| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7 Professional: Browser mit Malware infiziert: "klicken sie hier um weiter mit advertise"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.05.2016, 09:15
| #1 |
| |  Windows 7 Professional: Browser mit Malware infiziert: "klicken sie hier um weiter mit advertise" Hallo, Ich habe ein Problem, das hier im Forum schon öfter behandelt wurde. Da ihr ja aber wiederholt darauf hinweist, nicht einfach zu machen was in anderen Threads zum gleichen Problem steht, hier mein eigenes Hilfegesuch: Sobald ich bei firefox auf einer x-beliebigen Internetseite bin, werden bestimmte Worte mit einem Werbe-Link versehen. Sobald ich den Curser darauf halte, bekomme ich die Meldung 'Klicken Sie hier um weiter mit Advertise'. Wie bekomme ich dieses Problem denn gelöst? ich benutze Avira, mein System ist Windows 7 professional 64-bit. Vielen Dank für Eure Hilfe! Gruß, Jonas |
|
17.05.2016, 09:36
| #2 |
| /// TB-Ausbilder   | Windows 7 Professional: Browser mit Malware infiziert: "klicken sie hier um weiter mit advertise" Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
17.05.2016, 10:26
| #3 |
| | frst.txtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-05-2016
durchgeführt von ThinkPad User (Administrator) auf T510 (17-05-2016 11:14:31)
Gestartet von C:\Users\ThinkPad User\Downloads
Geladene Profile: ThinkPad User (Verfügbare Profile: ThinkPad User)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Dropbox, Inc.) C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\ThinkPad User\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\ThinkPad User\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\ThinkPad User\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\ThinkPad User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\ThinkPad User\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [TpShocks] => C:\Windows\SYSTEM32\TpShocks.exe [380776 2009-12-11] (Lenovo.)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [cssauth] => C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [5990200 2011-06-10] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\Run: [Dropbox Update] => C:\Users\ThinkPad User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\Run: [Spotify Web Helper] => C:\Users\ThinkPad User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-16] (Spotify Ltd)
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\MountPoints2: D - D:\autorun.exe
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\MountPoints2: {0dc5cc77-aeb0-11e2-9ee2-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\MountPoints2: {33c8d0a4-1484-11e6-9a28-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\MountPoints2: {33c8d2b1-1484-11e6-9a28-f0def13adc6d} - D:\autorun.exe
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\MountPoints2: {4472f0e9-1833-11e6-b869-f0def13adc6d} - D:\autorun.exe
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\MountPoints2: {4472f0ed-1833-11e6-b869-f0def13adc6d} - D:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-27] (Microsoft Corporation)
Lsa: [Notification Packages] scecli ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-09-10]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\ThinkPad User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{113E9948-7F55-4BB1-A36A-19874BD76303}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{161F6716-3764-4C40-B02D-CAD864DCF8F0}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{271C5128-43B3-480A-A87B-3957A2C01E2D}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {D6E03BDC-869B-4B04-A6F8-09FE6F9E35DB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {D6E03BDC-869B-4B04-A6F8-09FE6F9E35DB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKLM-x32 -> DefaultScope {833EF57C-4A46-4234-B197-114A2A42D0D5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {833EF57C-4A46-4234-B197-114A2A42D0D5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000 -> DefaultScope {D6E03BDC-869B-4B04-A6F8-09FE6F9E35DB} URL =
SearchScopes: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000 -> {D6E03BDC-869B-4B04-A6F8-09FE6F9E35DB} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll => Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL => Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-14] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: IePasswordManagerHelper Class -> {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -> C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2011-06-10] (Lenovo Group Limited)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SYSTEM32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-14] (Oracle Corporation)
Toolbar: HKLM - Lenovo ThinkVantage Toolbox - {D5F11930-C4B8-4248-88C3-43621271B3FA} - C:\Program Files\PC-Doctor\ATLPcdToolbar.dll [2009-11-14] (PC-Doctor, Inc.)
Toolbar: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SYSTEM32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\ThinkPad User\AppData\Roaming\Mozilla\Firefox\Profiles\s52zlof5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-1267542494-2412197620-3535893226-1000: @acestream.net/acestreamplugin,version=3.0.11 -> C:\Users\ThinkPad User\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Extension: AS Magic Player - C:\Users\ThinkPad User\AppData\Roaming\Mozilla\Firefox\Profiles\s52zlof5.default\extensions\magicplayer_unlisted@acestream.org [2016-02-07]
FF Extension: Avira Browser Safety - C:\Users\ThinkPad User\AppData\Roaming\Mozilla\Firefox\Profiles\s52zlof5.default\Extensions\abs@avira.com [2016-05-13]
FF Extension: Adblock Plus - C:\Users\ThinkPad User\AppData\Roaming\Mozilla\Firefox\Profiles\s52zlof5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-07]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-13] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
S4 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [168448 2011-01-11] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
S4 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [131072 2011-01-11] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] ()
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (QUALCOMM, Inc.)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [985280 2015-08-12] (@ByELDI) [Datei ist nicht signiert]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited) [Datei ist nicht signiert]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-06] (Lenovo Group Limited)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-13] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-02-16] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
S3 mtkmbim; C:\Windows\System32\DRIVERS\mtkmbim7_x64.sys [209920 2015-08-16] (MBB) [Datei ist nicht signiert]
S3 qcfilterlno2k; C:\Windows\System32\DRIVERS\qcfilterlno2k.sys [6400 2009-12-08] (QUALCOMM Incorporated)
S3 qcusbnetlno2k; C:\Windows\System32\DRIVERS\qcusbnetlno2k.sys [444416 2011-05-23] (QUALCOMM Incorporated)
S3 qcusbserlno2k; C:\Windows\System32\DRIVERS\qcusbserlno2k.sys [231040 2011-05-23] (QUALCOMM Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [12728 2009-09-30] ()
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [82944 2015-08-16] (MBB) [Datei ist nicht signiert]
S3 PCDSRVC{184E4FA0-DE8C26D4-06000000}_0; \??\c:\progra~1\pc-doc~1\pcdsrvc_x64.pkms [X]
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-17 11:14 - 2016-05-17 11:15 - 00026006 _____ C:\Users\ThinkPad User\Downloads\FRST.txt
2016-05-17 11:13 - 2016-05-17 11:14 - 00000000 ____D C:\FRST
