 2015-11-30 20:40 - 00000000 ____D C:\ProgramData\diode-06 2015-11-30 20:39 - 2015-11-30 20:39 - 01599336 _____ (Malwarebytes) C:\Users\Marie-Luise\Desktop\JRT.exe 2015-11-30 19:38 - 2015-11-30 19:40 - 00002401 _____ C:\Users\Marie-Luise\Desktop\Fixlog.txt 2015-11-30 19:01 - 2015-11-30 19:01 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\isotope-4 2015-11-30 18:58 - 2015-11-30 18:58 - 00000000 ____D C:\ProgramData\jedec-08 2015-11-29 21:24 - 2015-11-29 21:58 - 00671528 _____ C:\TDSSKiller.3.1.0.6_29.11.2015_21.24.07_log.txt 2015-11-29 21:19 - 2015-11-30 20:45 - 00025194 _____ C:\Users\Marie-Luise\Desktop\Addition.txt 2015-11-29 21:19 - 2015-11-29 21:19 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Marie-Luise\Desktop\tdsskiller.exe 2015-11-29 21:18 - 2015-11-30 22:14 - 00021302 _____ C:\Users\Marie-Luise\Desktop\FRST.txt 2015-11-29 21:18 - 2015-11-30 22:14 - 00000000 ____D C:\FRST 2015-11-29 21:17 - 2015-11-29 21:17 - 02350080 _____ (Farbar) C:\Users\Marie-Luise\Desktop\FRST64.exe 2015-11-29 20:47 - 2015-11-29 20:47 - 00001025 _____ C:\Users\Marie-Luise\Desktop\AdwCleaner[C1].txt 2015-11-29 20:13 - 2015-11-29 20:19 - 00000000 ____D C:\AdwCleaner 2015-11-29 20:08 - 2015-11-29 20:08 - 01733632 _____ C:\Users\Marie-Luise\Desktop\adwcleaner_5.022.exe 2015-11-29 20:00 - 2015-11-30 21:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-29 20:00 - 2015-11-29 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-29 19:59 - 2015-11-29 20:00 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-29 19:59 - 2015-11-29 19:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-29 19:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-11-29 19:59 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-11-29 19:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-11-29 19:57 - 2015-11-29 19:59 - 22908888 _____ (Malwarebytes ) C:\Users\Marie-Luise\Desktop\mbam-setup-2.2.0.1024.exe.part 2015-11-29 19:57 - 2015-11-29 19:58 - 22908888 _____ (Malwarebytes ) C:\Users\Marie-Luise\Desktop\mbam-setup-2.2.0.1024.exe 2015-11-29 19:51 - 2015-11-29 21:28 - 00000064 _____ C:\Users\Marie-Luise\.screenleap 2015-11-29 19:51 - 2015-11-29 20:29 - 00000000 ____D C:\Users\Marie-Luise\AppData\Local\Screenleap 2015-11-29 19:51 - 2015-11-29 19:51 - 00002000 _____ C:\Users\Marie-Luise\Desktop\Screenleap.lnk 2015-11-25 21:59 - 2015-11-30 19:05 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\pendulum-28 2015-11-18 19:00 - 2015-11-18 21:40 - 00000000 ____D C:\Users\Marie-Luise\AppData\Roaming\glonass-89 2015-11-15 17:20 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-13 08:38 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-13 08:38 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-13 08:38 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-13 08:38 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-11-13 08:38 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-13 08:38 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-13 08:38 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-11-13 08:38 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-13 08:35 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-11-13 08:35 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-11-13 08:35 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-13 08:35 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-13 08:35 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-11-13 08:35 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-13 08:35 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-13 08:35 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-11-13 08:35 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-11-13 08:35 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-13 08:35 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-11-13 08:35 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-13 08:35 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-11-13 08:35 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-13 08:35 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-13 08:35 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-11-13 08:35 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-13 08:35 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-13 08:35 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-11-13 08:35 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-13 08:35 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-13 08:35 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-11-13 08:35 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-13 08:35 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-13 08:35 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-11-13 08:35 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-13 08:35 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-13 08:35 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-13 08:35 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-11-13 08:35 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-11-13 08:35 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-11-13 08:35 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-11-13 08:35 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-11-13 08:35 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-13 08:35 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-11-13 08:35 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-11-13 08:35 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-11-13 08:35 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-13 08:35 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-11-13 08:35 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-11-13 