| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Fremdzugriff Trojaner, PUP.Optional.MindSpake?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.01.2016, 16:58
| #1 |
| |  Fremdzugriff Trojaner, PUP.Optional.MindSpake? Beim Reinigen mit WiseCleaner365 fiel mir auf, dass in der Benutzer-Dateiverlaufsliste immer wieder Zeilenanfänge mit sonderbare asiatische Zeichen (siehe Anlage) beginnen. Die mit WiseCliner 365 gelöscht wurden. Aber später immer wieder auftauchen. Lässt dies auf einen Zugriff von Außen wschließen? Ab und zu tauchten beim Surfen auch Popup’s auf. Manche Windows-Explorer-Verzeichnisse benötigten sehr sehr lange, bis sie angezeigt wurden. Avira zeigte keinen Fehler an auch Ad-Aware-Antivirus und AdwCleaner nicht. Malwarebytes meldete: PUP.Optional.MindSpake und diese wurde von hier aus in Quarantäne geschickt. Ein 2. Durchlauf zeigte keinen Fehler mehr an. Habe ich mir einen Trojaner eingefangen? Greift hier jemand auf meinen Rechner zu? Ist mein PC jetzt wieder sauber? Sind jetzt alle unerwünschten Programme auch wirklich gelöscht? Notebook mit Windows 7 Professional System Internetzugang fast ausschließlich über Firefox Mailzugang über Thunderbird Geändert von schön (07.01.2016 um 17:04 Uhr) |
|
07.01.2016, 17:38
| #2 |
| /// TB-Ausbilder   | Fremdzugriff Trojaner, PUP.Optional.MindSpake? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Ob dein Rechner wieder komplett sauber ist, kann ich dir erst sagen, wenn wir eine genaue Analyse vorgenommen haben. Hast du denn auch alle Funde von AdwCleaner entfernen lassen? Wenn nicht, AdwCleaner nochmal starten und alle Funde entfernen lassen. Dann bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
07.01.2016, 18:56
| #3 |
| | Fremdzugriff Trojaner, PUP.Optional.MindSpake? Hallo Matthias,
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015 durchgeführt von Nutzer 1 (ACHTUNG: der Benutzer ist kein Administrator) auf PC-486 (07-01-2016 18:24:28) Gestartet von D:\Software\Viren\FRST Geladene Profile: Admin & Nutzer 1 (Verfügbare Profile: Admin & Nutzer 1) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> smss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> wininit.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> services.exe konnte nicht auf den Prozess zugreifen -> lsass.exe konnte nicht auf den Prozess zugreifen -> lsm.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> atiesrxx.exe konnte nicht auf den Prozess zugreifen -> winlogon.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> wlanext.exe konnte nicht auf den Prozess zugreifen -> conhost.exe konnte nicht auf den Prozess zugreifen -> atieclxx.exe konnte nicht auf den Prozess zugreifen -> spoolsv.exe konnte nicht auf den Prozess zugreifen -> sched.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> armsvc.exe konnte nicht auf den Prozess zugreifen -> agr64svc.exe konnte nicht auf den Prozess zugreifen -> avguard.exe konnte nicht auf den Prozess zugreifen -> AVerRemote.exe konnte nicht auf den Prozess zugreifen -> AVerScheduleService.exe konnte nicht auf den Prozess zugreifen -> AVerUpdateServer.exe konnte nicht auf den Prozess zugreifen -> btwdins.exe konnte nicht auf den Prozess zugreifen -> officeclicktorun.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> IGRS.exe konnte nicht auf den Prozess zugreifen -> AdAwareService.exe konnte nicht auf den Prozess zugreifen -> LMS.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe konnte nicht auf den Prozess zugreifen -> mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe konnte nicht auf den Prozess zugreifen -> StarMoneyOnlineUpdate.exe konnte nicht auf den Prozess zugreifen -> svchost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (ArcSoft, Inc.) C:\Program Files (x86)\Lenovo\ArcSoft TotalMedia 3.5\TMMonitor.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe (Thought Communications, Inc.) C:\Program Files (x86)\FaxTalk Communicator\FTCtrl32.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Thought Communications, Inc.) C:\Program Files (x86)\FaxTalk Communicator\fapiexe.exe konnte nicht auf den Prozess zugreifen -> avshadow.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe konnte nicht auf den Prozess zugreifen -> svchost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe konnte nicht auf den Prozess zugreifen -> NASvc.exe konnte nicht auf den Prozess zugreifen -> UNS.exe konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe konnte nicht auf den Prozess zugreifen -> TrustedInstaller.exe (WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe konnte nicht auf den Prozess zugreifen -> dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_267.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-01-29] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1889064 2009-12-03] (Synaptics Incorporated) HKLM\...\Run: [SynBtnAsst] => C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [54568 2009-12-03] (Synaptics Incorporated) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4400064 2009-12-26] (Lenovo(beijing) Limited) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [6988736 2009-12-26] (Lenovo (Beijing) Limited) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe [9574112 2015-12-09] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-31] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167008 2009-11-11] (CyberLink Corp.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [221728 2015-10-05] (Geek Software GmbH) HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de) HKLM-x32\...\Run: [CallControl 4.7] => C:\PROGRAM FILES (X86)\FAXTALK COMMUNICATOR\FTCtrl32.exe [176128 2007-06-26] (Thought Communications, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-03-22] (Nero AG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2344377078-39533511-3171030454-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd) HKU\S-1-5-21-2344377078-39533511-3171030454-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root \Office15\GROOVEEX.DLL [2015-12-24] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2015-12-25] ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2015-12-25] ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-10-14] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-10-14] ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\Lenovo\ArcSoft TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.179.1 Tcpip\..\Interfaces\{84597331-750D-4553-B8C1-96A8DB100711}: [DhcpNameServer] 192.168.179.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-2344377078-39533511-3171030454-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result? source=art&q= HKU\S-1-5-21-2344377078-39533511-3171030454-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result? source=art&q= HKU\S-1-5-21-2344377078-39533511-3171030454-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result? source=art&q= URLSearchHook: [S-1-5-21-2344377078-39533511-3171030454-1000] ACHTUNG => Standard URLSearchHook fehlt SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS \ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-24] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS \ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-24] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS \ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-24] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root \Office15\OCHelper.dll [2015-12-24] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-24] (Microsoft Corporation) BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root \Office15\GROOVEEX.DLL [2015-12-24] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12- 02] (Oracle Corporation) Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-12-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Nutzer 1\AppData\Roaming\Mozilla\Firefox\Profiles\4077d4i2.default FF DefaultSearchEngine: Ixquick HTTPS - Deutsch FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-02] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-02] () FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins \npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-12-01] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Nutzer 1\AppData\Roaming\Mozilla\Firefox\Profiles\4077d4i2.default\searchplugins\ixquick-https---deutsch.xml [2016-01-04] FF SearchPlugin: C:\Users\Nutzer 1\AppData\Roaming\Mozilla\Firefox\Profiles\4077d4i2.default\searchplugins\unbubbleeu.xml [2015-12-02] FF Extension: WOT - C:\Users\Nutzer 1\AppData\Roaming\Mozilla\Firefox\Profiles\4077d4i2.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-01-02] FF Extension: Avira Browser Safety - C:\Users\Nutzer 1\AppData\Roaming\Mozilla\Firefox\Profiles\4077d4i2.default\Extensions\abs@avira.com [2015-12-30] FF Extension: Ixquick Toolbar - C:\Users\Nutzer 1\AppData\Roaming\Mozilla\Firefox\Profiles\4077d4i2.default\Extensions\{0D4B5813-2CB5-439D-839C- 4638597EFAFA}.xpi [2015-12-02] [ist nicht signiert] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-12-05] (AVerMedia) R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [412480 2015-12-05] () R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [Datei ist nicht signiert] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-07-01] (Broadcom Corporation.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation) R2 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe [712432 2015-12-09] () S3 Lenovo ReadyComm AppSvc; C:\Program Files (x86)\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited) S3 Lenovo ReadyComm ConnSvc; C:\Program Files (x86)\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited) R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited) S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited) R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-07-29] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [271272 2015-07-29] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-07-29] (BitDefender) S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [599552 2009-12-09] (AVerMedia TECHNOLOGIES, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-03] (Avira Operations GmbH & Co. KG) R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2015-01-06] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2015-01-06] (BitDefender LLC) S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-16] (Lenovo) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.99.0\gzflt.sys [155912 2015-12-09] (BitDefender LLC) R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17520 2009-11-16] (JMicron Technology Corp.) R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [53616 2009-11-25] (JMicron Technology Corp.) R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [28528 2009-11-25] (JMicron Technology Corp.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-06] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.) R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo) R3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-10-14] (wisecleaner.com) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-07 18:21 - 2016-01-07 18:24 - 00000000 ____D C:\FRST 2016-01-07 17:07 - 2016-01-07 17:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-05 19:59 - 2016-01-06 00:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-01-05 19:59 - 2016-01-05 19:59 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-05 19:59 - 2016-01-05 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-05 19:59 - 2016-01-05 19:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-05 19:59 - 2016-01-05 19:59 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-01-05 19:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-01-05 19:59 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-01-05 19:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-01-05 18:42 - 2016-01-07 15:24 - 00000400 _____ C:\Windows\Tasks\Wise Care 365.job 2016-01-05 18:42 - 2016-01-06 12:56 - 00000428 _____ C:\Windows\Tasks\Wise Turbo Checker.job 2016-01-04 21:43 - 2016-01-04 21:43 - 00000000 ____D C:\Users\Nutzer 1\AppData\Local\calibre-cache 2016-01-04 21:38 - 2016-01-04 21:55 - 00000930 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk 2016-01-04 21:38 - 2016-01-04 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2016-01-04 21:38 - 2016-01-04 21:55 - 00000000 ____D C:\Program Files\Calibre2 2016-01-04 21:38 - 2016-01-04 21:48 - 00000000 ____D C:\Users\Nutzer 1\AppData\Roaming\calibre 2016-01-04 13:54 - 2016-01-04 13:54 - 00003584 _____ C:\Users\Nutzer 1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-04 06:50 - 2016-01-04 06:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia 2016-01-04 06:36 - 2016-01-04 06:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Avira 2016-01-04 06:30 - 2016-01-04 06:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe 2016-01-03 22:26 - 2016-01-03 21:56 - 43585316 _____ C:\Users\___Märchen-Am Set von _Die Sechs Schwäne_-0664775349.mp4 2016-01-03 01:46 - 2016-01-07 16:32 - 00000000 ____D C:\Users\Nutzer 1\AppData\Local\CrashDumps 2016-01-02 02:06 - 2016-01-02 02:06 - 00000000 ____D C:\Users\Nutzer 1\AppData\Roaming\Macromedia 2016-01-02 02:06 - 2016-01-02 02:06 - 00000000 ____D C:\Users\Nutzer 1\AppData\Local\Macromedia 2016-01-02 02:03 - 2016-01-02 02:03 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-01-02 02:03 - 2016-01-02 02:03 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-02 02:03 - 2016-01-02 02:03 - 00000000 ____D C:\Windows\system32\Macromed 2015-12-30 22:12 - 2016-01-02 01:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-12-28 12:37 - 2015-12-28 12:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-12-27 01:29 - 2016-01-04 19:48 - 00000000 ____D C:\Users\Nutzer 1\AppData\Roaming\vlc 2015-12-25 19:21 - 2016-01-07 16:30 - 00000000 ____D C:\Users\Nutzer 1\AppData\Local\FreePDF_XP 2015-12-25 01:00 - 2015-12-25 17:26 - 00000000 ____D C:\Users\Nutzer 1\Documents\AVerTV 2015-12-25 00:48 - 2015-12-25 14:49 - 00000000 ____D C:\ProgramData\AVerTV 3D 2015-12-25 00:47 - 2015-12-25 14:56 - 00000000 ____D C:\Users\Nutzer 1\AppData\Local\AVerMedia 2015-12-25 00:47 - 2015-12-25 00:47 - 00002036 _____ C:\Users\Public\Desktop\AVerTV 3D.lnk 2015-12-25 00:47 - 2015-12-25 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia 2015-12-25 00:44 - 2015-12-05 20:00 - 00651264 _____ C:\Windows\SysWOW64\sptlib21.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00462848 _____ C:\Windows\SysWOW64\sptlib12.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00421888 _____ C:\Windows\SysWOW64\sptlib02.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00364032 _____ () C:\Windows\SysWOW64\amalib25.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00327680 _____ C:\Windows\SysWOW64\libde265.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00311296 _____ C:\Windows\SysWOW64\sptlib01.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00307200 _____ C:\Windows\SysWOW64\sptlib22.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00307200 _____ C:\Windows\SysWOW64\sptlib03.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00294912 _____ C:\Windows\SysWOW64\sptlib11.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00194560 _____ (AVerMedia Technologies, Inc.) C:\Windows\SysWOW64\CardID.dll 2015-12-25 00:44 - 2015-12-05 20:00 - 00045056 _____ (Open Source Software community project) C:\Windows\SysWOW64\pthreadVC.dll 2015-12-25 00:41 - 2015-12-25 00:44 - 00000000 ____D C:\Program Files (x86)\AVerMedia 2015-12-25 00:41 - 2015-12-25 00:41 - 00000000 ____D C:\Windows\Driver Cache 2015-12-25 00:41 - 2009-12-09 03:38 - 00599552 _____ (AVerMedia TECHNOLOGIES, Inc.) C:\Windows\system32\Drivers\AVerAF35.sys 2015-12-24 19:05 - 2015-12-24 19:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2015-12-24 16:46 - 2015-12-24 16:46 - 00000000 ____D C:\Users\Nutzer 1\AppData\Roaming\Lavasoft 2015-12-24 16:39 - 2015-12-24 16:39 - 00000000 ____D C:\ProgramData\BitDefender 2015-12-24 16:31 - 2016-01-07 15:27 - 00002321 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2015-12-24 16:31 - 2015-12-24 16:31 - 00000000 ____D C:\Users\Nutzer 1\AppData\Roaming\LavasoftStatistics 2015-12-24 16:31 - 2015-12-24 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2015-12-24 16:31 - 2015-01-06 12:47 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll 2015-12-24 16:31 - 2015-01-06 12:47 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll 2015-12-24 16:31 - 2015-01-06 12:47 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll 2015-12-24 16:31 - 2015-01-06 12:47 - 00156936 _____ C:\Windows\system32\bdfwcore.dll 2015-12-24 16:31 - 2015-01-06 12:47 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll 2015-12-24 16:31 - 2015-01-06 12:47 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll 2015-12-24 16:31 - 2015-01-06 12:47 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll 2015-12-24 16:31 - 2015-01-06 12:37 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll 2015-12-24 16:29 - 2015-12-24 16:29 - 00000000 ____D C:\Program Files\Lavasoft 2015-12-24 16:27 - 2015-12-24 16:27 - 00000000 ____D C:\Program Files\Common Files\Lavasoft 2015-12-24 16:26 - 2015-12-24 16:26 - 00000000 ____D C:\ProgramData\Lavasoft 2015-12-24 03:36 - 2015-12-24 03:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-12-24 03:21 - 2015-12-24 03:21 - 00000000 ____D C:\Users\Nutzer 1\AppData\Roaming\Avira 2015-12-24 03:19 - 2015-12-03 15:24 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-12-24 03:19 - 2015-12-03 15:24 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-12-24 03:19 - 2015-12-03 15:24 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-12-24 03:19 - 2015-12-03 15:24 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-12-24 03:13 - 2015-12-24 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-24 03:13 - 2015-12-24 03:19 - 00000000 ____D C:\ProgramData\Avira 2015-12-24 03:13 - 2015-12-24 03:13 - 00001210 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-12-24 03:13 - 2015-12-24 03:13 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-24 02:53 - 2015-12-24 03:19 - 00000000 ____D C:\Program Files (x86)\Avira 2015-12-24 02:43 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-24 02:43 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-24 02:43 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-24 02:43 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-24 02:43 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-24 02:43 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-24 02:43 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-24 02:43 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-24 02:43 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-24 02:43 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-24 02:43 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-24 02:43 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-24 02:43 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-24 02:43 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-24 02:43 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-24 02:43 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-24 02:43 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-24 02:43 