2016-05-17 11:13 - 2016-05-17 11:13 - 02382336 _____ (Farbar) C:\Users\ThinkPad User\Downloads\FRST64.exe
2016-05-16 11:38 - 2016-05-16 11:38 - 00849656 _____ C:\Users\ThinkPad User\Downloads\Zooschule_DINlang_web.pdf
2016-05-13 18:05 - 2016-05-13 18:05 - 00000000 ____D C:\eb20661e3abd7c1a042d0889
2016-05-13 12:24 - 2016-05-13 12:24 - 00000000 ____D C:\ProgramData\WEBREG
2016-05-13 12:23 - 2016-05-13 12:35 - 00000000 ____D C:\Users\ThinkPad User\AppData\Roaming\HP
2016-05-13 12:23 - 2016-05-13 12:23 - 00000000 ____D C:\Users\ThinkPad User\AppData\Local\HP
2016-05-13 12:03 - 2016-05-13 12:03 - 00000000 ____D C:\Windows\Hewlett-Packard
2016-05-13 12:03 - 2016-05-13 12:03 - 00000000 ____D C:\Users\ThinkPad User\AppData\Roaming\HpUpdate
2016-05-13 11:57 - 2016-05-15 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-13 11:57 - 2016-05-13 11:57 - 00002006 _____ C:\Users\Public\Desktop\HP ePrinterCenter.lnk
2016-05-13 11:54 - 2016-05-15 10:57 - 00000000 ____D C:\Program Files (x86)\HP
2016-05-13 11:54 - 2009-10-21 15:39 - 00138752 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l101.dll
2016-05-13 11:50 - 2016-05-13 11:50 - 00000000 ____D C:\Program Files\HP
2016-05-13 11:49 - 2016-05-14 17:52 - 00000000 ____D C:\ProgramData\HP
2016-05-13 11:49 - 2016-05-13 12:23 - 00231610 _____ C:\Windows\hpoins47.dat
2016-05-13 11:49 - 2009-12-02 01:00 - 00000601 ____N C:\Windows\hpomdl47.dat
2016-05-13 11:49 - 2009-10-22 16:55 - 00643200 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2016-05-13 11:49 - 2009-09-11 09:44 - 01408000 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_p04b.dll
2016-05-13 11:49 - 2009-09-11 09:44 - 01175552 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_p04b.dll
2016-05-13 11:49 - 2009-09-11 09:44 - 00521216 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_p04a.dll
2016-05-13 11:44 - 2016-05-13 11:46 - 152705624 _____ C:\Users\ThinkPad User\Downloads\PS_AIO_07_B110_USW_Full_Win_WW_140_126-4(1).exe
2016-05-13 11:43 - 2016-05-13 11:43 - 00000104 _____ C:\Users\ThinkPad User\Downloads\PS_AIO_07_B110_USW_Full_Win_WW_140_126-4.exe
2016-05-13 11:25 - 2016-05-13 11:25 - 06179278 _____ C:\Users\ThinkPad User\Downloads\[A-70-709] Secretary-General's Report for WHS.pdf
2016-05-13 11:24 - 2016-05-13 11:25 - 00770448 _____ C:\Users\ThinkPad User\Downloads\[HLP Report] Too important to fail—addressing the humanitarian financing gap.pdf
2016-05-13 11:24 - 2016-05-13 11:24 - 01809732 _____ C:\Users\ThinkPad User\Downloads\Restoring Humanity_ Synthesis of the Consultation Process for the World Humanitarian Summit.pdf
2016-05-13 11:24 - 2016-05-13 11:24 - 00071870 _____ C:\Users\ThinkPad User\Downloads\WHS Synthesis Report Executive Summary.pdf
2016-05-13 07:53 - 2016-05-13 07:53 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-11 23:58 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 23:58 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 23:58 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 23:58 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 23:58 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 23:58 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 23:58 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 23:58 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 23:58 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 23:58 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 23:58 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 23:58 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 23:58 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 23:58 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 23:58 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 23:58 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 23:58 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 23:58 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 23:58 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 23:58 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 23:58 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 23:58 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 23:58 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 23:58 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 23:58 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 23:58 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 23:58 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 23:58 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 23:58 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 23:58 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 23:58 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 23:58 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 23:58 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 23:58 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 23:58 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 23:58 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 23:58 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 23:58 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 23:58 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 23:58 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 23:58 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 23:58 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 23:58 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 23:58 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 23:58 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 23:58 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 23:58 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 23:58 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 23:58 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 23:58 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 23:58 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 23:58 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 23:58 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 23:58 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 23:58 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 23:58 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 23:58 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 23:58 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 23:58 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 23:58 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 23:58 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 23:57 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 23:57 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 23:57 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 23:57 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 23:57 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 23:57 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 23:57 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 23:57 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 23:57 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 23:57 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 23:57 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 23:57 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 23:57 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 23:57 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 23:57 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 23:57 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 23:57 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 23:57 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 23:56 