08:35 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-11-13 08:35 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-13 08:35 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-13 08:35 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-13 08:35 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-11-13 08:35 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-11-13 08:35 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-13 08:35 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-13 08:35 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-11-13 08:35 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-11-13 08:35 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-11-13 08:35 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-13 08:35 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-11-13 08:35 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-13 08:35 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-11-13 08:35 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-13 08:35 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-13 08:35 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-11-13 08:35 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-11-13 08:35 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-13 08:35 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-13 08:35 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-13 08:35 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-13 08:35 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-13 08:33 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-13 08:32 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-13 08:32 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-13 08:32 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-11-13 08:32 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-11-13 08:32 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-13 08:32 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-11-13 08:32 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-11-13 08:32 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-11-13 08:32 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-11-13 08:32 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-11-13 08:32 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-11-13 08:32 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-11-13 08:32 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-11-13 08:32 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-11-13 08:32 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-11-13 08:32 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-11-13 08:32 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-11-13 08:32 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-11-13 08:32 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-11-13 08:32 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-13 08:32 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-13 08:32 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-13 08:32 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-11-13 08:32 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-11-13 08:32 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-13 08:32 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-13 08:32 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-13 08:32 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-13 08:32 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-13 08:32 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-13 08:32 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-13 08:32 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-13 08:31 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-11-13 08:31 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-11-13 08:31 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-11-11 21:39 - 2015-11-14 17:48 - 00000000 ____D C:\ProgramData\en ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-30 22:08 - 2015-08-18 19:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-30 21:01 - 2009-07-14 05:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-30 21:01 - 2009-07-14 05:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-30 21:00 - 2014-08-19 13:14 - 00699342 _____ C:\Windows\system32\perfh007.dat 2015-11-30 21:00 - 2014-08-19 13:14 - 00149450 _____ C:\Windows\system32\perfc007.dat 2015-11-30 21:00 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-30 21:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-11-30 20:53 - 2014-08-19 03:53 - 00000000 ____D C:\ProgramData\Validity 2015-11-30 20:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-30 20:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-11-30 20:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-11-30 19:05 - 2015-10-25 21:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-30 18:58 - 2015-05-05 19:39 - 00000000 ____D C:\Users\Marie-Luise\AppData\Local\VirtualStore 2015-11-29 19:51 - 2015-05-05 19:38 - 00000000 ____D C:\Users\Marie-Luise 2015-11-18 21:52 - 2014-08-19 04:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-11-18 21:50 - 2014-08-19 04:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-11-17 18:25 - 2014-01-30 22:17 - 00000000 __SHD C:\Users\Marie-Luise\AppData\Roaming\aghubwrh 2015-11-16 18:49 - 2009-07-14 05:45 - 00353816 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-15 20:49 - 2014-08-18 20:55 - 00000000 ____D C:\ProgramData\Lenovo 2015-11-15 20:48 - 2014-08-19 03:55 - 00000000 ____D C:\Windows\System32\Tasks\TVT 2015-11-15 20:48 - 2014-08-19 03:51 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools 2015-11-15 