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-24 02:43 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-24 02:43 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-24 02:43 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-24 02:43 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-24 02:43 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-24 02:43 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-24 02:43 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-24 02:43 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-24 02:43 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-24 02:43 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-24 02:43 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-24 02:43 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-24 02:43 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-24 02:43 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-24 02:43 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-24 02:43 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-24 02:43 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-24 02:43 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-24 02:43 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-24 02:43 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-24 02:43 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-24 02:43 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-24 02:43 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-24 02:43 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-24 02:43 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-24 02:43 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-24 02:43 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-24 02:43 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-24 02:43 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-24 02:43 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-24 02:43 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-24 02:43 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-24 02:43 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-24 02:43 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-24 02:43 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-24 02:43 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-24 02:43 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-24 02:43 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-24 02:43 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-24 02:43 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-24 02:43 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-24 02:43 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-24 02:43 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-24 02:43 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-24 02:43 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-24 02:43 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-24 02:43 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-24 02:43 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-24 02:43 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-24 02:43 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-24 02:43 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-24 02:43 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-24 02:43 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-24 02:43 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-24 02:43 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-24 02:43 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-24 02:43 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-24 02:43 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-24 02:43 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-12-24 02:43 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2015-12-24 02:43 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-24 02:43 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-24 02:43 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-24 02:41 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-24 02:41 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-09 11:04 - 2015-12-09 11:04 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-07 18:21 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115- 601632D005A0 2016-01-07 18:21 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115- 601632D005A0 2016-01-07 17:09 - 2015-12-01 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-07 15:52 - 2015-10-14 15:23 - 00002054 _____ C:\Users\Public\Desktop\Wise Care 365.lnk 2016-01-07 15:30 - 2015-12-02 02:58 - 00000000 ____D C:\Users\Nutzer 1\.mediathek3 2016-01-07 15:26 - 2015-10-14 15:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Wise Care 365 2016-01-07 15:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-03 20:26 - 2011-04-12 08:43 - 00699340 _____ C:\Windows\system32\perfh007.dat 2016-01-03 20:26 - 2011-04-12 08:43 - 00149448 _____ C:\Windows\system32\perfc007.dat 2016-01-03 20:26 - 2009-07-14 06:13 - 01619272 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-03 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-01-02 02:03 - 2015-12-02 15:58 - 00000000 ____D C:\Users\Nutzer 1\AppData\Local\Adobe 2015-12-25 19:01 - 2015-12-01 23:31 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 2015-12-25 14:10 - 2015-10-15 08:54 - 00113816 _____ C:\Users\Nutzer 1\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-25 14:08 - 2015-10-14 19:41 - 00437608 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-25 00:48 - 2015-10-14 15:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-12-25 00:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-25 00:08 - 2015-10-15 13:30 - 00000000 ____D C:\Users\Nutzer 1\AppData\Roaming\Wise Care 365 2015-12-24 15:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-12-24 14:16 - 2015-10-15 08:33 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-12-24 14:16 - 2015-10-15 08:33 - 00000000 ___SD C:\Windows\system32\GWX 2015-12-24 03:48 - 2015-10-15 01:35 - 00000000 ____D C:\Windows\system32\MRT 2015-12-24 03:45 - 2015-10-15 01:35 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-24 03:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-12-24 02:47 - 2009-07-14 06:08 - 00014742 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-24 02:36 - 2015-12-01 22:58 - 00000000 ____D C:\Program Files\Microsoft Office 15 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-01-04 13:54 - 2016-01-04 13:54 - 0003584 _____ () C:\Users\Nutzer 1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-10-14 20:39 - 2015-10-14 21:10 - 0000743 _____ () C:\ProgramData\profile.xml Einige Dateien in TEMP: ==================== C:\Users\Nutzer 1\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator ==================== Ende von FRST.txt ============================ Geändert von schön (07.01.2016 um 19:21 Uhr) |
|
07.01.2016, 19:23
| #4 |
| | Fremdzugriff Trojaner, PUP.Optional.MindSpake?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Nutzer 1 (2016-01-07 18:25:21)
Gestartet von D:\Software\Viren\FRST
Windows 7 Professional Service Pack 1 (X64) (2015-10-14 14:06:36)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-2344377078-39533511-3171030454-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2344377078-39533511-3171030454-500 - Administrator - Disabled)
Gast (S-1-5-21-2344377078-39533511-3171030454-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2344377078-39533511-3171030454-1002 - Limited - Enabled)
Nutzer 1 (S-1-5-21-2344377078-39533511-3171030454-1003 - Limited - Enabled) => C:\Users\Nutzer 1
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Enabled - Up to date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Ad-Aware Antivirus (Enabled - Up to date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Enabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten
manuell deinstalliert werden.)
ABBYY FineReader 5.0 Home Edition (HKLM-x32\...\ABBYY FineReader 5.0 Home Edition) (Version: 5.0 - ABBYY Software House)
Ad-Aware Antivirus (HKLM\...\{9A711B34-77B5-4DDA-A97E-2FD6663729E1}_AdAwareUpdater) (Version: 11.9.696.8769 - Lavasoft)
AdAwareInstaller (Version: 11.9.696.8769 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.9.696.8769 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.4205.0 - Lavasoft) Hidden
ArcSoft TotalMedia 3.5 (HKLM-x32\...\InstallShield_{0182A227-9142-4A8D-B545-DAEDEE91EAF1}) (Version: 3.5.65.1038 - ArcSoft)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.56.1015 - ArcSoft) Hidden
ATI Catalyst Install Manager (HKLM\...\{2D72F1FD-EE8C-BE86-AE58-7B2AB235923F}) (Version: 3.0.790.0 - ATI Technologies, Inc.)
AvcEngine (Version: 3.11.11387.0 - Lavasoft) Hidden
AVerMedia A820 USB DVB-T 8.0.64.48 (HKLM-x32\...\AVerMedia A820 USB DVB-T) (Version: 8.0.64.48 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.5.15071301 - AVerMedia Technologies, Inc.)
AVerTV 3D (x32 Version: 6.9.1.5.15071301 - AVerMedia Technologies, Inc.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden
Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.01 - Broadcom Corporation)
calibre 64bit (HKLM\...\{D8905AF6-9F72-4BD8-BF37-51C5760B3CD5}) (Version: 2.48.0 - Kovid Goyal)
ccc-core-static (x32 Version: 2010.0831.2142.37073 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2311 - CyberLink Corp.)
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.0.9 - Lenovo)
FaxTalk Communicator SE 4.7 (HKLM-x32\...\{4477B161-C8F1-42D3-85B0-2037760CA86C}) (Version: 4.70.1008 - Thought Communications)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.38.3 - JMicron Technology Corp.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 1.0.6.3 - Suyin Optronics Corp.)
Lenovo ReadyComm 5 (HKLM-x32\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.20 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM-x32\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LSI USB 2.0 Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.102 - LSI Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 -
Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 -
Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft
Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11700.17.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12400.25.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{89590A73-9AC3-48ED-B83E-6489900DED5A}) (Version: 10.5.10000 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11300.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
StarMoney (x32 Version: 4.0.8.25 - StarFinanz) Hidden
StarMoney 9.0 (HKLM-x32\...\{DFB5F45A-02DD-4B9F-B98E-959C67DB0203}) (Version: 9.0 - Star Finanz GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.18.0 - Synaptics Incorporated)
TSST OEM Content (HKLM-x32\...\{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}) (Version: 10.0.10300.0.0 - Nero AG)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1
- Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat
aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat
aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht
verschoben.)
Task: C:\Windows\Tasks\Wise Care 365.job =>
Task: C:\Windows\Tasks\Wise Turbo Checker.job =>
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2009-07-01 17:54 - 2009-07-01 17:54 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 02794744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
\11.9.696.8769\AdAwareShellExtension.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\RCF.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
\11.9.696.8769\boost_filesystem-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_system-
vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 09574112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe
2015-12-09 17:58 - 2015-12-09 17:58 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
\11.9.696.8769\boost_date_time-vc120-mt-1_57.dll
2015-12-09 17:59 - 2015-12-09 17:59 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_thread-
vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_chrono-
vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_locale-
vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 02266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
\11.9.696.8769\HtmlFramework.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
\11.9.696.8769\AdAwareTrayDefaultSkin.dll
2015-10-14 20:03 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2015-10-14 20:03 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2015-12-25 00:44 - 2015-12-05 19:59 - 00168768 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2010-08-26 12:47 - 2010-08-26 12:47 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-31 19:41 - 2010-08-31 19:41 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2344377078-39533511-3171030454-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer 1\AppData\Roaming\Microsoft\Windows\Themes
\TranscodedWallpaper.jpg
DNS Servers: 192.168.179.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat
aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B940262B-994B-40C7-B03D-F51FDB416118}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{974DD425-E83D-49D2-9D64-6F3556D0CE20}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{907CB21D-201F-416C-8F56-8805DCD4159B}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{3278E16A-7911-4CCF-BE00-816D6E949132}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{8F37EBD6-768E-4537-8F04-9E0F59511598}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{52D7F314-5314-401C-81CE-95F1E4E18629}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{559BE821-6B8A-434E-9520-F5E1488C1CBE}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe
FirewallRules: [{2DFF9051-8DBC-43DB-B4F5-13110066D8F4}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{0ADFE73F-D97D-4B4E-80F9-060EA3797EA3}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{41A7EA75-0312-4E83-A022-8FF07EA7A695}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{F854FE18-1382-44A2-8D07-DA1EC0BE594A}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{C074DD3E-C91D-4322-9B37-5F860649A469}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{3072A53A-632F-4D07-8FCB-D4D152642553}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{50032ED2-82B8-496F-933A-F9BBA02FE7D2}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{C86EC80C-E644-4089-A8BC-B29449512C6C}] => (Allow) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{E6094B5B-306B-4669-9BD9-107DA9BFB03E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B75A37DA-A552-44E2-9FCE-C7964482385C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{67DA4A7A-B26F-4B82-A8F3-F3236ECE5915}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{8FE8A4BD-5EB3-4656-B0A2-E855EA523382}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C22958A6-A9C1-40A6-AE74-A762E4CC2980}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{3E4755D2-42B8-437A-BB5A-A44D8618495C}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{25433868-AB5C-4270-9A6B-9EAD85B39BA1}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{B77ECE04-707B-421C-BDAA-1038EBB31644}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{9352AFD7-FA02-406E-A757-CC0874E4348B}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{EC7E6298-A6F6-456F-B43A-645AFC0C5BCB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20E86214-C074-4D97-823F-84806C9D3953}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/07/2016 04:32:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.1.5828, Zeitstempel: 0x56723a12
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.1.5828, Zeitstempel: 0x56722c0b
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed63
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/07/2016 03:25:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND
TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2016 12:56:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND
TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2016 01:48:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.1.5828, Zeitstempel: 0x56723a12
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.1.5828, Zeitstempel: 0x56722c0b
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed63
ID des fehlerhaften Prozesses: 0x1a94
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/04/2016 03:45:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.1.5828, Zeitstempel: 0x56723a12
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.1.5828, Zeitstempel: 0x56722c0b
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed63
ID des fehlerhaften Prozesses: 0x132c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/04/2016 03:30:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND
TargetInstance.LoadPercentage > 990x80041003
Error: (01/04/2016 06:28:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND
TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2016 06:26:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.1.5828, Zeitstempel: 0x56723a12
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.1.5828, Zeitstempel: 0x56722c0b
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed63
ID des fehlerhaften Prozesses: 0x22d8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/03/2016 01:46:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.1.5828, Zeitstempel: 0x56723a12
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.1.5828, Zeitstempel: 0x56722c0b
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed63
ID des fehlerhaften Prozesses: 0x1b58
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/02/2016 07:14:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in
Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile
UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (01/07/2016 03:24:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/06/2016 12:56:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/04/2016 03:30:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/04/2016 06:33:07 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (01/04/2016 06:28:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/04/2016 12:23:10 AM) (Source: DCOM) (EventID: 10016) (User: PC-486)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}PC-486Nutzer 1S-1-5-21-
2344377078-39533511-3171030454-1003LocalHost (unter Verwendung von LRPC)
Error: (01/04/2016 12:23:10 AM) (Source: DCOM) (EventID: 10016) (User: PC-486)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}PC-486Nutzer 1S-1-5-21-
2344377078-39533511-3171030454-1003LocalHost (unter Verwendung von LRPC)
Error: (01/03/2016 08:18:53 PM) (Source: DCOM) (EventID: 10016) (User: PC-486)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}PC-486Nutzer 1S-1-5-21-
2344377078-39533511-3171030454-1003LocalHost (unter Verwendung von LRPC)
Error: (01/03/2016 08:18:53 PM) (Source: DCOM) (EventID: 10016) (User: PC-486)
Description: AnwendungsspezifischLokalAktivierung{7D1933CB-86F6-4A98-8628-01BE94C9A575}{F290BFB2-1864-45B1-8804-2654194A87E7}PC-486Nutzer 1S-1-5-21-
2344377078-39533511-3171030454-1003LocalHost (unter Verwendung von LRPC)
Error: (01/03/2016 08:02:20 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \...\DR3 gefunden.