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 23:56 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 23:56 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 23:56 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-11 23:56 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 23:56 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 23:56 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 23:56 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 23:56 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 23:56 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 23:56 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 23:56 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 23:56 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 23:56 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 23:56 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 23:56 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 23:56 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 23:56 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 23:56 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 23:56 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 23:56 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 23:56 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 23:56 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 23:56 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 23:56 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 23:56 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 23:56 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 23:56 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-11 23:02 - 2016-05-11 23:02 - 00000000 ____D C:\Users\ThinkPad User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-07 22:02 - 2016-05-09 20:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 21:26 - 2016-05-07 21:29 - 00000000 ____D C:\ProgramData\HandSetService
2016-05-07 21:26 - 2016-05-07 21:26 - 00001006 _____ C:\Users\Public\Desktop\HiSuite.lnk
2016-05-07 21:26 - 2016-05-07 21:26 - 00000000 ____D C:\Users\ThinkPad User\Documents\HiSuite
2016-05-07 21:26 - 2016-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2016-05-07 21:26 - 2016-05-07 21:26 - 00000000 ____D C:\ProgramData\HiSuiteOuc
2016-05-07 21:25 - 2016-02-16 11:04 - 02152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2016-05-07 21:25 - 2016-02-16 11:04 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2016-05-07 21:25 - 2016-02-16 11:04 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2016-05-07 21:25 - 2016-02-16 11:04 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2016-05-07 21:25 - 2016-02-16 11:04 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2016-05-07 21:25 - 2016-02-16 11:04 - 00126592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2016-05-07 21:25 - 2016-02-16 11:04 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2016-05-07 21:25 - 2016-02-16 11:04 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-05-07 21:25 - 2016-02-16 11:04 - 00018816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2016-05-07 21:11 - 2016-05-07 21:26 - 00000000 ____D C:\Program Files (x86)\HiSuite
2016-05-07 21:09 - 2016-05-07 21:29 - 00000000 ____D C:\Users\ThinkPad User\AppData\Local\Hisuite
2016-05-07 21:03 - 2016-05-07 21:04 - 26408013 _____ C:\Users\ThinkPad User\Downloads\hisuite_4.0.4.204.rar
2016-04-19 21:33 - 2016-05-08 17:04 - 00000000 ____D C:\Users\ThinkPad User\Desktop\Ecuador
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-17 11:15 - 2015-10-29 23:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-17 11:11 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-17 11:11 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-17 10:48 - 2015-06-20 15:14 - 00001256 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1267542494-2412197620-3535893226-1000UA.job
2016-05-17 10:25 - 2015-02-25 23:46 - 00000000 ____D C:\Users\ThinkPad User\AppData\Roaming\Skype
2016-05-17 10:04 - 2015-02-26 08:59 - 00000000 ____D C:\Users\ThinkPad User\AppData\Roaming\Spotify
2016-05-17 10:02 - 2015-06-20 15:14 - 00001204 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1267542494-2412197620-3535893226-1000Core.job
2016-05-17 09:58 - 2013-04-27 08:57 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{84BF4266-E12A-4983-9527-1C1D992F97F9}
2016-05-16 22:25 - 2015-02-26 09:35 - 00000000 ____D C:\Users\ThinkPad User\AppData\Local\Spotify
2016-05-16 19:57 - 2016-03-15 09:21 - 00012066 _____ C:\Users\ThinkPad User\Desktop\offene bestellungen.xlsx
2016-05-16 19:08 - 2013-04-26 22:50 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2016-05-16 19:01 - 2015-03-09 20:52 - 00000000 ___RD C:\Users\ThinkPad User\Dropbox
2016-05-16 18:57 - 2013-04-26 22:54 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-16 18:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-16 17:10 - 2015-03-09 22:11 - 00000000 ____D C:\Users\ThinkPad User\AppData\Roaming\.ACEStream
2016-05-16 12:00 - 2013-04-26 22:49 - 00000340 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-05-15 00:57 - 2015-02-26 22:46 - 00000000 ____D C:\Users\ThinkPad User\AppData\Local\Last.fm
2016-05-14 19:58 - 2015-07-02 01:04 - 00000000 ____D C:\ProgramData\Oracle
2016-05-14 19:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-14 19:05 - 2015-03-09 22:12 - 00000000 ___HD C:\_acestream_cache_
2016-05-14 18:35 - 2015-07-02 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-14 18:35 - 2013-04-27 10:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-14 18:34 - 2015-09-04 20:12 - 00000000 ____D C:\Users\ThinkPad User\.oracle_jre_usage
2016-05-14 18:33 - 2013-04-27 10:08 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-14 18:17 - 2013-04-26 14:27 - 00111536 _____ C:\Users\ThinkPad User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 18:14 - 2013-04-26 23:17 - 00699666 _____ C:\Windows\system32\perfh007.dat
2016-05-14 18:14 - 2013-04-26 23:17 - 00149774 _____ C:\Windows\system32\perfc007.dat
2016-05-14 18:14 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-14 18:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-14 18:08 - 2009-07-14 06:45 - 00434712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 18:03 - 2015-02-27 08:28 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-14 18:03 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-14 17:53 - 2015-02-25 09:47 - 00000000 ____D C:\Users\ThinkPad User\Documents\Rezepte
2016-05-14 12:03 - 2015-02-27 04:03 - 00000000 ____D C:\Windows\system32\MRT
2016-05-14 11:34 - 2013-04-26 15:48 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-14 11:14 - 2015-06-26 22:28 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-13 17:44 - 2016-02-11 05:41 - 00000000 ____D C:\Users\ThinkPad User\Desktop\Arche noVa
2016-05-13 12:49 - 2015-09-05 08:15 - 00001149 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-05-13 12:48 - 2015-06-26 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-13 12:23 - 2013-04-26 22:45 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2016-05-13 12:23 - 2009-07-14 04:34 - 00000513 _____ C:\Windows\win.ini
2016-05-13 10:45 - 2015-06-26 22:37 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-05-13 10:45 - 2015-06-26 22:37 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-05-13 07:53 - 2015-10-29 23:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 07:53 - 2015-02-26 00:30 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 07:53 - 2015-02-26 00:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-12 15:06 - 2015-02-25 09:47 - 00000000 ____D C:\Users\ThinkPad User\Documents\Musik