20:48 - 2014-08-19 03:41 - 00000000 ____D C:\Program Files (x86)\Lenovo 2015-11-15 17:08 - 2015-08-18 19:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-15 17:08 - 2015-05-23 19:20 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-15 17:08 - 2015-05-23 19:20 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-13 08:37 - 2014-01-30 22:46 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-13 08:35 - 2014-02-03 15:34 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-10 18:33 - 2015-05-16 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-10 18:33 - 2014-08-19 03:44 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-09 18:32 - 2015-05-16 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-01 20:08 - 2015-07-05 19:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-05-25 17:00 - 2015-05-25 17:00 - 16342352 _____ (Geek Software GmbH ) C:\Program Files (x86)\pdf24-creator-6.9.2.exe 2015-05-21 06:48 - 2015-05-21 06:48 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-08-19 03:53 - 2014-08-19 03:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-08-19 03:58 - 2014-08-19 03:59 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log 2014-08-19 03:56 - 2014-08-19 03:57 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2014-08-19 03:57 - 2014-08-19 03:58 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log 2014-08-19 03:58 - 2014-08-19 03:58 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log Einige Dateien in TEMP: ==================== C:\Users\Marie-Luise\AppData\Local\Temp\avgnt.exe Einige mit null Byte Größe Dateien/Ordner: ========================== C:\Windows\SysWOW64\dlumd10.dll C:\Windows\SysWOW64\dlumd11.dll C:\Windows\SysWOW64\dlumd9.dll C:\Windows\System32\dlumd10.dll C:\Windows\System32\dlumd11.dll C:\Windows\System32\dlumd9.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-30 20:04 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015
durchgeführt von Marie-Luise (2015-11-30 22:14:42)
Gestartet von C:\Users\Marie-Luise\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-05-05 18:38:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1401465016-1591747146-3379758321-500 - Administrator - Disabled)
Gast (S-1-5-21-1401465016-1591747146-3379758321-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1401465016-1591747146-3379758321-1002 - Limited - Enabled)
Marie-Luise (S-1-5-21-1401465016-1591747146-3379758321-1001 - Administrator - Enabled) => C:\Users\Marie-Luise
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.62.50 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DisplayLink Core Software (HKLM\...\{BB07E020-7224-4EC3-864E-2AA0BF42A7DD}) (Version: 7.4.51572.0 - DisplayLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150424 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.64.1 - Lenovo Group Limited)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.911.3 - Vimicro)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.2.32 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.10 - )
Lenovo Fingerprint Manager (HKLM\...\{D6006D3A-B3F5-48DC-8CC0-D353912379F3}) (Version: 4.5.289.0 - Synaptics)
Lenovo Fingerprint Manager (HKLM\...\{F7AB2C19-6A27-4C75-A92A-8CC7C59E5FA2}) (Version: 4.5.289.0 - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0013 - Lenovo)
Lenovo USB Graphics (HKLM\...\{7257526E-B74A-488E-BA2E-56327482B06B}) (Version: 7.4.51587.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.15 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.04.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21234 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.40 - Synaptics Incorporated)
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (08/01/2013 12.8.0.1016) (HKLM\...\C8A921233C0C441A4E4EAABC2AB08C872FD77A6E) (Version: 08/01/2013 12.8.0.1016 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
15-11-2015 21:57:56 Windows Update
17-11-2015 18:31:47 Free Antivirus - 17.11.2015 18:31
30-11-2015 20:12:03 Geplanter Prüfpunkt
30-11-2015 20:41:04 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16A98A40-6353-410F-BD28-5345C3E2DBFE} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {170F753F-2D86-4F1F-9CE1-4AA1A116B757} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {2EFA6B85-313D-4DD0-B0EC-F2F364F27095} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {474F4629-0DE0-49C2-9D0C-EBF7918BE7D0} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-29] ()
Task: {4E62F553-C70D-4BC3-B8D2-453C72CBEFF9} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {5F6F5F29-C047-400D-BD94-3D79F9F6CB0E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2013-10-21] (Lenovo Group Limited)
Task: {7B3C18C9-06C4-485E-AEE2-91B94C98115F} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {B2853026-549C-413A-AA6D-1DAF46B17F70} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {B9E972D3-A324-4B34-9048-0E6C4FC35A6E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {BDB79BDC-99DF-47C8-9513-0EFF6CD0C369} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo)
Task: {C3D0177B-A8A2-4DEE-B8BD-BDC9EAFD18DC} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {CD821E1D-24FE-4AC5-AE1D-F3A372670DF9} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] ()
Task: {D29C9B0D-7B4F-442B-996D-3F2C93DED596} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo)