CodeIntegrity:
===================================
Date: 2015-10-14 21:52:57.293
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz
seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-14 21:49:56.811
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz
seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Prozentuale Nutzung des RAM: 65%
Installierter physikalischer RAM: 5940.48 MB
Verfügbarer physikalischer RAM: 2070.78 MB
Summe virtueller Speicher: 11879.16 MB
Verfügbarer virtueller Speicher: 8078.04 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:243.21 GB) (Free:188.82 GB) NTFS
Drive d: () (Fixed) (Total:1386.72 GB) (Free:589.01 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
07.01.2016, 19:30
| #5 |
| |  Fremdzugriff Trojaner, PUP.Optional.MindSpake?HTML-Code: 18:32:35.0837 0x1fdc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:32:40.0967 0x1fdc ============================================================
18:32:40.0967 0x1fdc Current date / time: 2016/01/07 18:32:40.0967
18:32:40.0967 0x1fdc SystemInfo:
18:32:40.0967 0x1fdc
18:32:40.0967 0x1fdc OS Version: 6.1.7601 ServicePack: 1.0
18:32:40.0967 0x1fdc Product type: Workstation
18:32:40.0967 0x1fdc ComputerName: PC-486
18:32:40.0967 0x1fdc UserName: Admin
18:32:40.0967 0x1fdc Windows directory: C:\Windows
18:32:40.0967 0x1fdc System windows directory: C:\Windows
18:32:40.0967 0x1fdc Running under WOW64
18:32:40.0967 0x1fdc Processor architecture: Intel x64
18:32:40.0967 0x1fdc Number of processors: 4
18:32:40.0967 0x1fdc Page size: 0x1000
18:32:40.0967 0x1fdc Boot type: Normal boot
18:32:40.0967 0x1fdc ============================================================
18:32:44.0387 0x1fdc KLMD registered as C:\Windows\system32\drivers\76084247.sys
18:32:45.0287 0x1fdc System UUID: {A0575F4E-94CE-A4D4-EF03-E1390C054722}
18:32:46.0387 0x1fdc Drive \Device\Harddisk0\DR0 - Size: 0x1978903E000 ( 1630.14 Gb ), SectorSize: 0x200, Cylinders: 0x33F41, SectorsPerTrack: 0x3F,
TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:46.0407 0x1fdc ============================================================
18:32:46.0407 0x1fdc \Device\Harddisk0\DR0:
18:32:46.0407 0x1fdc MBR partitions:
18:32:46.0407 0x1fdc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:32:46.0407 0x1fdc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x32000
18:32:46.0407 0x1fdc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x65000, BlocksNum 0x1E66D901
18:32:46.0407 0x1fdc \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1E6D6000, BlocksNum 0xAD571800
18:32:46.0407 0x1fdc ============================================================
18:32:46.0427 0x1fdc C: <-> \Device\Harddisk0\DR0\Partition3
18:32:46.0467 0x1fdc D: <-> \Device\Harddisk0\DR0\Partition4
18:32:46.0487 0x1fdc F: <-> \Device\Harddisk0\DR0\Partition1
18:32:46.0507 0x1fdc ============================================================
18:32:46.0507 0x1fdc Initialize success
18:32:46.0507 0x1fdc ============================================================
18:34:24.0269 0x06d0 ============================================================
18:34:24.0269 0x06d0 Scan started
18:34:24.0269 0x06d0 Mode: Manual; SigCheck; TDLFS;
18:34:24.0269 0x06d0 ============================================================
18:34:24.0269 0x06d0 KSN ping started
18:34:26.0719 0x06d0 KSN ping finished: true
18:34:30.0059 0x06d0 ================ Scan system memory ========================
18:34:30.0059 0x06d0 System memory - ok
18:34:30.0059 0x06d0 ================ Scan services =============================
18:34:30.0259 0x06d0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:
\Windows\system32\drivers\1394ohci.sys
18:34:30.0389 0x06d0 1394ohci - ok
18:34:30.0429 0x06d0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:
\Windows\system32\drivers\ACPI.sys
18:34:30.0449 0x06d0 ACPI - ok
18:34:30.0459 0x06d0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:
\Windows\system32\drivers\acpipmi.sys
18:34:30.0499 0x06d0 AcpiPmi - ok
18:34:30.0539 0x06d0 [ DC201246A14CB3B274DF59FAF539AB07, D4DAED256E9EDD5ADD7384E9FD9F8DC2B1029543BC894367B582BA7119FABD94 ] ACPIVPC C:
\Windows\system32\DRIVERS\AcpiVpc.sys
18:34:30.0569 0x06d0 ACPIVPC - ok
18:34:30.0689 0x06d0 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:
\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:34:30.0739 0x06d0 AdobeARMservice - ok
18:34:30.0759 0x06d0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:
\Windows\system32\drivers\adp94xx.sys
18:34:30.0789 0x06d0 adp94xx - ok
18:34:30.0799 0x06d0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:
\Windows\system32\drivers\adpahci.sys
18:34:30.0819 0x06d0 adpahci - ok
18:34:30.0829 0x06d0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:
\Windows\system32\drivers\adpu320.sys
18:34:30.0849 0x06d0 adpu320 - ok
18:34:30.0869 0x06d0 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:
\Windows\System32\aelupsvc.dll
18:34:30.0889 0x06d0 AeLookupSvc - ok
18:34:30.0949 0x06d0 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:
\Windows\system32\drivers\afd.sys
18:34:31.0009 0x06d0 AFD - ok
18:34:31.0049 0x06d0 [ 48008D4EA73C1058F36D323A644410D4, D0219AE0197BBD4C7BD75CD7564013B11497562F71C97918856B176942D86F65 ] AgereModemAudio C:
\Program Files\LSI SoftModem\agr64svc.exe
18:34:31.0059 0x06d0 AgereModemAudio - ok
18:34:31.0129 0x06d0 [ D7CF6568AA20A5B5CDBFECD097B615DB, 3562A62BAC2DFF2A8766BE129109BFEDF54AE09C63D65C93E9FE4ACDEA82B6AC ] AgereSoftModem C:
\Windows\system32\DRIVERS\agrsm64.sys
18:34:31.0179 0x06d0 AgereSoftModem - ok
18:34:31.0199 0x06d0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:
\Windows\system32\drivers\agp440.sys
18:34:31.0219 0x06d0 agp440 - ok
18:34:31.0249 0x06d0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:
\Windows\System32\alg.exe
18:34:31.0289 0x06d0 ALG - ok
18:34:31.0329 0x06d0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:
\Windows\system32\drivers\aliide.sys
18:34:31.0339 0x06d0 aliide - ok
18:34:31.0389 0x06d0 [ B785CD25C44778EAFBFC747F3C2A0F5B, 6C40729265A9757820794F318489F21DFB6D8A55ECA659EF1C313E18F7CB3655 ] AMD External Events
Utility C:\Windows\system32\atiesrxx.exe
18:34:31.0449 0x06d0 AMD External Events Utility - ok
18:34:31.0469 0x06d0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:
\Windows\system32\drivers\amdide.sys
18:34:31.0479 0x06d0 amdide - ok
18:34:31.0489 0x06d0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:
\Windows\system32\drivers\amdk8.sys
18:34:31.0519 0x06d0 AmdK8 - ok
18:34:31.0849 0x06d0 [ E1BFA9B149C3E97231620B69CA157124, 11C21BC74A81BDC9EAD78EB295B9D8C5DB46F365128B1BCF1D0932A04520CB82 ] amdkmdag C:
\Windows\system32\DRIVERS\atikmdag.sys
18:34:32.0049 0x06d0 amdkmdag - ok
18:34:32.0089 0x06d0 [ 388C139131D117AC4C66E43064C10EA8, 5006386343474238C6F297CB05561C370A93D28E355F8BF692A8D65DCC78CEAB ] amdkmdap C:
\Windows\system32\DRIVERS\atikmpag.sys
18:34:32.0119 0x06d0 amdkmdap - ok
18:34:32.0129 0x06d0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:
\Windows\system32\drivers\amdppm.sys
18:34:32.0149 0x06d0 AmdPPM - ok
18:34:32.0189 0x06d0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:
\Windows\system32\drivers\amdsata.sys
18:34:32.0209 0x06d0 amdsata - ok
18:34:32.0229 0x06d0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:
\Windows\system32\drivers\amdsbs.sys
18:34:32.0269 0x06d0 amdsbs - ok
18:34:32.0289 0x06d0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:
\Windows\system32\drivers\amdxata.sys
18:34:32.0299 0x06d0 amdxata - ok
18:34:32.0379 0x06d0 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:
\Program Files (x86)\Avira\Antivirus\avmailc7.exe
18:34:32.0429 0x06d0 AntiVirMailService - ok
18:34:32.0479 0x06d0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService
C:\Program Files (x86)\Avira\Antivirus\sched.exe
18:34:32.0519 0x06d0 AntiVirSchedulerService - ok
18:34:32.0549 0x06d0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:
\Program Files (x86)\Avira\Antivirus\avguard.exe
18:34:32.0589 0x06d0 AntiVirService - ok
18:34:32.0629 0x06d0 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:
\Program Files (x86)\Avira\Antivirus\avwebg7.exe
18:34:32.0779 0x06d0 AntiVirWebService - ok
18:34:32.0829 0x06d0 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:
\Windows\system32\drivers\appid.sys
18:34:32.0859 0x06d0 AppID - ok
18:34:32.0879 0x06d0 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:
\Windows\System32\appidsvc.dll
18:34:32.0899 0x06d0 AppIDSvc - ok
18:34:32.0939 0x06d0 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:
\Windows\System32\appinfo.dll
18:34:32.0959 0x06d0 Appinfo - ok
18:34:33.0019 0x06d0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:
\Windows\System32\appmgmts.dll
18:34:33.0069 0x06d0 AppMgmt - ok
18:34:33.0109 0x06d0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:
\Windows\system32\drivers\arc.sys
18:34:33.0139 0x06d0 arc - ok
18:34:33.0139 0x06d0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:
\Windows\system32\drivers\arcsas.sys
18:34:33.0159 0x06d0 arcsas - ok
18:34:33.0289 0x06d0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:
\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:34:33.0359 0x06d0 aspnet_state - ok
18:34:33.0389 0x06d0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:
\Windows\system32\DRIVERS\asyncmac.sys
18:34:33.0439 0x06d0 AsyncMac - ok
18:34:33.0469 0x06d0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:
\Windows\system32\drivers\atapi.sys
18:34:33.0489 0x06d0 atapi - ok
18:34:33.0549 0x06d0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:
\Windows\System32\Audiosrv.dll
18:34:33.0579 0x06d0 AudioEndpointBuilder - ok
18:34:33.0599 0x06d0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:
\Windows\System32\Audiosrv.dll
18:34:33.0629 0x06d0 AudioSrv - ok
18:34:33.0679 0x06d0 [ 9845EF176613C9E325A1CA4B40925F69, B37EDAA45B5767F45CEA128799570B6F2084BA84E672B6FCEAF920296FD3AED6 ] avc3 C:
\Windows\system32\DRIVERS\avc3.sys
18:34:33.0739 0x06d0 avc3 - ok
18:34:33.0849 0x06d0 [ A692B4E9773CD0BDCE99DEEB0AB5D3AC, 7DE2D61857E98D319D6BF66B12C6450E6C5F299EEB781AFA29473471E9ED504C ] avchv C:
\Windows\system32\DRIVERS\avchv.sys
18:34:33.0879 0x06d0 avchv - ok
18:34:33.0919 0x06d0 [ 1B25E559C0AE349206641C9DED74D02F, 8E5210A98B2950C0B7086EF08E0E49D4F05933F5FB98F852614E5E5083731438 ] avckf C:
\Windows\system32\DRIVERS\avckf.sys
18:34:33.0949 0x06d0 avckf - ok
18:34:33.0999 0x06d0 [ 2C52BA375AFF7CC92A73CF289DFCABF2, A2037FA89F716DE37E0A0FEDFC15A2C24D9E5FDB3FD40E054FB014815DB10278 ] AVerAF35 C:
\Windows\system32\Drivers\AVerAF35.sys
18:34:34.0029 0x06d0 AVerAF35 - ok
18:34:34.0089 0x06d0 [ 7DDEE89EE71C8C551D5A2731722314BB, 1DD19E32BEF02BF6233AB0220471583600D2A6D77917B564883075E950A7E235 ] AVerRemote C:
\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
18:34:34.0129 0x06d0 AVerRemote - ok
18:34:34.0159 0x06d0 [ 59036A365E0F06A2688DC691688E54C9, BC71E3F1A01EDBAA0BB483AFC9F28A59BD10ACF52B17A989D24C86C00DB0E870 ] AVerScheduleService C:
\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
18:34:34.0189 0x06d0 AVerScheduleService - ok
18:34:34.0239 0x06d0 [ AE8514AE8BD0149625AA3EB16050ABC4, FB424F0D99CA760B03E54DF36F189DD0F5EE04F6F97321197DA177CFDB5771A3 ] AVerUpdateServer C:
\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
18:34:34.0269 0x06d0 AVerUpdateServer - detected UnsignedFile.Multi.Generic ( 1 )
18:34:35.0299 0x1b64 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
18:34:36.0789 0x06d0 AVerUpdateServer ( UnsignedFile.Multi.Generic ) - warning
18:34:37.0849 0x1b64 Object send P2P result: true
18:34:37.0849 0x1b64 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
18:34:39.0279 0x06d0 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:
\Windows\system32\DRIVERS\avgntflt.sys
18:34:39.0309 0x06d0 avgntflt - ok
18:34:39.0329 0x06d0 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:
\Windows\system32\DRIVERS\avipbb.sys
18:34:39.0349 0x06d0 avipbb - ok
18:34:39.0429 0x06d0 [ BB73DD7B20132FB1A30990E025DEA1E4, 6A474ABB8B2D696ECBC50D717AF11E8F77DA65DEDA4B663E4496B89F624847DE ] Avira.ServiceHost C:
\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:34:39.0459 0x06d0 Avira.ServiceHost - ok
18:34:39.0479 0x06d0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:
\Windows\system32\DRIVERS\avkmgr.sys
18:34:39.0489 0x06d0 avkmgr - ok
18:34:39.0499 0x06d0 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:
\Windows\system32\DRIVERS\avnetflt.sys
18:34:39.0519 0x06d0 avnetflt - ok
18:34:39.0549 0x06d0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:
\Windows\System32\AxInstSV.dll
18:34:39.0569 0x06d0 AxInstSV - ok
18:34:39.0659 0x06d0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:
\Windows\system32\drivers\bxvbda.sys
18:34:39.0729 0x06d0 b06bdrv - ok
18:34:39.0769 0x06d0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:
\Windows\system32\DRIVERS\b57nd60a.sys
18:34:39.0789 0x06d0 b57nd60a - ok
18:34:39.0909 0x06d0 [ 5B5C36B2EC500462A715DB6BCBAF5DA7, E90EB94C89CDA0D7D6569316BFB4015CC42961076BF837ED0C931E7CBAA2BFE5 ] BCM43XX C:
\Windows\system32\DRIVERS\bcmwl664.sys
18:34:39.0999 0x06d0 BCM43XX - ok
18:34:40.0039 0x06d0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:
\Windows\System32\bdesvc.dll
18:34:40.0049 0x06d0 BDESVC - ok
18:34:40.0149 0x06d0 [ 9920B815BC3B3F2D69071842DD18D422, 80D91191A49C7BA68C968C4FFED4F7A24E7C8F4169C7B45B4F55BBE6F6F22ED2 ] BdfNdisf c:
\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys
18:34:40.0169 0x06d0 BdfNdisf - ok
18:34:40.0199 0x06d0 [ A626DCB25F09E117421E1021CA3D22A0, D2BA10E7EFBE03589DC7AD088E1A1672539C83C427D9C88838DA5C1B92F65AC3 ] bdfwfpf C:
\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys
18:34:40.0219 0x06d0 bdfwfpf - ok
18:34:40.0239 0x06d0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:
\Windows\system32\drivers\Beep.sys
18:34:40.0319 0x06d0 Beep - ok
18:34:40.0339 0x1b64 Object send P2P result: true
18:34:40.0339 0x1b64 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
18:34:40.0379 0x06d0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:
\Windows\System32\bfe.dll
18:34:40.0419 0x06d0 BFE - ok