2016-05-11 23:02 - 2015-03-09 20:49 - 00000000 ____D C:\Users\ThinkPad User\AppData\Roaming\Dropbox
2016-05-09 20:24 - 2015-02-25 23:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-09 08:43 - 2015-04-04 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-09 08:43 - 2015-04-04 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-07 21:29 - 2013-04-26 22:44 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-05-07 21:25 - 2014-09-10 15:36 - 00003020 _____ C:\Windows\System32\Tasks\PMTask
2016-05-07 21:24 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2016-04-21 22:10 - 2009-07-14 07:08 - 00032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-18 21:12 - 2015-02-25 09:48 - 00000000 ____D C:\Users\ThinkPad User\Documents\ASB
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-05-13 11:49 - 2016-05-15 11:17 - 0006462 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\ThinkPad User\AppData\Local\Temp\avgnt.exe
C:\Users\ThinkPad User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt87ct0.dll
C:\Users\ThinkPad User\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\ThinkPad User\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ThinkPad User\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\ThinkPad User\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\ThinkPad User\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\ThinkPad User\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\ThinkPad User\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\ThinkPad User\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\ThinkPad User\AppData\Local\Temp\mfc80.dll
C:\Users\ThinkPad User\AppData\Local\Temp\mfc80u.dll
C:\Users\ThinkPad User\AppData\Local\Temp\mfcm80.dll
C:\Users\ThinkPad User\AppData\Local\Temp\mfcm80u.dll
C:\Users\ThinkPad User\AppData\Local\Temp\msvcm80.dll
C:\Users\ThinkPad User\AppData\Local\Temp\msvcp80.dll
C:\Users\ThinkPad User\AppData\Local\Temp\msvcr80.dll
C:\Users\ThinkPad User\AppData\Local\Temp\OfficeSetup.exe
C:\Users\ThinkPad User\AppData\Local\Temp\OSU.exe
C:\Users\ThinkPad User\AppData\Local\Temp\rnsetup0.exe
C:\Users\ThinkPad User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ThinkPad User\AppData\Local\Temp\stubhelper.dll
C:\Users\ThinkPad User\AppData\Local\Temp\Uni000.exe
C:\Users\ThinkPad User\AppData\Local\Temp\Uninstaller.exe
C:\Users\ThinkPad User\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\ThinkPad User\AppData\Local\Temp\WTGXMLUtil.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-08 00:52
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-05-2016
durchgeführt von ThinkPad User (2016-05-17 11:17:54)
Gestartet von C:\Users\ThinkPad User\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-04-26 12:26:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1267542494-2412197620-3535893226-500 - Administrator - Disabled)
Gast (S-1-5-21-1267542494-2412197620-3535893226-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1267542494-2412197620-3535893226-1002 - Limited - Enabled)
ThinkPad User (S-1-5-21-1267542494-2412197620-3535893226-1000 - Administrator - Enabled) => C:\Users\ThinkPad User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Access Help (HKLM-x32\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.01 - Lenovo)
Ace Stream Media 3.0.11 (HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\AceStream) (Version: 3.0.11 - Ace Stream Media) <==== ACHTUNG
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Banana Buchhaltung 4.0 (HKLM-x32\...\Banana Buchhaltung 4.0) (Version: Banana Buchhaltung 4.0 - Banana.ch SA)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Client Security - Password Manager (HKLM\...\{3FD730D4-755F-439B-8082-B55E00924A44}) (Version: 8.30.0049.00 - Lenovo Group Limited)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
Disable AMT Profile Synchronization Pop-up for Windows Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version: - SEIKO EPSON Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
Integrated Camera Driver Installer Package Ver.1.1.0.48 (HKLM-x32\...\{C3CD17B4-08B0-492D-8A4C-81716D33E520}) (Version: 1.1.0.48 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.3 - Intel)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
InterVideo WinDVD 8 (HKLM-x32\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.157 - InterVideo Inc.)
InterVideo WinDVD 8 (x32 Version: 8.0.20.157 - InterVideo Inc.) Hidden
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Lenovo Patch Utility (x32 Version: 1.3.2.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.00 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5396.31 - PC-Doctor, Inc.)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0003.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.0.020.0 - Lenovo)
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Broadband Connect (HKLM-x32\...\{9202762E-4B4C-48C9-A6CC-C27F9F85190A}) (Version: 3.5.0010 - Lenovo)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.12133 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4433.1508 - Microsoft Corporation) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Qualcomm Gobi 2000 Package for Lenovo (HKLM-x32\...\{666C9123-1AEC-446F-8AA8-28256B1953D4}) (Version: 1.1.250 - QUALCOMM)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM-x32\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{8C7750D1-ADE6-4DAD-A54E-871EB2ABFE98}) (Version: 2.50 - Lenovo)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Intel (e1kexpress) Net (12/01/2009 11.5.7.0) (HKLM\...\B65F6B58F0E37352721284FE7F009532B5DF1D2C) (Version: 12/01/2009 11.5.7.0 - Intel)
Windows Driver Package - Intel System (06/04/2009 1.0.0.0002) (HKLM\...\E7B58217635B8F723D4744A328A4B3237DB35FA9) (Version: 06/04/2009 1.0.0.0002 - Intel)
Windows Driver Package - Intel System (10/28/2009 9.1.1.1022) (HKLM\...\098EBB26BF07167AB12D1575EC24F883F9435E59) (Version: 10/28/2009 9.1.1.1022 - Intel)
Windows Driver Package - Intel System (10/28/2009 9.1.1.1022) (HKLM\...\573C3C32A1DB5625CA00E633E584E8A0E6383672) (Version: 10/28/2009 9.1.1.1022 - Intel)
Windows Driver Package - Intel USB (08/20/2009 9.1.1.1020) (HKLM\...\A7B0B8D913E4DC2FA0B31E392E1512A901CA66B9) (Version: 08/20/2009 9.1.1.1020 - Intel)
Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (HKLM\...\114EB224AD576F278686036AA9E1EFB7847E3935) (Version: 11/18/2009 1.60.0.4 - Lenovo)
Windows Driver Package - Ricoh Company MS Host Controller (10/26/2009 6.10.02.07) (HKLM\...\FD5ED5E16405CDAA5385DE461B9E5379F91ACCCF) (Version: 10/26/2009 6.10.02.07 - Ricoh Company)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1267542494-2412197620-3535893226-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16D1A01A-92BA-42EE-8312-C379333164DF} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {2E21AD8D-295A-4DFD-9FE9-991EBE93772E} - System32\Tasks\{B3C35B90-15F7-49FB-986C-EC561BDCBEE9} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.1.0.105&LastError=12002
Task: {380BFC96-14F3-41F1-9679-37EF8AF63364} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2009-08-28] (Lenovo Limited Group Corporation)
Task: {389B6944-202A-4A4E-9D67-8D540220363C} - System32\Tasks\{55B3AF97-8850-40BE-BF58-A2629937270D} => pcalua.exe -a C:\Users\THINKP~1\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {49B5AC7B-1251-4AB2-9B33-B410B7239D8B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\pcdlauncher.exe [2009-11-14] (PC-Doctor, Inc.)