Task: {D5E0EB99-D92E-4F82-8685-FC48AC7298EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {E9CB273F-6CEF-4BA3-87EC-C20EE48E7600} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-15] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-08-19 03:51 - 2013-10-21 23:04 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-10-02 18:45 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2010-05-08 12:48 - 2010-05-08 12:48 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2014-08-19 03:45 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-08-19 03:39 - 2013-05-16 09:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-16 22:15 - 2015-05-07 21:20 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-16 22:15 - 2015-05-07 21:20 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-16 22:15 - 2015-05-07 21:20 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{19CCF886-E8AC-4BE6-8588-095562D3E5F8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E6EE83DD-7E36-419E-9EAD-11E70FF5AC53}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{78EE11AE-7BAF-4D29-9A6B-D2DC562442FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F8B03271-CC30-4390-B53F-321E951E6ECB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3A91B0D-E7FA-477D-AC4E-3E9B2CCAE2B6}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{584F2355-8676-46E0-9165-282BAFE01DDC}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{17525D02-32D4-4C7B-8D25-7D7E990BAECB}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{C5EAB0C6-B0D9-4803-92E6-E3338DFEDD26}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{E3B484FE-6055-466D-B607-E6B57FF8676B}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0048073E-4041-42F9-94E3-F25516F9143D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3D2F336D-7117-49FD-B8A2-FC194C9598F5}] => (Allow) C:\Users\Marie-Luise\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{9D60C568-89F2-42DB-9DEC-7D1704875119}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E921CD51-E941-4B81-A1A6-C79D2F14FDCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C7F4936-989A-4354-81B0-7FA153E46F75}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F808B78E-F593-47C1-B7ED-C600D8D5916B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/30/2015 10:07:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (11/30/2015 09:09:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (11/30/2015 09:09:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (11/30/2015 09:04:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (11/30/2015 08:54:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2015 07:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2015 07:05:34 PM) (Source: MsiInstaller) (EventID: 1024) (User: Marie-Notebook)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (11/30/2015 06:52:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 08:21:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 07:32:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (11/30/2015 09:14:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 09:14:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIE-~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (11/30/2015 09:14:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 09:14:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIE-~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (11/30/2015 09:14:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 09:14:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIE-~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (11/30/2015 09:10:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 09:10:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIE-~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (11/30/2015 09:10:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 09:10:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\MARIE-~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4100M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 3810.46 MB
Verfügbarer physikalischer RAM: 1443.87 MB
Summe virtueller Speicher: 7619.12 MB
Verfügbarer virtueller Speicher: 4518.07 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:301.89 GB) (Free:252.38 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Volume) (Fixed) (Total:146.48 GB) (Free:120.8 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.92 GB) (Free:4.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 49FC2C21)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=301.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
01.12.2015, 13:58
| #15 |
| /// TB-Ausbilder | Windows7: Trojaner, registy befallen, HKU, HKCU Servus, Auf ins Gefecht...  Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\Run: [jedec-22] => C:\ProgramData\jedec-08\jedec-8.exe [439624 2015-11-30] (Enterprise Fighter)
C:\ProgramData\jedec-08
HKU\S-1-5-21-1401465016-1591747146-3379758321-1001\...\RunOnce: [isotope-53] => C:\Users\Marie-Luise\AppData\Roaming\isotope-4\isotope-66.exe [619520 2015-11-30] (American Megatrends, Inc)
C:\Users\Marie-Luise\AppData\Roaming\isotope-4
Startup: C:\Users\Marie-Luise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\blvds-12.lnk [2015-11-30]
C:\Users\Marie-Luise\AppData\Roaming\blvds-47
C:\ProgramData\diode-06
C:\ProgramData\jedec-08
C:\Users\Marie-Luise\AppData\Roaming\pendulum-28
C:\Users\Marie-Luise\AppData\Roaming\glonass-89
C:\Users\Marie-Luise\AppData\Roaming\aghubwrh
C:\Users\Marie-Luise\Downloads\*CHIP-Installer.exe
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
Folder: C:\Users\Marie-Luise\AppData\Roaming
Folder: C:\ProgramData
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
| Themen zu Windows7: Trojaner, registy befallen, HKU, HKCU |
| avira, bericht, betriebssystem, browser, bytes, code, dateien, desktop, einstellungen, entfernen, erstellt, gelöscht, internetbrowser, log, malware, ordner, quarantäne, server, service, software, suche, trojaner, windows, windows 7, winsock |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