18:34:40.0459 0x06d0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:
\Windows\System32\qmgr.dll
18:34:40.0599 0x06d0 BITS - ok
18:34:40.0619 0x06d0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:
\Windows\system32\DRIVERS\blbdrive.sys
18:34:40.0639 0x06d0 blbdrive - ok
18:34:40.0669 0x06d0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:
\Windows\system32\DRIVERS\bowser.sys
18:34:40.0709 0x06d0 bowser - ok
18:34:40.0729 0x06d0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:
\Windows\system32\drivers\BrFiltLo.sys
18:34:40.0769 0x06d0 BrFiltLo - ok
18:34:40.0769 0x06d0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:
\Windows\system32\drivers\BrFiltUp.sys
18:34:40.0789 0x06d0 BrFiltUp - ok
18:34:40.0829 0x06d0 [ 34F786535F9245E4028C57B28248C9D8, 95CB2B765BF4388A9204A8A974DCFF431CBC26E7274937386720514FF23871CB ] Bridge0 C:
\Windows\system32\drivers\WDBridge.sys
18:34:40.0849 0x06d0 Bridge0 - ok
18:34:40.0879 0x06d0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:
\Windows\System32\browser.dll
18:34:40.0899 0x06d0 Browser - ok
18:34:40.0909 0x06d0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:
\Windows\System32\Drivers\Brserid.sys
18:34:40.0939 0x06d0 Brserid - ok
18:34:40.0949 0x06d0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:
\Windows\System32\Drivers\BrSerWdm.sys
18:34:40.0969 0x06d0 BrSerWdm - ok
18:34:40.0969 0x06d0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:
\Windows\System32\Drivers\BrUsbMdm.sys
18:34:41.0009 0x06d0 BrUsbMdm - ok
18:34:41.0009 0x06d0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:
\Windows\System32\Drivers\BrUsbSer.sys
18:34:41.0029 0x06d0 BrUsbSer - ok
18:34:41.0079 0x06d0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:
\Windows\system32\drivers\BthEnum.sys
18:34:41.0109 0x06d0 BthEnum - ok
18:34:41.0109 0x06d0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:
\Windows\system32\drivers\bthmodem.sys
18:34:41.0129 0x06d0 BTHMODEM - ok
18:34:41.0159 0x06d0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:
\Windows\system32\DRIVERS\bthpan.sys
18:34:41.0189 0x06d0 BthPan - ok
18:34:41.0199 0x06d0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:
\Windows\System32\Drivers\BTHport.sys
18:34:41.0229 0x06d0 BTHPORT - ok
18:34:41.0269 0x06d0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:
\Windows\system32\bthserv.dll
18:34:41.0309 0x06d0 bthserv - ok
18:34:41.0379 0x06d0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:
\Windows\System32\Drivers\BTHUSB.sys
18:34:41.0419 0x06d0 BTHUSB - ok
18:34:41.0459 0x06d0 [ 6E04458E98DAF28826482E41A7A62DF5, 995B371E7384CC05D3A0B462B31A3EA56D8715A93D15B45DB3A78C7F7CF13A40 ] btusbflt C:
\Windows\system32\drivers\btusbflt.sys
18:34:41.0479 0x06d0 btusbflt - ok
18:34:41.0489 0x06d0 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B, 2A2039DD524E989EA91B7C91D5F295C663D1E27ABD64777D2F3137EB1C42C258 ] btwaudio C:
\Windows\system32\drivers\btwaudio.sys
18:34:41.0509 0x06d0 btwaudio - ok
18:34:41.0539 0x06d0 [ 82DC8B7C626E526681C1BEBED2BC3FF9, 58260E88CDD7388ABA563F9B8F2F3FA17022DB9E4C56EBA0761E99B919A8EAF8 ] btwavdt C:
\Windows\system32\DRIVERS\btwavdt.sys
18:34:41.0549 0x06d0 btwavdt - ok
18:34:41.0609 0x06d0 [ D65AA164ACD0F6706DBCFBBCC9731584, BC6E421E75CFF765D9152A8BAA847122DA1CA85A7CFDC8BE2082AD6CF1A2C7A9 ] btwdins C:
\Program Files\Lenovo\Bluetooth Software\btwdins.exe
18:34:41.0649 0x06d0 btwdins - ok
18:34:41.0659 0x06d0 [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap C:
\Windows\system32\DRIVERS\btwl2cap.sys
18:34:41.0679 0x06d0 btwl2cap - ok
18:34:41.0709 0x06d0 [ 28E105AD3B79F440BF94780F507BF66A, EF4E6CCAB16765E2C88666625C13CB3299B668159A94CB201E3B44701A30640A ] btwrchid C:
\Windows\system32\DRIVERS\btwrchid.sys
18:34:41.0729 0x06d0 btwrchid - ok
18:34:41.0749 0x06d0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:
\Windows\system32\DRIVERS\cdfs.sys
18:34:41.0789 0x06d0 cdfs - ok
18:34:41.0839 0x06d0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:
\Windows\system32\DRIVERS\cdrom.sys
18:34:41.0879 0x06d0 cdrom - ok
18:34:41.0909 0x06d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:
\Windows\System32\certprop.dll
18:34:41.0949 0x06d0 CertPropSvc - ok
18:34:41.0979 0x06d0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:
\Windows\system32\DRIVERS\circlass.sys
18:34:41.0999 0x06d0 circlass - ok
18:34:42.0039 0x06d0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:
\Windows\system32\CLFS.sys
18:34:42.0059 0x06d0 CLFS - ok
18:34:42.0279 0x06d0 [ 7A36AD856A17AFB1EBAAD3C5BF1362A1, 9779501A2B733B6F2855E421115C0123AC3A67715E7E7C85ACED58939DC0883D ] ClickToRunSvc C:
\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:34:42.0369 0x06d0 ClickToRunSvc - ok
18:34:42.0489 0x06d0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ]
clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:34:42.0529 0x06d0 clr_optimization_v2.0.50727_32 - ok
18:34:42.0539 0x06d0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ]
clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:34:42.0569 0x06d0 clr_optimization_v2.0.50727_64 - ok
18:34:42.0629 0x06d0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ]
clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:42.0739 0x06d0 clr_optimization_v4.0.30319_32 - ok
18:34:42.0759 0x06d0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ]
clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:34:42.0799 0x06d0 clr_optimization_v4.0.30319_64 - ok
18:34:42.0829 0x1b64 Object send P2P result: true
18:34:42.0829 0x1b64 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
18:34:42.0839 0x06d0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:
\Windows\system32\DRIVERS\CmBatt.sys
18:34:42.0869 0x06d0 CmBatt - ok
18:34:42.0879 0x06d0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:
\Windows\system32\drivers\cmdide.sys
18:34:42.0889 0x06d0 cmdide - ok
18:34:42.0949 0x06d0 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:
\Windows\system32\Drivers\cng.sys
18:34:42.0979 0x06d0 CNG - ok
18:34:43.0009 0x06d0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:
\Windows\system32\DRIVERS\compbatt.sys
18:34:43.0029 0x06d0 Compbatt - ok
18:34:43.0049 0x06d0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:
\Windows\system32\DRIVERS\CompositeBus.sys
18:34:43.0069 0x06d0 CompositeBus - ok
18:34:43.0079 0x06d0 COMSysApp - ok
18:34:43.0099 0x06d0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:
\Windows\system32\drivers\crcdisk.sys
18:34:43.0129 0x06d0 crcdisk - ok
18:34:43.0159 0x06d0 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:
\Windows\system32\cryptsvc.dll
18:34:43.0179 0x06d0 CryptSvc - ok
18:34:43.0219 0x06d0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:
\Windows\system32\drivers\csc.sys
18:34:43.0269 0x06d0 CSC - ok
18:34:43.0299 0x06d0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:
\Windows\System32\cscsvc.dll
18:34:43.0339 0x06d0 CscService - ok
18:34:43.0379 0x06d0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:
\Windows\system32\rpcss.dll
18:34:43.0439 0x06d0 DcomLaunch - ok
18:34:43.0539 0x06d0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:
\Windows\System32\defragsvc.dll
18:34:43.0599 0x06d0 defragsvc - ok
18:34:43.0609 0x06d0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:
\Windows\system32\Drivers\dfsc.sys
18:34:43.0649 0x06d0 DfsC - ok
18:34:43.0669 0x06d0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:
\Windows\system32\dhcpcore.dll
18:34:43.0699 0x06d0 Dhcp - ok
18:34:43.0779 0x06d0 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:
\Windows\system32\diagtrack.dll
18:34:43.0859 0x06d0 DiagTrack - ok
18:34:43.0889 0x06d0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:
\Windows\system32\drivers\discache.sys
18:34:43.0929 0x06d0 discache - ok
18:34:43.0969 0x06d0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:
\Windows\system32\drivers\disk.sys
18:34:43.0979 0x06d0 Disk - ok
18:34:44.0009 0x06d0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:
\Windows\system32\drivers\dmvsc.sys
18:34:44.0039 0x06d0 dmvsc - ok
18:34:44.0079 0x06d0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:
\Windows\System32\dnsrslvr.dll
18:34:44.0189 0x06d0 Dnscache - ok
18:34:44.0229 0x06d0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:
\Windows\System32\dot3svc.dll
18:34:44.0279 0x06d0 dot3svc - ok
18:34:44.0299 0x06d0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:
\Windows\system32\dps.dll
18:34:44.0339 0x06d0 DPS - ok
18:34:44.0379 0x06d0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:
\Windows\system32\drivers\drmkaud.sys
18:34:44.0389 0x06d0 drmkaud - ok
18:34:44.0439 0x06d0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:
\Windows\System32\drivers\dxgkrnl.sys
18:34:44.0479 0x06d0 DXGKrnl - ok
18:34:44.0509 0x06d0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:
\Windows\System32\eapsvc.dll
18:34:44.0549 0x06d0 EapHost - ok
18:34:44.0699 0x06d0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:
\Windows\system32\drivers\evbda.sys
18:34:44.0809 0x06d0 ebdrv - ok
18:34:44.0849 0x06d0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:
\Windows\System32\lsass.exe
18:34:44.0889 0x06d0 EFS - ok
18:34:44.0969 0x06d0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:
\Windows\ehome\ehRecvr.exe
18:34:45.0029 0x06d0 ehRecvr - ok
18:34:45.0029 0x06d0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:
\Windows\ehome\ehsched.exe
18:34:45.0069 0x06d0 ehSched - ok
18:34:45.0119 0x06d0 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:
\Windows\system32\Drivers\ElbyCDIO.sys
18:34:45.0159 0x06d0 ElbyCDIO - ok
18:34:45.0199 0x06d0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:
\Windows\system32\drivers\elxstor.sys
18:34:45.0239 0x06d0 elxstor - ok
18:34:45.0239 0x06d0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:
\Windows\system32\drivers\errdev.sys
18:34:45.0259 0x06d0 ErrDev - ok
18:34:45.0299 0x06d0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:
\Windows\system32\es.dll
18:34:45.0299 0x1b64 Object send P2P result: true
18:34:45.0349 0x06d0 EventSystem - ok
18:34:45.0379 0x06d0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:
\Windows\system32\drivers\exfat.sys
18:34:45.0429 0x06d0 exfat - ok
18:34:45.0449 0x06d0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:
\Windows\system32\drivers\fastfat.sys
18:34:45.0499 0x06d0 fastfat - ok
18:34:45.0539 0x06d0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:
\Windows\system32\fxssvc.exe
18:34:45.0649 0x06d0 Fax - ok
18:34:45.0659 0x06d0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:
\Windows\system32\drivers\fdc.sys
18:34:45.0679 0x06d0 fdc - ok
18:34:45.0709 0x06d0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:
\Windows\system32\fdPHost.dll
18:34:45.0749 0x06d0 fdPHost - ok
18:34:45.0759 0x06d0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:
\Windows\system32\fdrespub.dll
18:34:45.0799 0x06d0 FDResPub - ok
18:34:45.0819 0x06d0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:
\Windows\system32\drivers\fileinfo.sys
18:34:45.0849 0x06d0 FileInfo - ok
18:34:45.0849 0x06d0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:
\Windows\system32\drivers\filetrace.sys
18:34:45.0889 0x06d0 Filetrace - ok
18:34:45.0889 0x06d0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:
\Windows\system32\drivers\flpydisk.sys
18:34:45.0909 0x06d0 flpydisk - ok
18:34:45.0929 0x06d0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:
\Windows\system32\drivers\fltmgr.sys
18:34:45.0949 0x06d0 FltMgr - ok
18:34:46.0019 0x06d0 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:
\Windows\system32\FntCache.dll
18:34:46.0079 0x06d0 FontCache - ok
18:34:46.0139 0x06d0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:
\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:34:46.0169 0x06d0 FontCache3.0.0.0 - ok
18:34:46.0169 0x06d0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:
\Windows\system32\drivers\FsDepends.sys
18:34:46.0189 0x06d0 FsDepends - ok
18:34:46.0219 0x06d0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:
\Windows\system32\drivers\Fs_Rec.sys
18:34:46.0229 0x06d0 Fs_Rec - ok
18:34:46.0259 0x06d0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:
\Windows\system32\DRIVERS\fvevol.sys
18:34:46.0279 0x06d0 fvevol - ok
18:34:46.0309 0x06d0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:
\Windows\system32\drivers\gagp30kx.sys
18:34:46.0339 0x06d0 gagp30kx - ok
18:34:46.0379 0x06d0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:
\Windows\System32\gpsvc.dll
18:34:46.0439 0x06d0 gpsvc - ok
18:34:46.0509 0x06d0 [ C8B54E81501386A91B0E0BD596965C9B, DC2580D45BA96C81C0BC005781BBB5E70652A1CAA637FE1B779AB538B040BB97 ] gzflt C:
\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.99.0\gzflt.sys
18:34:46.0539 0x06d0 gzflt - ok
18:34:46.0549 0x06d0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:
\Windows\system32\drivers\hcw85cir.sys
18:34:46.0569 0x06d0 hcw85cir - ok
18:34:46.0609 0x06d0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:
\Windows\system32\drivers\HdAudio.sys
18:34:46.0719 0x06d0 HdAudAddService - ok
18:34:46.0749 0x06d0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:
\Windows\system32\DRIVERS\HDAudBus.sys
18:34:46.0789 0x06d0 HDAudBus - ok
18:34:46.0819 0x06d0 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:
\Windows\system32\DRIVERS\HECIx64.sys
18:34:46.0839 0x06d0 HECIx64 - ok
18:34:46.0839 0x06d0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:
\Windows\system32\drivers\HidBatt.sys
18:34:46.0869 0x06d0 HidBatt - ok
18:34:46.0879 0x06d0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:
\Windows\system32\drivers\hidbth.sys
18:34:46.0899 0x06d0 HidBth - ok
18:34:46.0909 0x06d0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:
\Windows\system32\drivers\hidir.sys
18:34:46.0939 0x06d0 HidIr - ok
18:34:46.0959 0x06d0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:
\Windows\system32\hidserv.dll
18:34:46.0999 0x06d0 hidserv - ok
18:34:47.0029 0x06d0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:
\Windows\system32\drivers\hidusb.sys