Task: {54D3FEA9-580D-47C1-B5C5-67767A69714F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2016-02-10] ()
Task: {576AB4FA-90A9-4F71-8681-FE2C4D88DF36} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2009-08-28] (Lenovo Limited Group Corporation)
Task: {59572DDF-27E2-413F-9FFB-887C8BBDF04C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {79ACD0CE-62DD-444B-88D8-A7239D1B6455} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1267542494-2412197620-3535893226-1000UA => C:\Users\ThinkPad User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {905C03D4-27DA-4754-9D26-F042581725AC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1267542494-2412197620-3535893226-1000Core => C:\Users\ThinkPad User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {94566492-7C31-4558-91ED-4DD7933FFFCD} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe [2009-08-28] ()
Task: {AEE2ACBE-23F2-42B4-A6A5-A31FBC1048DD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {AF669319-0801-40C2-A322-2452161967EE} - System32\Tasks\TVT\TVSUUpdateTask_Login => C:\Program Files (x86)\Lenovo\System Update\ConfigScheduledTask.exe [2016-01-13] ()
Task: {B3A8B6D6-CE1D-4739-8DB1-921082EFD93D} - System32\Tasks\{FE980DCA-2D73-42D2-98B1-2763447DC7D8} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.85.101/de/abandoninstall?page=tsProgressBar
Task: {B5BDD1A8-A086-439A-BF3C-2A11877FEDFB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {BF115B6E-78C0-45F5-9D1A-048AC1770211} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {C4D1D9DE-FE6D-4565-8B5F-BA48CF8D2CC0} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-12] (@ByELDI)
Task: {C596F8A0-1271-4F70-A71F-43374011345F} - System32\Tasks\{6EEEDD50-F0E3-4681-8EC5-39AF971C68A5} => pcalua.exe -a "c:\program files (x86)\real\realplayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|18.0
Task: {F339F63F-604B-494A-BCAD-AE2F961FC358} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()
Task: {F6A53EF7-CF98-4131-80F1-2F04A6716DB8} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe [2009-11-14] (PC-Doctor, Inc.)
Task: {F841F088-AAED-4763-B6DB-738CE4C95459} - System32\Tasks\TVT\TVSUUpdateTask_Weekly => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()
Task: {FCB3CB63-89AC-47A4-82FA-ABF484104A25} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1267542494-2412197620-3535893226-1000Core.job => C:\Users\ThinkPad User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1267542494-2412197620-3535893226-1000UA.job => C:\Users\ThinkPad User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\pcdlauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-04-26 15:27 - 2013-01-10 23:36 - 00087328 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-07 21:26 - 2016-02-16 11:04 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2016-02-10 06:27 - 2003-04-18 13:06 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2016-02-10 06:27 - 2010-04-10 03:03 - 00077824 _____ () C:\Windows\KMService.exe
2010-01-09 14:17 - 2010-01-09 14:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-20 19:40 - 2010-01-20 19:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-05-07 21:24 - 2016-04-14 06:08 - 00119808 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-10-24 07:33 - 2012-01-10 13:12 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2016-04-14 04:08 - 2016-04-19 21:47 - 00034768 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-05-11 23:02 - 2016-04-19 21:48 - 00019408 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-05-11 23:02 - 2016-04-19 21:47 - 00116688 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-04-14 04:08 - 2016-04-19 21:47 - 00093640 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-04-14 04:08 - 2016-04-19 21:47 - 00018376 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\select.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00019760 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00105928 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-05-11 23:02 - 2016-04-19 21:47 - 00392144 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-04-14 04:08 - 2016-05-07 00:35 - 00381752 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-04-14 04:08 - 2016-04-19 21:47 - 00692688 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00020816 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-04-14 04:08 - 2016-04-19 21:48 - 00121296 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 01682760 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00020808 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00021840 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00038696 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-05-11 23:02 - 2016-04-19 21:49 - 00020936 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00024528 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00114640 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00124880 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00021832 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00024016 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00175560 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00030160 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00043472 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00028616 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00048592 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00026456 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00057808 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00024016 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00117056 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00052024 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-04-14 04:08 - 2016-04-19 21:47 - 00134608 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-05-11 23:02 - 2016-04-19 21:47 - 00134088 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-05-11 23:02 - 2016-04-19 21:48 - 00240584 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00020800 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00021824 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00019776 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00020800 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00024392 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-05-11 23:02 - 2016-04-19 21:50 - 00036296 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\librsync.dll
2016-05-11 23:02 - 2016-05-07 00:34 - 00020280 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00023376 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00350152 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00022352 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00084280 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-05-11 23:02 - 2016-05-07 00:34 - 01826096 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-04-14 04:08 - 2016-04-19 21:48 - 00083912 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\sip.pyd
2016-05-11 23:02 - 2016-05-07 00:35 - 03928880 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 01971504 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00531248 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-05-11 23:02 - 2016-05-07 00:35 - 00132912 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-05-11 23:02 - 2016-05-07 00:35 - 00223544 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-05-11 23:02 - 2016-05-07 00:34 - 00207672 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-14 04:08 - 2016-04-19 21:49 - 00060880 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-04-14 04:08 - 2016-05-07 00:35 - 00024904 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-05-11 23:02 - 2016-05-07 00:35 - 00546096 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-05-11 23:02 - 2016-05-07 00:35 - 00357680 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-05-11 23:02 - 2016-04-19 21:51 - 00017864 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-05-11 23:02 - 2016-04-19 21:51 - 01631184 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-04-14 04:07 - 2016-04-19 21:53 - 00697304 _____ () C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2010-01-09 14:18 - 2010-01-09 14:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-20 19:34 - 2010-01-20 19:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-04-08 10:09 - 2016-04-08 10:10 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-04-08 10:09 - 2016-04-08 10:10 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-03-15 10:42 - 2016-05-16 22:24 - 47503472 _____ () C:\Users\ThinkPad User\AppData\Roaming\Spotify\libcef.dll
2015-03-15 10:42 - 2016-05-16 22:24 - 01584240 _____ () C:\Users\ThinkPad User\AppData\Roaming\Spotify\libglesv2.dll
2015-03-15 10:42 - 2016-05-16 22:24 - 00082032 _____ () C:\Users\ThinkPad User\AppData\Roaming\Spotify\libegl.dll
2010-01-09 14:18 - 2010-01-09 14:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1267542494-2412197620-3535893226-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ThinkPad User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: EPSON_EB_RPCV4_04 => 2
MSCONFIG\Services: EPSON_PM_RPCV4_04 => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: RealPlayerUpdateSvc => 2
MSCONFIG\Services: RealTimes Desktop Service => 2
MSCONFIG\Services: SCardSvr => 2
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ThinkPad User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AceUpdater => C:\Users\ThinkPad User\AppData\Roaming\ACEStream\updater\ace_update.exe
MSCONFIG\startupreg: AceWebExtensionUpdater => C:\Users\ThinkPad User\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: EPSON SX235 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\THINKP~1\AppData\Local\Temp\E_S8A8D.tmp" /EF "HKCU"
MSCONFIG\startupreg: EPSON2CFAF5 (Epson Stylus SX235) => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\THINKP~1\AppData\Local\Temp\E_S8955.tmp" /EF "HKCU"
MSCONFIG\startupreg: Message Center Plus => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start
MSCONFIG\startupreg: PWMTRV => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\ThinkPad User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8D2AC539-036F-49B6-97B7-C2291FDB34F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{73D85289-96E6-4118-87E0-64FD68D15026}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4A62F517-3DBD-4197-8015-8B8F46966E8B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{30B87B72-7D7F-4651-88B9-F4503AE30E8A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{EFD08CAF-9421-431B-B2CE-B695628EA23B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EB6174EA-D1A7-4BCE-97D4-9779A9C7ADD8}C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D28639EF-D1E6-4F9D-B567-AE3E429882F8}C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{100AF98B-B5B6-46B4-BDCF-4CB5DB02B802}] => (Allow) C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7C0CD852-2904-43B5-BA0C-5C8628EDFBD4}] => (Allow) C:\Users\ThinkPad User\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DA798E4-1DDC-4882-B2F4-E29E0F4450DF}C:\users\thinkpad user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thinkpad user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E28C12AC-2A24-444B-94CA-9F9B3038BD18}C:\users\thinkpad user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thinkpad user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{75E4B10B-A084-4673-8622-EA770A6FBEBB}C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{ED1D75E8-CB29-42E3-A94F-5FCB879991FB}C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [TCP Query User{7C6C37E2-00F8-4A5F-9899-014E227D8CDE}C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{21E64749-5DDB-4925-AA47-CBB92D9ED373}C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6DDD67D9-8F20-404B-B245-638011E55067}C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [UDP Query User{F1CB78CC-B5AA-4F43-A8FB-068E070C64A3}C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\thinkpad user\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{F97C913E-6DA6-4BFE-9E14-2AC18CF81DF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5732FC8B-F234-4504-A551-B94F75D05F4C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7B469845-BFD7-479D-9623-BEDAA91ECBF2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{59FDB894-7DBB-4DC9-AFEA-92386FD730AC}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{2C0FAD83-08AE-4C8E-81C8-C2EB74CA34FE}] => (Allow) C:\Users\ThinkPad User\AppData\Local\Temp\7zS2200\setup\hpznui40.exe
FirewallRules: [{3A0E8BD4-7BAE-4157-B71A-192D526AA6D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C2944D7D-89CF-41EB-8782-4D4D0C81C82B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{DC107A8A-1108-47E4-821A-6F6477579CDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D12FF1B6-DDF9-424D-8A13-E9074BFF79C8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{492C4D1A-9307-44AD-8C0D-1CD1BC947286}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{ECDCC596-994B-452F-AD75-2EBCD576ABE8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{02E62300-C56C-452A-B230-FC1E697D2401}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{70ED37B8-1C45-4881-8036-2F04E76829D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{F0353762-C47C-4C37-92DF-40011BC815C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{95A1ADEF-A820-4B60-8145-F996A6FA40E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{7102316C-E236-4520-8146-569DECD9549E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{66F0E78F-3484-4694-B348-AB80D22727C8}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{90096A42-0B0B-4D1A-82A3-9736612347CF}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{474B108A-D92B-4BBD-8AC1-5560E961D8FD}] => (Allow) LPort=1688
FirewallRules: [{AE7A27A0-EBDC-4713-8C3A-B3B554F63EF2}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{EA72D523-459B-43D8-B688-A67A912C92AA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
==================== Wiederherstellungspunkte =========================
14-05-2016 19:35:14 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/16/2016 10:09:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 15.0.1.0, Zeitstempel: 0x55cabc47
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a89c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000001a06d
ID des fehlerhaften Prozesses: 0xa24
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (05/16/2016 10:09:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Service_KMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
bei System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
bei System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].RemoveAt(Int32)
bei Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/15/2016 08:24:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HiSuite.exe, Version: 51.1.1.6, Zeitstempel: 0x56d7ebb7
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008af3e
ID des fehlerhaften Prozesses: 0x1aa4
Startzeit der fehlerhaften Anwendung: 0xHiSuite.exe0
Pfad der fehlerhaften Anwendung: HiSuite.exe1
Pfad des fehlerhaften Moduls: HiSuite.exe2
Berichtskennung: HiSuite.exe3
Error: (05/15/2016 08:23:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HiSuite.exe, Version: 51.1.1.6, Zeitstempel: 0x56d7ebb7
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008af3e
ID des fehlerhaften Prozesses: 0x2130
Startzeit der fehlerhaften Anwendung: 0xHiSuite.exe0
Pfad der fehlerhaften Anwendung: HiSuite.exe1
Pfad des fehlerhaften Moduls: HiSuite.exe2
Berichtskennung: HiSuite.exe3
Error: (05/14/2016 06:10:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 15.0.1.0, Zeitstempel: 0x55cabc47
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a89c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000001a06d
ID des fehlerhaften Prozesses: 0xb68
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Error: (05/14/2016 06:10:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Service_KMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
bei System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
bei System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].RemoveAt(Int32)
bei Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/14/2016 06:05:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.23392, Zeitstempel: 0x56eb3627
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002928a
ID des fehlerhaften Prozesses: 0x1240
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (05/14/2016 11:12:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.3.0.0, Zeitstempel: 0x5036b2a4
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.3.0.0, Zeitstempel: 0x5036b1ea
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000020b2b
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Error: (05/13/2016 05:57:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HiSuite.exe, Version: 51.1.1.6, Zeitstempel: 0x56d7ebb7
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008af3e
ID des fehlerhaften Prozesses: 0x1c50
Startzeit der fehlerhaften Anwendung: 0xHiSuite.exe0
Pfad der fehlerhaften Anwendung: HiSuite.exe1
Pfad des fehlerhaften Moduls: HiSuite.exe2
Berichtskennung: HiSuite.exe3
Error: (05/13/2016 12:10:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HiSuite.exe, Version: 51.1.1.6, Zeitstempel: 0x56d7ebb7
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008af3e
ID des fehlerhaften Prozesses: 0x1eb8
Startzeit der fehlerhaften Anwendung: 0xHiSuite.exe0
Pfad der fehlerhaften Anwendung: HiSuite.exe1
Pfad des fehlerhaften Moduls: HiSuite.exe2
Berichtskennung: HiSuite.exe3
Systemfehler:
=============
Error: (05/16/2016 06:59:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/16/2016 06:58:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (05/16/2016 06:57:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/16/2016 06:40:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (05/16/2016 06:39:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7160A13D-73DA-4CEA-95B9-37356478588A}
Error: (05/16/2016 06:39:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {BEBA2AA5-B5A7-4DD3-9AD6-43B24CDD3B7D}
Error: (05/16/2016 06:39:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (05/16/2016 10:10:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/16/2016 03:02:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Avira.ServiceHost erreicht.