18:34:47.0069 0x06d0 HidUsb - ok
18:34:47.0099 0x06d0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:
\Windows\system32\kmsvc.dll
18:34:47.0149 0x06d0 hkmsvc - ok
18:34:47.0169 0x06d0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:
\Windows\system32\ListSvc.dll
18:34:47.0209 0x06d0 HomeGroupListener - ok
18:34:47.0229 0x06d0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:
\Windows\system32\provsvc.dll
18:34:47.0269 0x06d0 HomeGroupProvider - ok
18:34:47.0269 0x06d0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:
\Windows\system32\drivers\HpSAMD.sys
18:34:47.0289 0x06d0 HpSAMD - ok
18:34:47.0349 0x06d0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:
\Windows\system32\drivers\HTTP.sys
18:34:47.0399 0x06d0 HTTP - ok
18:34:47.0449 0x06d0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:
\Windows\system32\drivers\hwpolicy.sys
18:34:47.0459 0x06d0 hwpolicy - ok
18:34:47.0489 0x06d0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:
\Windows\system32\DRIVERS\i8042prt.sys
18:34:47.0519 0x06d0 i8042prt - ok
18:34:47.0559 0x06d0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:
\Windows\system32\drivers\iaStorV.sys
18:34:47.0599 0x06d0 iaStorV - ok
18:34:47.0679 0x06d0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:
\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:34:47.0769 0x06d0 idsvc - ok
18:34:47.0789 0x06d0 IEEtwCollectorService - ok
18:34:48.0119 0x06d0 [ 31569A2E836C12014148BF7342716946, 07DAEF864AF41E8669A6F2546967014C58898BD42C4C2FA1961F32311D083565 ] igfx C:
\Windows\system32\DRIVERS\igdkmd64.sys
18:34:48.0439 0x06d0 igfx - ok
18:34:48.0509 0x06d0 [ D951D20153E51928F9DB2227D6FF5C7A, 8D49F3D85452C65D5188C9516E89631E718A07E34176CF6FA0B1E02D8C18ABDB ] IGRS C:
\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
18:34:48.0559 0x06d0 IGRS - ok
18:34:48.0599 0x06d0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:
\Windows\system32\drivers\iirsp.sys
18:34:48.0609 0x06d0 iirsp - ok
18:34:48.0649 0x06d0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:
\Windows\System32\ikeext.dll
18:34:48.0699 0x06d0 IKEEXT - ok
18:34:48.0729 0x06d0 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:
\Windows\system32\DRIVERS\Impcd.sys
18:34:48.0759 0x06d0 Impcd - ok
18:34:48.0939 0x06d0 [ A3BCBD0F710580A07D1B929D787D36CE, D7608C1C2B2FF4DD0C4CEBC75594ADA35A6911A541ED5FF93AAB8610108E168A ] IntcAzAudAddService C:
\Windows\system32\drivers\RTKVHD64.sys
18:34:49.0009 0x06d0 IntcAzAudAddService - ok
18:34:49.0039 0x06d0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:
\Windows\system32\drivers\intelide.sys
18:34:49.0049 0x06d0 intelide - ok
18:34:49.0399 0x06d0 [ 31569A2E836C12014148BF7342716946, 07DAEF864AF41E8669A6F2546967014C58898BD42C4C2FA1961F32311D083565 ] intelkmd C:
\Windows\system32\DRIVERS\igdpmd64.sys
18:34:49.0709 0x06d0 intelkmd - ok
18:34:49.0759 0x06d0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:
\Windows\system32\DRIVERS\intelppm.sys
18:34:49.0769 0x06d0 intelppm - ok
18:34:49.0819 0x06d0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:
\Windows\system32\ipbusenum.dll
18:34:49.0909 0x06d0 IPBusEnum - ok
18:34:49.0929 0x06d0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:
\Windows\system32\DRIVERS\ipfltdrv.sys
18:34:49.0979 0x06d0 IpFilterDriver - ok
18:34:50.0029 0x06d0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:
\Windows\System32\iphlpsvc.dll
18:34:50.0069 0x06d0 iphlpsvc - ok
18:34:50.0079 0x06d0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:
\Windows\system32\drivers\IPMIDrv.sys
18:34:50.0099 0x06d0 IPMIDRV - ok
18:34:50.0099 0x06d0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:
\Windows\system32\drivers\ipnat.sys
18:34:50.0139 0x06d0 IPNAT - ok
18:34:50.0159 0x06d0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:
\Windows\system32\drivers\irenum.sys
18:34:50.0179 0x06d0 IRENUM - ok
18:34:50.0179 0x06d0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:
\Windows\system32\drivers\isapnp.sys
18:34:50.0199 0x06d0 isapnp - ok
18:34:50.0229 0x06d0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:
\Windows\system32\drivers\msiscsi.sys
18:34:50.0269 0x06d0 iScsiPrt - ok
18:34:50.0299 0x06d0 [ D98AE04F1AEDCFBCD5ACBCCCE4E6A6FF, DB24B495FADF9E1DA9635F16E147F29D7F55F0D1F14D785C6F39F2783D917409 ] JMCR C:
\Windows\system32\DRIVERS\jmcr.sys
18:34:50.0309 0x06d0 JMCR - ok
18:34:50.0349 0x06d0 [ 0657D82DB51DC7885ADCCACF44F9152E, E0CF7563C7F9F51E0CD84042C1639D324D69BDD034956B8B185BE40994D90285 ] JmUsbCcgp C:
\Windows\system32\DRIVERS\jmccgp.sys
18:34:50.0359 0x06d0 JmUsbCcgp - ok
18:34:50.0389 0x06d0 [ 336C3CFF23E447CDD898F0EE9DB952AE, EAE190232870021F5D90BD3A9DFBCA57A616FA446EF2C445C62314CFA45EAB71 ] JmUsbVideo C:
\Windows\system32\Drivers\jmcam.sys
18:34:50.0399 0x06d0 JmUsbVideo - ok
18:34:50.0419 0x06d0 [ 54D19A4F522380FB59290382EFE758D3, BA5CD4C79E93B208B1E7C927C529DDF22E8BE3680552DBD893DE3D86EE812054 ] JmUsbVideo2 C:
\Windows\system32\Drivers\jmcam_lo.sys
18:34:50.0429 0x06d0 JmUsbVideo2 - ok
18:34:50.0469 0x06d0 [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a C:
\Windows\system32\DRIVERS\k57nd60a.sys
18:34:50.0489 0x06d0 k57nd60a - ok
18:34:50.0509 0x06d0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:
\Windows\system32\DRIVERS\kbdclass.sys
18:34:50.0539 0x06d0 kbdclass - ok
18:34:50.0539 0x06d0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:
\Windows\system32\drivers\kbdhid.sys
18:34:50.0569 0x06d0 kbdhid - ok
18:34:50.0589 0x06d0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:
\Windows\system32\lsass.exe
18:34:50.0609 0x06d0 KeyIso - ok
18:34:50.0639 0x06d0 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:
\Windows\system32\Drivers\ksecdd.sys
18:34:50.0689 0x06d0 KSecDD - ok
18:34:50.0709 0x06d0 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:
\Windows\system32\Drivers\ksecpkg.sys
18:34:50.0729 0x06d0 KSecPkg - ok
18:34:50.0739 0x06d0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:
\Windows\system32\drivers\ksthunk.sys
18:34:50.0779 0x06d0 ksthunk - ok
18:34:50.0829 0x06d0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:
\Windows\system32\msdtckrm.dll
18:34:50.0889 0x06d0 KtmRm - ok
18:34:50.0999 0x06d0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:
\Windows\system32\srvsvc.dll
18:34:51.0059 0x06d0 LanmanServer - ok
18:34:51.0089 0x06d0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:
\Windows\System32\wkssvc.dll
18:34:51.0129 0x06d0 LanmanWorkstation - ok
18:34:51.0199 0x06d0 [ EF1075935CEF62BD9D499A9BB0752EFC, F2419F2A6E58C235AF8FDF548545203C8E2AE323EFDEEE4667E6F4D83BC4DCB2 ] LavasoftAdAwareService11
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe
18:34:51.0229 0x06d0 LavasoftAdAwareService11 - ok
18:34:51.0289 0x06d0 [ 7FCB3EC66361F157BCD5B5C33CE2AC16, F4A96124AE0B4BEB1B7A8F7865B9FE474DD87B9C409681A2DDFAA3AADE562B13 ] Lenovo ReadyComm AppSvc
C:\Program Files (x86)\Lenovo\ReadyComm\AppSvc.exe
18:34:51.0349 0x06d0 Lenovo ReadyComm AppSvc - ok
18:34:51.0369 0x06d0 [ 5287074E79E4BA82510886F684DC5F72, 76C884617FBDEBEE61B33997CA93C2A2B9B902692B84E2D897E56C54833CFD1E ] Lenovo ReadyComm ConnSvc
C:\Program Files (x86)\Lenovo\ReadyComm\ConnSvc.exe
18:34:51.0409 0x06d0 Lenovo ReadyComm ConnSvc - ok
18:34:51.0449 0x06d0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:
\Windows\system32\DRIVERS\lltdio.sys
18:34:51.0509 0x06d0 lltdio - ok
18:34:51.0539 0x06d0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:
\Windows\System32\lltdsvc.dll
18:34:51.0579 0x06d0 lltdsvc - ok
18:34:51.0599 0x06d0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:
\Windows\System32\lmhsvc.dll
18:34:51.0649 0x06d0 lmhosts - ok
18:34:51.0719 0x06d0 [ 5460828F8951D310B42B442877603B8D, B6F78F69EFFBD550D650C189A1295483C1F99FC406A10186F90818A8E53F82B8 ] LMS C:
\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:34:51.0769 0x06d0 LMS - ok
18:34:51.0799 0x06d0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:
\Windows\system32\drivers\lsi_fc.sys
18:34:51.0809 0x06d0 LSI_FC - ok
18:34:51.0819 0x06d0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:
\Windows\system32\drivers\lsi_sas.sys
18:34:51.0839 0x06d0 LSI_SAS - ok
18:34:51.0849 0x06d0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:
\Windows\system32\drivers\lsi_sas2.sys
18:34:51.0859 0x06d0 LSI_SAS2 - ok
18:34:51.0869 0x06d0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:
\Windows\system32\drivers\lsi_scsi.sys
18:34:51.0899 0x06d0 LSI_SCSI - ok
18:34:51.0919 0x06d0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:
\Windows\system32\drivers\luafv.sys
18:34:51.0959 0x06d0 luafv - ok
18:34:52.0079 0x06d0 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:
\Windows\system32\drivers\mbam.sys
18:34:52.0109 0x06d0 MBAMProtector - ok
18:34:52.0209 0x06d0 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:
\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
18:34:52.0279 0x06d0 MBAMScheduler - ok
18:34:52.0319 0x06d0 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:
\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:34:52.0379 0x06d0 MBAMService - ok
18:34:52.0409 0x06d0 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:
\Windows\system32\drivers\MBAMSwissArmy.sys
18:34:52.0429 0x06d0 MBAMSwissArmy - ok
18:34:52.0449 0x06d0 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:
\Windows\system32\drivers\mwac.sys
18:34:52.0459 0x06d0 MBAMWebAccessControl - ok
18:34:52.0489 0x06d0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:
\Windows\system32\Mcx2Svc.dll
18:34:52.0529 0x06d0 Mcx2Svc - ok
18:34:52.0549 0x06d0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:
\Windows\system32\drivers\megasas.sys
18:34:52.0579 0x06d0 megasas - ok
18:34:52.0589 0x06d0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:
\Windows\system32\drivers\MegaSR.sys
18:34:52.0619 0x06d0 MegaSR - ok
18:34:52.0649 0x06d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:
\Windows\system32\mmcss.dll
18:34:52.0689 0x06d0 MMCSS - ok
18:34:52.0689 0x06d0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:
\Windows\system32\drivers\modem.sys
18:34:52.0729 0x06d0 Modem - ok
18:34:52.0759 0x06d0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:
\Windows\system32\DRIVERS\monitor.sys
18:34:52.0779 0x06d0 monitor - ok
18:34:52.0799 0x06d0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:
\Windows\system32\DRIVERS\mouclass.sys
18:34:52.0819 0x06d0 mouclass - ok
18:34:52.0839 0x06d0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:
\Windows\system32\drivers\mouhid.sys
18:34:52.0849 0x06d0 mouhid - ok
18:34:52.0879 0x06d0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:
\Windows\system32\drivers\mountmgr.sys
18:34:52.0899 0x06d0 mountmgr - ok
18:34:52.0949 0x06d0 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:
\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:34:53.0009 0x06d0 MozillaMaintenance - ok
18:34:53.0009 0x06d0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:
\Windows\system32\drivers\mpio.sys
18:34:53.0029 0x06d0 mpio - ok
18:34:53.0039 0x06d0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:
\Windows\system32\drivers\mpsdrv.sys
18:34:53.0169 0x06d0 mpsdrv - ok
18:34:53.0209 0x06d0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:
\Windows\system32\mpssvc.dll
18:34:53.0269 0x06d0 MpsSvc - ok
18:34:53.0299 0x06d0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:
\Windows\system32\drivers\mrxdav.sys
18:34:53.0329 0x06d0 MRxDAV - ok
18:34:53.0369 0x06d0 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:
\Windows\system32\DRIVERS\mrxsmb.sys
18:34:53.0409 0x06d0 mrxsmb - ok
18:34:53.0439 0x06d0 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:
\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:53.0479 0x06d0 mrxsmb10 - ok
18:34:53.0499 0x06d0 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:
\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:53.0529 0x06d0 mrxsmb20 - ok
18:34:53.0549 0x06d0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:
\Windows\system32\drivers\msahci.sys
18:34:53.0569 0x06d0 msahci - ok
18:34:53.0589 0x06d0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:
\Windows\system32\drivers\msdsm.sys
18:34:53.0609 0x06d0 msdsm - ok
18:34:53.0619 0x06d0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:
\Windows\System32\msdtc.exe
18:34:53.0639 0x06d0 MSDTC - ok
18:34:53.0659 0x06d0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:
\Windows\system32\drivers\Msfs.sys
18:34:53.0719 0x06d0 Msfs - ok
18:34:53.0729 0x06d0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:
\Windows\System32\drivers\mshidkmdf.sys
18:34:53.0769 0x06d0 mshidkmdf - ok
18:34:53.0779 0x06d0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:
\Windows\system32\drivers\msisadrv.sys
18:34:53.0799 0x06d0 msisadrv - ok
18:34:53.0829 0x06d0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:
\Windows\system32\iscsiexe.dll
18:34:53.0879 0x06d0 MSiSCSI - ok
18:34:53.0879 0x06d0 msiserver - ok
18:34:53.0899 0x06d0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:
\Windows\system32\drivers\MSKSSRV.sys
18:34:53.0939 0x06d0 MSKSSRV - ok
18:34:53.0939 0x06d0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:
\Windows\system32\drivers\MSPCLOCK.sys
18:34:53.0989 0x06d0 MSPCLOCK - ok
18:34:53.0999 0x06d0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:
\Windows\system32\drivers\MSPQM.sys
18:34:54.0039 0x06d0 MSPQM - ok
18:34:54.0049 0x06d0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:
\Windows\system32\drivers\MsRPC.sys
18:34:54.0069 0x06d0 MsRPC - ok
18:34:54.0109 0x06d0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:
\Windows\system32\DRIVERS\mssmbios.sys
18:34:54.0229 0x06d0 mssmbios - ok
18:34:54.0259 0x06d0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:
\Windows\system32\drivers\MSTEE.sys
18:34:54.0339 0x06d0 MSTEE - ok
18:34:54.0359 0x06d0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:
\Windows\system32\drivers\MTConfig.sys
18:34:54.0379 0x06d0 MTConfig - ok
18:34:54.0379 0x06d0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:
\Windows\system32\Drivers\mup.sys
18:34:54.0409 0x06d0 Mup - ok