Error: (05/16/2016 03:02:08 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Avira.ServiceHost erreicht.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3891.67 MB
Verfügbarer physikalischer RAM: 1159.65 MB
Summe virtueller Speicher: 7781.53 MB
Verfügbarer virtueller Speicher: 3450.04 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:223.71 GB) (Free:19.6 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:8.01 GB) (Free:0.77 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 3C2B6862)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
17.05.2016, 10:36
| #4 |
| | Windows 7 Professional: Browser mit Malware infiziert: "klicken sie hier um weiter mit advertise" Hier der Logfile von TDSSkiller: Code:
ATTFilter 11:27:21.0539 0x1e6c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
11:27:27.0768 0x1e6c ============================================================
11:27:27.0768 0x1e6c Current date / time: 2016/05/17 11:27:27.0768
11:27:27.0768 0x1e6c SystemInfo:
11:27:27.0768 0x1e6c
11:27:27.0768 0x1e6c OS Version: 6.1.7601 ServicePack: 1.0
11:27:27.0768 0x1e6c Product type: Workstation
11:27:27.0768 0x1e6c ComputerName: T510
11:27:27.0769 0x1e6c UserName: ThinkPad User
11:27:27.0769 0x1e6c Windows directory: C:\Windows
11:27:27.0769 0x1e6c System windows directory: C:\Windows
11:27:27.0769 0x1e6c Running under WOW64
11:27:27.0769 0x1e6c Processor architecture: Intel x64
11:27:27.0770 0x1e6c Number of processors: 4
11:27:27.0770 0x1e6c Page size: 0x1000
11:27:27.0770 0x1e6c Boot type: Normal boot
11:27:27.0770 0x1e6c ============================================================
11:27:28.0280 0x1e6c KLMD registered as C:\Windows\system32\drivers\13485055.sys
11:27:29.0158 0x1e6c System UUID: {2D63B013-B454-3366-AF3B-6D791A37F2C4}
11:27:31.0142 0x1e6c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
11:27:31.0152 0x1e6c ============================================================
11:27:31.0152 0x1e6c \Device\Harddisk0\DR0:
11:27:31.0152 0x1e6c MBR partitions:
11:27:31.0152 0x1e6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
11:27:31.0152 0x1e6c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x1BF6A000
11:27:31.0152 0x1e6c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1C1C2800, BlocksNum 0x1003000
11:27:31.0152 0x1e6c ============================================================
11:27:31.0189 0x1e6c C: <-> \Device\Harddisk0\DR0\Partition2
11:27:31.0240 0x1e6c Q: <-> \Device\Harddisk0\DR0\Partition3
11:27:31.0241 0x1e6c ============================================================
11:27:31.0241 0x1e6c Initialize success
11:27:31.0241 0x1e6c ============================================================
11:30:22.0698 0x24a4 ============================================================
11:30:22.0698 0x24a4 Scan started
11:30:22.0698 0x24a4 Mode: Manual; SigCheck; TDLFS;
11:30:22.0698 0x24a4 ============================================================
11:30:22.0698 0x24a4 KSN ping started
11:30:25.0106 0x24a4 KSN ping finished: true
11:30:27.0534 0x24a4 ================ Scan system memory ========================
11:30:27.0534 0x24a4 System memory - ok
11:30:27.0534 0x24a4 ================ Scan services =============================
11:30:27.0771 0x24a4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:30:27.0928 0x24a4 1394ohci - ok
11:30:28.0047 0x24a4 [ 0839005949EA2DA7E9420A66614C6649, 2095EC5A6B545BCA20077B53AA7AEB4A00865DC035E22070400F91B068493D74 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
11:30:28.0077 0x24a4 5U877 - ok
11:30:28.0164 0x24a4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:30:28.0211 0x24a4 ACPI - ok
11:30:28.0299 0x24a4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:30:28.0346 0x24a4 AcpiPmi - ok
11:30:28.0511 0x24a4 [ C355E18A892271574976DFEC962A66C5, A3E13D15D5B54E77DF74592039E2056E926794B66E44E048BA90AB5006F4F5B7 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
11:30:28.0537 0x24a4 AcPrfMgrSvc - ok
11:30:28.0591 0x24a4 [ 59997CDE434376E03384C2659728DA17, C48FBAEF0FC58B22BB57C5B6650769BCF9D7AA8E556E93BB38A1E205D3DE9549 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
11:30:28.0663 0x24a4 AcSvc - ok
11:30:28.0907 0x24a4 [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:30:28.0938 0x24a4 AdobeFlashPlayerUpdateSvc - ok
11:30:29.0029 0x24a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:30:29.0076 0x24a4 adp94xx - ok
11:30:29.0147 0x24a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:30:29.0185 0x24a4 adpahci - ok
11:30:29.0241 0x24a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:30:29.0272 0x24a4 adpu320 - ok
11:30:29.0327 0x24a4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:30:29.0355 0x24a4 AeLookupSvc - ok
11:30:29.0446 0x24a4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
11:30:29.0505 0x24a4 AFD - ok
11:30:29.0564 0x24a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
11:30:29.0588 0x24a4 agp440 - ok
11:30:29.0624 0x24a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:30:29.0654 0x24a4 ALG - ok
11:30:29.0715 0x24a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
11:30:29.0736 0x24a4 aliide - ok
11:30:29.0792 0x24a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
11:30:29.0815 0x24a4 amdide - ok
11:30:29.0858 0x24a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:30:29.0910 0x24a4 AmdK8 - ok
11:30:29.0943 0x24a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:30:29.0970 0x24a4 AmdPPM - ok
11:30:30.0025 0x24a4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:30:30.0053 0x24a4 amdsata - ok
11:30:30.0094 0x24a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:30:30.0126 0x24a4 amdsbs - ok
11:30:30.0146 0x24a4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:30:30.0169 0x24a4 amdxata - ok