18:34:54.0429 0x06d0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:
\Windows\system32\qagentRT.dll
18:34:54.0479 0x06d0 napagent - ok
18:34:54.0509 0x06d0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:
\Windows\system32\DRIVERS\nwifi.sys
18:34:54.0539 0x06d0 NativeWifiP - ok
18:34:54.0649 0x06d0 [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate C:
\Program Files (x86)\Nero\Update\NASvc.exe
18:34:54.0699 0x06d0 NAUpdate - ok
18:34:54.0789 0x06d0 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:
\Windows\system32\drivers\ndis.sys
18:34:54.0839 0x06d0 NDIS - ok
18:34:54.0859 0x06d0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:
\Windows\system32\DRIVERS\ndiscap.sys
18:34:54.0899 0x06d0 NdisCap - ok
18:34:54.0919 0x06d0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:
\Windows\system32\DRIVERS\ndistapi.sys
18:34:54.0949 0x06d0 NdisTapi - ok
18:34:54.0969 0x06d0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:
\Windows\system32\DRIVERS\ndisuio.sys
18:34:55.0019 0x06d0 Ndisuio - ok
18:34:55.0029 0x06d0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:
\Windows\system32\DRIVERS\ndiswan.sys
18:34:55.0109 0x06d0 NdisWan - ok
18:34:55.0129 0x06d0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:
\Windows\system32\drivers\NDProxy.sys
18:34:55.0249 0x06d0 NDProxy - ok
18:34:55.0289 0x06d0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:
\Windows\system32\DRIVERS\netbios.sys
18:34:55.0339 0x06d0 NetBIOS - ok
18:34:55.0359 0x06d0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:
\Windows\system32\DRIVERS\netbt.sys
18:34:55.0419 0x06d0 NetBT - ok
18:34:55.0439 0x06d0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:
\Windows\system32\lsass.exe
18:34:55.0459 0x06d0 Netlogon - ok
18:34:55.0509 0x06d0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:
\Windows\System32\netman.dll
18:34:55.0559 0x06d0 Netman - ok
18:34:55.0589 0x06d0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:
\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:55.0719 0x06d0 NetMsmqActivator - ok
18:34:55.0729 0x06d0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:
\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:55.0759 0x06d0 NetPipeActivator - ok
18:34:55.0769 0x06d0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:
\Windows\System32\netprofm.dll
18:34:55.0819 0x06d0 netprofm - ok
18:34:55.0829 0x06d0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:
\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:55.0849 0x06d0 NetTcpActivator - ok
18:34:55.0859 0x06d0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:
\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:55.0879 0x06d0 NetTcpPortSharing - ok
18:34:55.0919 0x06d0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:
\Windows\system32\drivers\nfrd960.sys
18:34:55.0949 0x06d0 nfrd960 - ok
18:34:55.0999 0x06d0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:
\Windows\System32\nlasvc.dll
18:34:56.0059 0x06d0 NlaSvc - ok
18:34:56.0079 0x06d0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:
\Windows\system32\drivers\Npfs.sys
18:34:56.0119 0x06d0 Npfs - ok
18:34:56.0149 0x06d0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:
\Windows\system32\nsisvc.dll
18:34:56.0189 0x06d0 nsi - ok
18:34:56.0209 0x06d0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:
\Windows\system32\drivers\nsiproxy.sys
18:34:56.0319 0x06d0 nsiproxy - ok
18:34:56.0399 0x06d0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:
\Windows\system32\drivers\Ntfs.sys
18:34:56.0459 0x06d0 Ntfs - ok
18:34:56.0469 0x06d0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:
\Windows\system32\drivers\Null.sys
18:34:56.0509 0x06d0 Null - ok
18:34:56.0559 0x06d0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:
\Windows\system32\drivers\nvraid.sys
18:34:56.0579 0x06d0 nvraid - ok
18:34:56.0589 0x06d0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:
\Windows\system32\drivers\nvstor.sys
18:34:56.0619 0x06d0 nvstor - ok
18:34:56.0639 0x06d0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:
\Windows\system32\drivers\nv_agp.sys
18:34:56.0679 0x06d0 nv_agp - ok
18:34:56.0679 0x06d0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:
\Windows\system32\drivers\ohci1394.sys
18:34:56.0699 0x06d0 ohci1394 - ok
18:34:56.0769 0x06d0 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:
\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:56.0809 0x06d0 ose - ok
18:34:57.0019 0x06d0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:
\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:34:57.0169 0x06d0 osppsvc - ok
18:34:57.0209 0x06d0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:
\Windows\system32\pnrpsvc.dll
18:34:57.0249 0x06d0 p2pimsvc - ok
18:34:57.0279 0x06d0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:
\Windows\system32\p2psvc.dll
18:34:57.0309 0x06d0 p2psvc - ok
18:34:57.0399 0x06d0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:
\Windows\system32\drivers\parport.sys
18:34:57.0439 0x06d0 Parport - ok
18:34:57.0459 0x06d0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:
\Windows\system32\drivers\partmgr.sys
18:34:57.0479 0x06d0 partmgr - ok
18:34:57.0509 0x06d0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:
\Windows\System32\pcasvc.dll
18:34:57.0549 0x06d0 PcaSvc - ok
18:34:57.0569 0x06d0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:
\Windows\system32\drivers\pci.sys
18:34:57.0589 0x06d0 pci - ok
18:34:57.0619 0x06d0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:
\Windows\system32\drivers\pciide.sys
18:34:57.0649 0x06d0 pciide - ok
18:34:57.0659 0x06d0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:
\Windows\system32\drivers\pcmcia.sys
18:34:57.0679 0x06d0 pcmcia - ok
18:34:57.0689 0x06d0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:
\Windows\system32\drivers\pcw.sys
18:34:57.0699 0x06d0 pcw - ok
18:34:57.0739 0x06d0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:
\Windows\system32\drivers\peauth.sys
18:34:57.0769 0x06d0 PEAUTH - ok
18:34:57.0839 0x06d0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:
\Windows\system32\peerdistsvc.dll
18:34:57.0899 0x06d0 PeerDistSvc - ok
18:34:57.0999 0x06d0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:
\Windows\SysWow64\perfhost.exe
18:34:58.0019 0x06d0 PerfHost - ok
18:34:58.0109 0x06d0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:
\Windows\system32\pla.dll
18:34:58.0179 0x06d0 pla - ok
18:34:58.0249 0x06d0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:
\Windows\system32\umpnpmgr.dll
18:34:58.0279 0x06d0 PlugPlay - ok
18:34:58.0299 0x06d0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:
\Windows\system32\pnrpauto.dll
18:34:58.0329 0x06d0 PNRPAutoReg - ok
18:34:58.0339 0x06d0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:
\Windows\system32\pnrpsvc.dll
18:34:58.0369 0x06d0 PNRPsvc - ok
18:34:58.0489 0x06d0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:
\Windows\System32\ipsecsvc.dll
18:34:58.0569 0x06d0 PolicyAgent - ok
18:34:58.0599 0x06d0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:
\Windows\system32\umpo.dll
18:34:58.0649 0x06d0 Power - ok
18:34:58.0689 0x06d0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:
\Windows\system32\DRIVERS\raspptp.sys
18:34:58.0729 0x06d0 PptpMiniport - ok
18:34:58.0749 0x06d0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:
\Windows\system32\drivers\processr.sys
18:34:58.0769 0x06d0 Processor - ok
18:34:58.0789 0x06d0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:
\Windows\system32\profsvc.dll
18:34:58.0829 0x06d0 ProfSvc - ok
18:34:58.0829 0x06d0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:
\Windows\system32\lsass.exe
18:34:58.0849 0x06d0 ProtectedStorage - ok
18:34:58.0869 0x06d0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:
\Windows\system32\DRIVERS\pacer.sys
18:34:58.0909 0x06d0 Psched - ok
18:34:58.0919 0x06d0 PS_MDP - ok
18:34:58.0969 0x06d0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:
\Windows\system32\drivers\ql2300.sys
18:34:59.0019 0x06d0 ql2300 - ok
18:34:59.0029 0x06d0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:
\Windows\system32\drivers\ql40xx.sys
18:34:59.0049 0x06d0 ql40xx - ok
18:34:59.0079 0x06d0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:
\Windows\system32\qwave.dll
18:34:59.0099 0x06d0 QWAVE - ok
18:34:59.0109 0x06d0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:
\Windows\system32\drivers\qwavedrv.sys
18:34:59.0129 0x06d0 QWAVEdrv - ok
18:34:59.0159 0x06d0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:
\Windows\system32\DRIVERS\rasacd.sys
18:34:59.0209 0x06d0 RasAcd - ok
18:34:59.0249 0x06d0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:
\Windows\system32\DRIVERS\AgileVpn.sys
18:34:59.0299 0x06d0 RasAgileVpn - ok
18:34:59.0319 0x06d0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:
\Windows\System32\rasauto.dll
18:34:59.0369 0x06d0 RasAuto - ok
18:34:59.0379 0x06d0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:
\Windows\system32\DRIVERS\rasl2tp.sys
18:34:59.0419 0x06d0 Rasl2tp - ok
18:34:59.0439 0x06d0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:
\Windows\System32\rasmans.dll
18:34:59.0579 0x06d0 RasMan - ok
18:34:59.0599 0x06d0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:
\Windows\system32\DRIVERS\raspppoe.sys
18:34:59.0649 0x06d0 RasPppoe - ok
18:34:59.0659 0x06d0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:
\Windows\system32\DRIVERS\rassstp.sys
18:34:59.0699 0x06d0 RasSstp - ok
18:34:59.0729 0x06d0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:
\Windows\system32\DRIVERS\rdbss.sys
18:34:59.0779 0x06d0 rdbss - ok
18:34:59.0789 0x06d0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:
\Windows\system32\DRIVERS\rdpbus.sys
18:34:59.0809 0x06d0 rdpbus - ok
18:34:59.0829 0x06d0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:
\Windows\system32\DRIVERS\RDPCDD.sys
18:34:59.0879 0x06d0 RDPCDD - ok
18:34:59.0919 0x06d0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:
\Windows\system32\drivers\rdpdr.sys
18:34:59.0969 0x06d0 RDPDR - ok
18:34:59.0979 0x06d0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:
\Windows\system32\drivers\rdpencdd.sys
18:35:00.0029 0x06d0 RDPENCDD - ok
18:35:00.0039 0x06d0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:
\Windows\system32\drivers\rdprefmp.sys
18:35:00.0069 0x06d0 RDPREFMP - ok
18:35:00.0149 0x06d0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:
\Windows\system32\drivers\rdpvideominiport.sys
18:35:00.0199 0x06d0 RdpVideoMiniport - ok
18:35:00.0239 0x06d0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:
\Windows\system32\drivers\RDPWD.sys
18:35:00.0279 0x06d0 RDPWD - ok
18:35:00.0309 0x06d0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:
\Windows\system32\drivers\rdyboost.sys
18:35:00.0329 0x06d0 rdyboost - ok
18:35:00.0329 0x06d0 ReadyComm.DirectRouter - ok
18:35:00.0359 0x06d0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:
\Windows\System32\mprdim.dll
18:35:00.0409 0x06d0 RemoteAccess - ok
18:35:00.0439 0x06d0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:
\Windows\system32\regsvc.dll
18:35:00.0499 0x06d0 RemoteRegistry - ok
18:35:00.0619 0x06d0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:
\Windows\system32\DRIVERS\rfcomm.sys
18:35:00.0659 0x06d0 RFCOMM - ok
18:35:00.0679 0x06d0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:
\Windows\System32\RpcEpMap.dll
18:35:00.0719 0x06d0 RpcEptMapper - ok
18:35:00.0729 0x06d0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:
\Windows\system32\locator.exe
18:35:00.0749 0x06d0 RpcLocator - ok
18:35:00.0779 0x06d0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:
\Windows\system32\rpcss.dll
18:35:00.0829 0x06d0 RpcSs - ok
18:35:00.0859 0x06d0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:
\Windows\system32\DRIVERS\rspndr.sys
18:35:00.0899 0x06d0 rspndr - ok
18:35:00.0929 0x06d0 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:
\Windows\system32\drivers\RtHDMIVX.sys
18:35:00.0949 0x06d0 RTHDMIAzAudService - ok
18:35:00.0979 0x06d0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:
\Windows\system32\drivers\vms3cap.sys
18:35:01.0009 0x06d0 s3cap - ok
18:35:01.0019 0x06d0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:
\Windows\system32\lsass.exe
18:35:01.0039 0x06d0 SamSs - ok
18:35:01.0059 0x06d0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:
\Windows\system32\drivers\sbp2port.sys
18:35:01.0079 0x06d0 sbp2port - ok
18:35:01.0099 0x06d0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:
\Windows\System32\SCardSvr.dll
18:35:01.0149 0x06d0 SCardSvr - ok
18:35:01.0149 0x06d0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:
\Windows\system32\DRIVERS\scfilter.sys
18:35:01.0199 0x06d0 scfilter - ok
18:35:01.0259 0x06d0 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:
\Windows\system32\schedsvc.dll
18:35:01.0319 0x06d0 Schedule - ok
18:35:01.0349 0x06d0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:
\Windows\System32\certprop.dll
18:35:01.0389 0x06d0 SCPolicySvc - ok
18:35:01.0409 0x06d0 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:
\Windows\system32\DRIVERS\sdbus.sys
18:35:01.0429 0x06d0 sdbus - ok
18:35:01.0449 0x06d0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:
\Windows\System32\SDRSVC.dll
18:35:01.0479 0x06d0 SDRSVC - ok
18:35:01.0499 0x06d0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:
\Windows\system32\drivers\secdrv.sys
18:35:01.0549 0x06d0 secdrv - ok
18:35:01.0559 0x06d0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:
\Windows\system32\seclogon.dll
18:35:01.0609 0x06d0 seclogon - ok
18:35:01.0709 0x06d0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:
\Windows\System32\sens.dll
18:35:01.0769 0x06d0 SENS - ok
18:35:01.0789 0x06d0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:
\Windows\system32\sensrsvc.dll
18:35:01.0799 0x06d0 SensrSvc - ok
18:35:01.0809 0x06d0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:
\Windows\system32\drivers\serenum.sys
18:35:01.0819 0x06d0 Serenum - ok
18:35:01.0829 0x06d0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:
\Windows\system32\drivers\serial.sys
18:35:01.0849 0x06d0 Serial - ok
18:35:01.0849 0x06d0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:
\Windows\system32\drivers\sermouse.sys
18:35:01.0869 0x06d0 sermouse - ok
18:35:01.0879 0x06d0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:
\Windows\system32\sessenv.dll
18:35:01.0919 0x06d0 SessionEnv - ok
18:35:01.0929 0x06d0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:
\Windows\system32\drivers\sffdisk.sys
18:35:01.0949 0x06d0 sffdisk - ok
18:35:01.0949 0x06d0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:
\Windows\system32\drivers\sffp_mmc.sys
18:35:01.0969 0x06d0 sffp_mmc - ok
18:35:01.0969 0x06d0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:
\Windows\system32\drivers\sffp_sd.sys
18:35:01.0989 0x06d0 sffp_sd - ok
18:35:01.0989 0x06d0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:
\Windows\system32\drivers\sfloppy.sys
18:35:02.0009 0x06d0 sfloppy - ok
18:35:02.0039 0x06d0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:
\Windows\System32\ipnathlp.dll
18:35:02.0089 0x06d0 SharedAccess - ok
18:35:02.0109 0x06d0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:
\Windows\System32\shsvcs.dll
18:35:02.0169 0x06d0 ShellHWDetection - ok
18:35:02.0169 0x06d0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:
\Windows\system32\drivers\SiSRaid2.sys
18:35:02.0189 0x06d0 SiSRaid2 - ok
18:35:02.0199 0x06d0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:
\Windows\system32\drivers\sisraid4.sys
18:35:02.0209 0x06d0 SiSRaid4 - ok
18:35:02.0219 0x06d0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:
\Windows\system32\DRIVERS\smb.sys
18:35:02.0259 0x06d0 Smb - ok
18:35:02.0279 0x06d0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:
\Windows\System32\snmptrap.exe
18:35:02.0299 0x06d0 SNMPTRAP - ok
18:35:02.0309 0x06d0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:
\Windows\system32\drivers\spldr.sys
18:35:02.0319 0x06d0 spldr - ok
18:35:02.0359 0x06d0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:
\Windows\System32\spoolsv.exe
18:35:02.0409 0x06d0 Spooler - ok
18:35:02.0529 0x06d0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:
\Windows\system32\sppsvc.exe
18:35:02.0649 0x06d0 sppsvc - ok
18:35:02.0679 0x06d0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:
\Windows\system32\sppuinotify.dll
18:35:02.0829 0x06d0 sppuinotify - ok
18:35:02.0869 0x06d0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:
\Windows\system32\DRIVERS\srv.sys
18:35:02.0909 0x06d0 srv - ok
18:35:02.0939 0x06d0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:
\Windows\system32\DRIVERS\srv2.sys
18:35:02.0959 0x06d0 srv2 - ok
18:35:02.0979 0x06d0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:
\Windows\system32\DRIVERS\srvnet.sys
18:35:03.0009 0x06d0 srvnet - ok
18:35:03.0029 0x06d0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:
\Windows\System32\ssdpsrv.dll
18:35:03.0079 0x06d0 SSDPSRV - ok
18:35:03.0099 0x06d0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:
\Windows\system32\sstpsvc.dll
18:35:03.0139 0x06d0 SstpSvc - ok
18:35:03.0229 0x06d0 [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0
OnlineUpdate C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
18:35:03.0289 0x06d0 StarMoney 9.0 OnlineUpdate - ok
18:35:03.0309 0x06d0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:
\Windows\system32\drivers\stexstor.sys
18:35:03.0319 0x06d0 stexstor - ok
18:35:03.0349 0x06d0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:
\Windows\System32\wiaservc.dll
18:35:03.0389 0x06d0 stisvc - ok
18:35:03.0419 0x06d0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:
\Windows\system32\drivers\vmstorfl.sys
18:35:03.0429 0x06d0 storflt - ok
18:35:03.0459 0x06d0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:
\Windows\system32\storsvc.dll
18:35:03.0499 0x06d0 StorSvc - ok
18:35:03.0529 0x06d0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:
\Windows\system32\drivers\storvsc.sys
18:35:03.0569 0x06d0 storvsc - ok
18:35:03.0589 0x06d0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:
\Windows\system32\DRIVERS\swenum.sys
18:35:03.0599 0x06d0 swenum - ok
18:35:03.0629 0x06d0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:
\Windows\System32\swprv.dll
18:35:03.0689 0x06d0 swprv - ok
18:35:03.0829 0x06d0 [ 62C03C8B44FE73512368337E72AAD68F, B18F487BED8579B96EA7697F1ED59BDD04A2B772FC50F7CBA6466BEC5AD073B4 ] SynTP C:
\Windows\system32\DRIVERS\SynTP.sys
18:35:03.0869 0x06d0 SynTP - ok
18:35:03.0939 0x06d0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:
\Windows\system32\sysmain.dll
18:35:04.0009 0x06d0 SysMain - ok
18:35:04.0029 0x06d0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:
\Windows\System32\TabSvc.dll
18:35:04.0049 0x06d0 TabletInputService - ok
18:35:04.0079 0x06d0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:
\Windows\System32\tapisrv.dll
18:35:04.0149 0x06d0 TapiSrv - ok
18:35:04.0209 0x06d0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:
\Windows\System32\tbssvc.dll
18:35:04.0259 0x06d0 TBS - ok
18:35:04.0329 0x06d0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:
\Windows\system32\drivers\tcpip.sys
18:35:04.0389 0x06d0 Tcpip - ok
18:35:04.0449 0x06d0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:
\Windows\system32\DRIVERS\tcpip.sys
18:35:04.0509 0x06d0 TCPIP6 - ok
18:35:04.0539 0x06d0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:
\Windows\system32\drivers\tcpipreg.sys
18:35:04.0569 0x06d0 tcpipreg - ok
18:35:04.0599 0x06d0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:
\Windows\system32\drivers\tdpipe.sys
18:35:04.0629 0x06d0 TDPIPE - ok
18:35:04.0649 0x06d0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:
\Windows\system32\drivers\tdtcp.sys
18:35:04.0659 0x06d0 TDTCP - ok
18:35:04.0689 0x06d0 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:
\Windows\system32\DRIVERS\tdx.sys
18:35:04.0709 0x06d0 tdx - ok
18:35:04.0749 0x06d0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:
\Windows\system32\DRIVERS\termdd.sys
18:35:04.0759 0x06d0 TermDD - ok
18:35:04.0919 0x06d0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:
\Windows\System32\termsrv.dll
18:35:04.0969 0x06d0 TermService - ok
18:35:04.0989 0x06d0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:
\Windows\system32\themeservice.dll
18:35:05.0029 0x06d0 Themes - ok
18:35:05.0049 0x06d0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:
\Windows\system32\mmcss.dll
18:35:05.0099 0x06d0 THREADORDER - ok
18:35:05.0119 0x06d0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:
\Windows\System32\trkwks.dll
18:35:05.0179 0x06d0 TrkWks - ok
18:35:05.0229 0x06d0 [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] Trufos C:
\Windows\system32\DRIVERS\Trufos.sys
18:35:05.0259 0x06d0 Trufos - ok
18:35:05.0319 0x06d0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:
\Windows\servicing\TrustedInstaller.exe
18:35:05.0369 0x06d0 TrustedInstaller - ok
18:35:05.0399 0x06d0 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:
\Windows\system32\DRIVERS\tssecsrv.sys
18:35:05.0419 0x06d0 tssecsrv - ok
18:35:05.0459 0x06d0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:
\Windows\system32\drivers\tsusbflt.sys
18:35:05.0469 0x06d0 TsUsbFlt - ok
18:35:05.0489 0x06d0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:
\Windows\system32\drivers\TsUsbGD.sys
18:35:05.0509 0x06d0 TsUsbGD - ok
18:35:05.0509 0x139c Object required for P2P: [ BB73DD7B20132FB1A30990E025DEA1E4 ] Avira.ServiceHost
18:35:05.0549 0x06d0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:
\Windows\system32\DRIVERS\tunnel.sys
18:35:05.0599 0x06d0 tunnel - ok
18:35:05.0609 0x06d0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:
\Windows\system32\drivers\uagp35.sys
18:35:05.0639 0x06d0 uagp35 - ok
18:35:05.0669 0x06d0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:
\Windows\system32\DRIVERS\udfs.sys
18:35:05.0709 0x06d0 udfs - ok
18:35:05.0739 0x06d0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:
\Windows\system32\UI0Detect.exe
18:35:05.0759 0x06d0 UI0Detect - ok
18:35:05.0769 0x06d0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:
\Windows\system32\drivers\uliagpkx.sys
18:35:05.0799 0x06d0 uliagpkx - ok
18:35:05.0809 0x06d0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:
\Windows\system32\DRIVERS\umbus.sys
18:35:05.0829 0x06d0 umbus - ok
18:35:05.0849 0x06d0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:
\Windows\system32\drivers\umpass.sys
18:35:05.0859 0x06d0 UmPass - ok
18:35:05.0969 0x06d0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:
\Windows\System32\umrdp.dll
18:35:06.0009 0x06d0 UmRdpService - ok
18:35:06.0159 0x06d0 [ 9E89C2D6945389270DE067CE51FF7425, C6FD14DF4FE967760F3127D6CF663CC0FB40C91D966AC17A571DD4E659498506 ] UNS C:
\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:35:06.0259 0x06d0 UNS - ok
18:35:06.0279 0x06d0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:
\Windows\System32\upnphost.dll
18:35:06.0319 0x06d0 upnphost - ok
18:35:06.0349 0x06d0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:
\Windows\system32\drivers\usbccgp.sys
18:35:06.0369 0x06d0 usbccgp - ok
18:35:06.0399 0x06d0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:
\Windows\system32\drivers\usbcir.sys
18:35:06.0449 0x06d0 usbcir - ok
18:35:06.0449 0x06d0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:
\Windows\system32\DRIVERS\usbehci.sys
18:35:06.0479 0x06d0 usbehci - ok
18:35:06.0499 0x06d0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:
\Windows\system32\DRIVERS\usbhub.sys
18:35:06.0529 0x06d0 usbhub - ok
18:35:06.0559 0x06d0 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:
\Windows\system32\drivers\usbohci.sys
18:35:06.0569 0x06d0 usbohci - ok
18:35:06.0569 0x06d0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:
\Windows\system32\drivers\usbprint.sys
18:35:06.0609 0x06d0 usbprint - ok
18:35:06.0639 0x06d0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:
\Windows\system32\DRIVERS\USBSTOR.SYS
18:35:06.0659 0x06d0 USBSTOR - ok
18:35:06.0659 0x06d0 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:
\Windows\system32\drivers\usbuhci.sys
18:35:06.0679 0x06d0 usbuhci - ok
18:35:06.0699 0x06d0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:
\Windows\System32\Drivers\usbvideo.sys
18:35:06.0729 0x06d0 usbvideo - ok
18:35:06.0749 0x06d0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:
\Windows\System32\uxsms.dll
18:35:06.0789 0x06d0 UxSms - ok
18:35:06.0809 0x06d0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:
\Windows\system32\lsass.exe
18:35:06.0829 0x06d0 VaultSvc - ok
18:35:06.0849 0x06d0 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:
\Windows\system32\DRIVERS\VClone.sys
18:35:06.0879 0x06d0 VClone - ok
18:35:06.0889 0x06d0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:
\Windows\system32\drivers\vdrvroot.sys
18:35:06.0899 0x06d0 vdrvroot - ok
18:35:06.0929 0x06d0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:
\Windows\System32\vds.exe
18:35:06.0989 0x06d0 vds - ok
18:35:07.0039 0x06d0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:
\Windows\system32\DRIVERS\vgapnp.sys
18:35:07.0079 0x06d0 vga - ok
18:35:07.0089 0x06d0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:
\Windows\System32\drivers\vga.sys
18:35:07.0129 0x06d0 VgaSave - ok
18:35:07.0139 0x06d0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:
\Windows\system32\drivers\vhdmp.sys
18:35:07.0169 0x06d0 vhdmp - ok
18:35:07.0189 0x06d0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:
\Windows\system32\drivers\viaide.sys
18:35:07.0219 0x06d0 viaide - ok
18:35:07.0249 0x06d0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:
\Windows\system32\drivers\vmbus.sys
18:35:07.0269 0x06d0 vmbus - ok
18:35:07.0269 0x06d0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:
\Windows\system32\drivers\VMBusHID.sys
18:35:07.0289 0x06d0 VMBusHID - ok
18:35:07.0299 0x06d0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:
\Windows\system32\drivers\volmgr.sys
18:35:07.0309 0x06d0 volmgr - ok
18:35:07.0329 0x06d0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:
\Windows\system32\drivers\volmgrx.sys
18:35:07.0349 0x06d0 volmgrx - ok
18:35:07.0359 0x06d0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:
\Windows\system32\drivers\volsnap.sys
18:35:07.0379 0x06d0 volsnap - ok
18:35:07.0409 0x06d0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:
\Windows\system32\drivers\vsmraid.sys
18:35:07.0429 0x06d0 vsmraid - ok
18:35:07.0479 0x06d0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:
\Windows\system32\vssvc.exe
18:35:07.0559 0x06d0 VSS - ok
18:35:07.0569 0x06d0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:
\Windows\system32\DRIVERS\vwifibus.sys
18:35:07.0579 0x06d0 vwifibus - ok
18:35:07.0599 0x06d0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:
\Windows\system32\DRIVERS\vwififlt.sys
18:35:07.0619 0x06d0 vwififlt - ok
18:35:07.0639 0x06d0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:
\Windows\system32\w32time.dll
18:35:07.0689 0x06d0 W32Time - ok
18:35:07.0699 0x06d0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:
\Windows\system32\drivers\wacompen.sys
18:35:07.0709 0x06d0 WacomPen - ok
18:35:07.0739 0x06d0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:
\Windows\system32\DRIVERS\wanarp.sys
18:35:07.0779 0x06d0 WANARP - ok
18:35:07.0779 0x06d0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:
\Windows\system32\DRIVERS\wanarp.sys
18:35:07.0819 0x06d0 Wanarpv6 - ok
18:35:07.0879 0x06d0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:
\Windows\system32\wbengine.exe
18:35:07.0939 0x06d0 wbengine - ok
18:35:07.0959 0x06d0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:
\Windows\System32\wbiosrvc.dll
18:35:07.0979 0x139c Object send P2P result: true
18:35:07.0989 0x139c Object required for P2P: [ EF1075935CEF62BD9D499A9BB0752EFC ] LavasoftAdAwareService11
18:35:07.0999 0x06d0 WbioSrvc - ok
18:35:08.0019 0x06d0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:
\Windows\System32\wcncsvc.dll
18:35:08.0049 0x06d0 wcncsvc - ok
18:35:08.0099 0x06d0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:
\Windows\System32\WcsPlugInService.dll
18:35:08.0139 0x06d0 WcsPlugInService - ok
18:35:08.0149 0x06d0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:
\Windows\system32\drivers\wd.sys
18:35:08.0189 0x06d0 Wd - ok
18:35:08.0239 0x06d0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:
\Windows\system32\drivers\Wdf01000.sys
18:35:08.0279 0x06d0 Wdf01000 - ok
18:35:08.0309 0x06d0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:
\Windows\system32\wdi.dll
18:35:08.0349 0x06d0 WdiServiceHost - ok
18:35:08.0349 0x06d0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:
\Windows\system32\wdi.dll
18:35:08.0379 0x06d0 WdiSystemHost - ok
18:35:08.0419 0x06d0 [ 2A444ACF7DD446505BCC801F8F6AE5FD, A257CBA8D1B96D4E8C2085DB5D28C5D4FFA64767ABA5FE764F1AA2697D0E994B ] wdmirror C:
\Windows\system32\DRIVERS\WDMirror.sys
18:35:08.0429 0x06d0 wdmirror - ok
18:35:08.0469 0x06d0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:
\Windows\System32\webclnt.dll
18:35:08.0509 0x06d0 WebClient - ok
18:35:08.0529 0x06d0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:
\Windows\system32\wecsvc.dll
18:35:08.0579 0x06d0 Wecsvc - ok
18:35:08.0599 0x06d0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:
\Windows\System32\wercplsupport.dll
18:35:08.0639 0x06d0 wercplsupport - ok
18:35:08.0659 0x06d0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:
\Windows\System32\WerSvc.dll
18:35:08.0699 0x06d0 WerSvc - ok
18:35:08.0749 0x06d0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:
\Windows\system32\DRIVERS\wfplwf.sys
18:35:08.0779 0x06d0 WfpLwf - ok
18:35:08.0799 0x06d0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:
\Windows\system32\drivers\wimmount.sys
18:35:08.0819 0x06d0 WIMMount - ok
18:35:08.0839 0x06d0 WinDefend - ok
18:35:08.0849 0x06d0 WinHttpAutoProxySvc - ok
18:35:08.0919 0x06d0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:
\Windows\system32\wbem\WMIsvc.dll
18:35:08.0989 0x06d0 Winmgmt - ok
18:35:09.0059 0x06d0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:
\Windows\system32\WsmSvc.dll
18:35:09.0199 0x06d0 WinRM - ok
18:35:09.0279 0x06d0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:
\Windows\system32\DRIVERS\WinUsb.sys
18:35:09.0309 0x06d0 WinUsb - ok
18:35:09.0399 0x06d0 [ 03D0E68C049D84BDF9629423901C8E85, 399976627B44FAD5F9CA74FD3C5634DCEAA4E85044743340777C8F67F0BB2433 ] WiseBootAssistant C:
\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
18:35:09.0529 0x06d0 WiseBootAssistant - ok
18:35:09.0559 0x06d0 [ 96CC61325A387239C1AD3656F9313DEE, 8016B87E57AE3D507D62EE09122A53AD1D3AD9265D0FDF98DCA836295A09D0B5 ] WiseHDInfo C:
\Windows\WiseHDInfo64.dll
18:35:09.0569 0x06d0 WiseHDInfo - ok
18:35:09.0619 0x06d0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:
\Windows\System32\wlansvc.dll
18:35:09.0659 0x06d0 Wlansvc - ok
18:35:09.0689 0x06d0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:
\Windows\system32\DRIVERS\wmiacpi.sys
18:35:09.0709 0x06d0 WmiAcpi - ok
18:35:09.0739 0x06d0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:
\Windows\system32\wbem\WmiApSrv.exe
18:35:09.0759 0x06d0 wmiApSrv - ok
18:35:09.0779 0x06d0 WMPNetworkSvc - ok
18:35:09.0789 0x06d0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:
\Windows\System32\wpcsvc.dll
18:35:09.0809 0x06d0 WPCSvc - ok
18:35:09.0829 0x06d0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:
\Windows\system32\wpdbusenum.dll
18:35:09.0849 0x06d0 WPDBusEnum - ok
18:35:09.0859 0x06d0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:
\Windows\system32\drivers\ws2ifsl.sys
18:35:09.0899 0x06d0 ws2ifsl - ok
18:35:09.0919 0x06d0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:
\Windows\System32\wscsvc.dll
18:35:09.0939 0x06d0 wscsvc - ok
18:35:09.0949 0x06d0 WSearch - ok
18:35:10.0069 0x06d0 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:
\Windows\system32\wuaueng.dll
18:35:10.0149 0x06d0 wuauserv - ok
18:35:10.0259 0x06d0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:
\Windows\system32\drivers\WudfPf.sys
18:35:10.0299 0x06d0 WudfPf - ok
18:35:10.0339 0x06d0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:
\Windows\system32\DRIVERS\WUDFRd.sys
18:35:10.0369 0x06d0 WUDFRd - ok
18:35:10.0399 0x06d0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:
\Windows\System32\WUDFSvc.dll
18:35:10.0419 0x06d0 wudfsvc - ok
18:35:10.0449 0x06d0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:
\Windows\System32\wwansvc.dll
18:35:10.0469 0x06d0 WwanSvc - ok
18:35:10.0479 0x139c Object send P2P result: true
18:35:10.0499 0x06d0 ================ Scan global ===============================
18:35:10.0519 0x06d0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows
\system32\basesrv.dll
18:35:10.0549 0x06d0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows
\system32\winsrv.dll
18:35:10.0559 0x06d0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows
\system32\winsrv.dll
18:35:10.0589 0x06d0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows
\system32\sxssrv.dll
18:35:10.0629 0x06d0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows
\system32\services.exe
18:35:10.0639 0x06d0 [ Global ] - ok
18:35:10.0639 0x06d0 ================ Scan MBR ==================================
18:35:10.0649 0x06d0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:35:10.0979 0x06d0 \Device\Harddisk0\DR0 - ok
18:35:10.0979 0x06d0 ================ Scan VBR ==================================
18:35:10.0979 0x06d0 [ CC03715B0503B5D507EC4784F48F362E ] \Device\Harddisk0\DR0\Partition1
18:35:11.0049 0x06d0 \Device\Harddisk0\DR0\Partition1 - ok
18:35:11.0059 0x06d0 [ 040E2EA451FB7094C652B493CA498E15 ] \Device\Harddisk0\DR0\Partition2
18:35:11.0129 0x06d0 \Device\Harddisk0\DR0\Partition2 - ok
18:35:11.0139 0x06d0 [ 0E04F2C4FE0A8C19E7F2FE32E669256A ] \Device\Harddisk0\DR0\Partition3
18:35:11.0209 0x06d0 \Device\Harddisk0\DR0\Partition3 - ok
18:35:11.0219 0x06d0 [ 5C38A7CE5EB7087AA38C32348226F20A ] \Device\Harddisk0\DR0\Partition4
18:35:11.0359 0x06d0 \Device\Harddisk0\DR0\Partition4 - ok
18:35:11.0359 0x06d0 ================ Scan generic autorun ======================
18:35:11.0679 0x06d0 [ 6D04467A68BFE25748575DF36638418F, 02CB1850D4286C8D6A6716002088D0F97497AFE193405062427657174395D42D ] C:\Program Files\Realtek
\Audio\HDA\RAVCpl64.exe
18:35:11.0969 0x06d0 RtHDVCpl - ok
18:35:12.0059 0x06d0 [ 46A4C211E4F3C7A1F93C6062B788D27F, D1D101C67D168700AFA33DE438B37D05A2996170B8115787F95AAD4479442DB0 ] C:\Program Files\Realtek
\Audio\HDA\RAVBg64.exe
18:35:12.0099 0x06d0 RtHDVBg - ok
18:35:12.0099 0x06d0 SynTPEnh - ok
18:35:12.0099 0x06d0 SynBtnAsst - ok
18:35:12.0139 0x06d0 [ 76E56EE1921C5DE8C69AAF2220272A9F, 1B178E48A85D5D5A9B8A2D081C7DB550E5E0117F9F3DE21A97201E578A72CF64 ] C:\Windows
\system32\igfxtray.exe
18:35:12.0149 0x06d0 IgfxTray - ok
18:35:12.0169 0x06d0 [ A683CA4604AF97CB44838EAB81531CB3, C1F6A678E68161ACC0AC143BADD74063F4A9EB22281B799F30BAC5A918418505 ] C:\Windows
\system32\hkcmd.exe
18:35:12.0209 0x06d0 HotKeysCmds - ok
18:35:12.0219 0x06d0 [ 34C90ABFE83BFECC78B96A85495AA123, 4EDC681B7A188B4A3EB6438BB8C2C39C1D6C823A88CD9017E30469F1E8938C19 ] C:\Windows
\system32\igfxpers.exe
18:35:12.0249 0x06d0 Persistence - ok
18:35:12.0529 0x06d0 [ BA6517EFB58211F7099DA96B52E2AB99, 8373D24FACABA09CA38AC32D7D5AE934FB5321F455C45D61374BC9CD38FA766F ] C:\Program Files
(x86)\Lenovo\Energy Management\utility.exe
18:35:12.0649 0x06d0 EnergyUtility - ok
18:35:12.0849 0x06d0 [ 1C355B3B3DA5AA2FD2C8887F43799F4E, 13669D5F8376909744F1E2FE1A525095386E5F0E25B6B06A24643E1B5F59BC3A ] C:\Program Files
(x86)\Lenovo\Energy Management\Energy Management.exe
18:35:13.0019 0x06d0 Energy Management - ok
18:35:13.0109 0x06d0 [ 1E2FECB9A6D4C969A3CFDD2A3BDB2824, A3D01DB0413CB83624A58A93F51A09DE6D7580F12CDA23E49ED1AD9CE49AC68C ] C:\Program Files
(x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:35:13.0309 0x06d0 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
18:35:15.0729 0x06d0 Detect skipped due to KSN trusted
18:35:15.0729 0x06d0 StartCCC - ok
18:35:15.0789 0x06d0 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files
(x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe
18:35:15.0859 0x06d0 UCam_Menu - ok
18:35:15.0879 0x06d0 [ 829669A1818EDE521DE3E89C0FCD01F5, 9B04BB20F0FED9703ABF9C975C4910B69CB218428FD92FFEC7C049DEB4E49D49 ] C:\Program Files
(x86)\Lenovo\YouCam\YouCamTray.exe
18:35:15.0919 0x06d0 YouCam Mirror Tray icon - detected UnsignedFile.Multi.Generic ( 1 )
18:35:18.0329 0x06d0 Detect skipped due to KSN trusted
18:35:18.0329 0x06d0 YouCam Mirror Tray icon - ok
18:35:18.0399 0x06d0 [ DFC2F8E34E5D4C9C8EF88353B8457A45, 49C25AEBF09B13D7BE218332129E50A1DFF01F40D04FE36256E82926C93E8078 ] C:\Program Files
(x86)\PDF24\pdf24.exe
18:35:18.0459 0x06d0 PDFPrint - ok
18:35:18.0519 0x06d0 [ 2B282A4050FE3B4B70EF9E3070BBFF78, 019B667781F5CE411AEB569EAA4095FA2B9942E43A6A1DFC6EEBB2DA214131FE ] C:\Program Files
(x86)\FreePDF_XP\fpassist.exe
18:35:19.0019 0x06d0 FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
18:35:21.0429 0x06d0 Detect skipped due to KSN trusted
18:35:21.0429 0x06d0 FreePDF Assistant - ok
18:35:21.0489 0x06d0 [ FBC68240012DBECE2D80E28A0CE92864, 0533F82DD232FB89475764BC000B876A16ED70603C7D427994A45944C6BC8115 ] C:\PROGRAM FILES
(X86)\FAXTALK COMMUNICATOR\FTCtrl32.exe
18:35:21.0519 0x06d0 CallControl 4.7 - detected UnsignedFile.Multi.Generic ( 1 )
18:35:23.0929 0x06d0 CallControl 4.7 ( UnsignedFile.Multi.Generic ) - warning
18:35:26.0389 0x06d0 [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files
(x86)\Common Files\Java\Java Update\jusched.exe
18:35:26.0509 0x06d0 SunJavaUpdateSched - ok
18:35:26.0559 0x06d0 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files
(x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
18:35:26.0599 0x06d0 VirtualCloneDrive - ok
18:35:26.0729 0x06d0 [ B9261C796FBFEF94857E64A1763A145E, 1836738C5FF56EAB1F2591E8DB8C50A89662573E7BD1A36FB5E678BE19919FD0 ] C:\Program Files
(x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
18:35:26.0819 0x06d0 NBAgent - ok
18:35:26.0869 0x06d0 [ 7733088C1C9AF0D59A2E18095687AD0A, 79F82FEB231BACB849DD1D95B84B40731E3276202B489003038DE15AA765B65F ] C:\Program Files
(x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:35:26.0939 0x06d0 Avira SystrayStartTrigger - ok
18:35:27.0029 0x06d0 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files
(x86)\Avira\Antivirus\avgnt.exe
18:35:27.0069 0x06d0 avgnt - ok
18:35:27.0169 0x06d0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files
(x86)\Windows Sidebar\Sidebar.exe
18:35:27.0279 0x06d0 Sidebar - ok
18:35:27.0309 0x06d0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows
\System32\mctadmin.exe
18:35:27.0349 0x06d0 mctadmin - ok
18:35:27.0379 0x06d0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files
(x86)\Windows Sidebar\Sidebar.exe
18:35:27.0419 0x06d0 Sidebar - ok
18:35:27.0419 0x06d0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows
\System32\mctadmin.exe
18:35:27.0449 0x06d0 mctadmin - ok
18:35:28.0039 0x06d0 [ 40335C8877B6B84842AF03A40E1BB206, 33433ED8961B1AEEBD30F8DD53A541C711C403D019F1074406FF9C9D1E9F4113 ] C:\Program Files
\CCleaner\CCleaner64.exe
18:35:28.0299 0x06d0 CCleaner Monitoring - ok
18:35:28.0509 0x06d0 [ 40335C8877B6B84842AF03A40E1BB206, 33433ED8961B1AEEBD30F8DD53A541C711C403D019F1074406FF9C9D1E9F4113 ] C:\Program Files
\CCleaner\CCleaner64.exe
18:35:28.0709 0x06d0 CCleaner Monitoring - ok
18:35:28.0719 0x06d0 Waiting for KSN requests completion. In queue: 11
18:35:29.0719 0x06d0 Waiting for KSN requests completion. In queue: 11
18:35:30.0719 0x06d0 Waiting for KSN requests completion. In queue: 11
18:35:31.0129 0x1da0 Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:35:31.0719 0x06d0 Waiting for KSN requests completion. In queue: 11
18:35:32.0719 0x06d0 Waiting for KSN requests completion. In queue: 11
18:35:33.0699 0x1da0 Object send P2P result: true
18:35:34.0209 0x06d0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled :
updated )
18:35:34.0289 0x06d0 AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
\11.9.696.8769\AdAwareSecurityCenter.exe ( 11.9.696.8769 ), 0x41000 ( enabled : updated )
18:35:34.0299 0x06d0 FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
\11.9.696.8769\AdAwareSecurityCenter.exe ( 11.9.696.8769 ), 0x41010 ( enabled )
18:35:36.0679 0x06d0 ============================================================
18:35:36.0679 0x06d0 Scan finished
18:35:36.0679 0x06d0 ============================================================
18:35:36.0689 0x1048 Detected object count: 2
18:35:36.0689 0x1048 Actual detected object count: 2
18:39:45.0291 0x1048 AVerUpdateServer ( UnsignedFile.Multi.Generic ) - skipped by user
18:39:45.0291 0x1048 AVerUpdateServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:39:45.0291 0x1048 CallControl 4.7 ( UnsignedFile.Multi.Generic ) - skipped by user
18:39:45.0291 0x1048 CallControl 4.7 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
08.01.2016, 16:21
| #6 | |
| /// TB-Ausbilder | Fremdzugriff Trojaner, PUP.Optional.MindSpake? Servus, ich hätte da mal eine Frage (ist nicht böse gemeint, nur zu meinem Verständnis): Liest du dir meine Anleitungen auch sorgfältig durch oder machst du es so, wie du meinst? Es scheint leider eher letzteres der Fall zu sein. Bitte beachten: Zitat:
1. Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. 2. Alle Programme sind als Administrator auszuführen, da nur so eine Bereinigung erfolgreich ist. Ohne Administratorrechte haben wir hier kaum eine Chance. FRST und TDSS-Killer nochmal, unter Beachtung der oben geannten Punkte. |
|
12.01.2016, 14:11
| #7 |
| /// TB-Ausbilder | Fremdzugriff Trojaner, PUP.Optional.MindSpake? Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Fremdzugriff Trojaner, PUP.Optional.MindSpake? |
| angezeigt, anlage, außen, benötigte, eingefangen, fehler, firefox, fremdeingriffe, gelöscht, greift, lange, melde, professional, programme, pup.optional.mindspake, quarantäne, rechner, reinigen, sauber, surfen, thunderbird, trojaner, trojanerinfekt, unerwünschte, windows 7, wirklich, zeichen, zugang, zugriff |
Linear-Darstellung