11:30:30.0244 0x24a4 [ 18A8E8A19CD826D31D2E74E740220001, C410291201006158D3D71C1DB91287BE518B444D818E6BEB7A1C5EFB79C3FCD5 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
11:30:30.0276 0x24a4 AMPPAL - ok
11:30:30.0311 0x24a4 [ 18A8E8A19CD826D31D2E74E740220001, C410291201006158D3D71C1DB91287BE518B444D818E6BEB7A1C5EFB79C3FCD5 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
11:30:30.0340 0x24a4 AMPPALP - ok
11:30:30.0509 0x24a4 [ B4837176B2DBBC8E3D6F31D4853EEAEB, 1860C603D9041612C455B72A29C234BFDC2C58C1CC896045E56D56E6D7A773A8 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:30:30.0609 0x24a4 AMPPALR3 - ok
11:30:30.0827 0x24a4 [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
11:30:30.0969 0x24a4 AntiVirMailService - ok
11:30:31.0076 0x24a4 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
11:30:31.0118 0x24a4 AntiVirSchedulerService - ok
11:30:31.0191 0x24a4 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
11:30:31.0233 0x24a4 AntiVirService - ok
11:30:31.0361 0x24a4 [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
11:30:31.0456 0x24a4 AntiVirWebService - ok
11:30:31.0546 0x24a4 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
11:30:31.0573 0x24a4 AppID - ok
11:30:31.0630 0x24a4 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:30:31.0653 0x24a4 AppIDSvc - ok
11:30:31.0713 0x24a4 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
11:30:31.0740 0x24a4 Appinfo - ok
11:30:31.0787 0x24a4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
11:30:31.0819 0x24a4 AppMgmt - ok
11:30:31.0872 0x24a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:30:31.0898 0x24a4 arc - ok
11:30:31.0927 0x24a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:30:31.0955 0x24a4 arcsas - ok
11:30:32.0112 0x24a4 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:30:32.0228 0x24a4 aspnet_state - ok
11:30:32.0269 0x24a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:32.0345 0x24a4 AsyncMac - ok
11:30:32.0418 0x24a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
11:30:32.0441 0x24a4 atapi - ok
11:30:32.0510 0x24a4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:30:32.0572 0x24a4 AudioEndpointBuilder - ok
11:30:32.0621 0x24a4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:30:32.0678 0x24a4 AudioSrv - ok
11:30:32.0733 0x24a4 [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
11:30:32.0761 0x24a4 avgntflt - ok
11:30:32.0797 0x24a4 [ C9BED3BDC39FBCAA77A88308355B237E, AFC74D4BF86FB695D7D31534C174D926C8ED57E7D8E98339CE3ED060AC3BB6D0 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
11:30:32.0827 0x24a4 avipbb - ok
11:30:32.0962 0x24a4 [ 125DFFF37D51A45A72934C3BF89A64CD, 19208A6544DC822D5010C835A6FA5E8AC5406CBFB277C4C9E034EF6309B113EE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
11:30:32.0995 0x24a4 Avira.ServiceHost - ok
11:30:33.0011 0x24a4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
11:30:33.0032 0x24a4 avkmgr - ok
11:30:33.0056 0x24a4 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
11:30:33.0083 0x24a4 avnetflt - ok
11:30:33.0162 0x24a4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:30:33.0202 0x24a4 AxInstSV - ok
11:30:33.0278 0x24a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:30:33.0339 0x24a4 b06bdrv - ok
11:30:33.0379 0x24a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:30:33.0417 0x24a4 b57nd60a - ok
11:30:33.0462 0x24a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:30:33.0491 0x24a4 BDESVC - ok
11:30:33.0518 0x24a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:30:33.0592 0x24a4 Beep - ok
11:30:33.0705 0x24a4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
11:30:33.0772 0x24a4 BFE - ok
11:30:33.0875 0x24a4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
11:30:34.0046 0x1b58 Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
11:30:34.0052 0x24a4 BITS - ok
11:30:34.0100 0x24a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:30:34.0127 0x24a4 blbdrive - ok
11:30:34.0188 0x24a4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:30:34.0226 0x24a4 bowser - ok
11:30:34.0254 0x24a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:30:34.0297 0x24a4 BrFiltLo - ok
11:30:34.0317 0x24a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:30:34.0348 0x24a4 BrFiltUp - ok
11:30:34.0388 0x24a4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
11:30:34.0421 0x24a4 Browser - ok
11:30:34.0453 0x24a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:30:34.0503 0x24a4 Brserid - ok
11:30:34.0521 0x24a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:30:34.0552 0x24a4 BrSerWdm - ok
11:30:34.0571 0x24a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:30:34.0602 0x24a4 BrUsbMdm - ok
11:30:34.0612 0x24a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:30:34.0637 0x24a4 BrUsbSer - ok
11:30:34.0697 0x24a4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
11:30:34.0741 0x24a4 BthEnum - ok
11:30:34.0764 0x24a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:30:34.0797 0x24a4 BTHMODEM - ok
11:30:34.0828 0x24a4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:30:34.0863 0x24a4 BthPan - ok
11:30:34.0905 0x24a4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:30:34.0985 0x24a4 BTHPORT - ok
11:30:35.0029 0x24a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:30:35.0108 0x24a4 bthserv - ok
11:30:35.0129 0x24a4 [ B9D49E4288F56C053B4C12D2F9042948, 5E9C9866FA953526B23AAA05DB23879D3AF55A0909287ED5EB76E010D499B9A4 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:30:35.0152 0x24a4 BTHSSecurityMgr - ok
11:30:35.0177 0x24a4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:30:35.0203 0x24a4 BTHUSB - ok
11:30:35.0277 0x24a4 [ 96E22173FD0E2670A2A20C1EEECA162A, 2CC26317DBA063058178EA9B775C2A0FA2CF94FEDC6DF89F3D8314207D56DA24 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
11:30:35.0345 0x24a4 btwampfl - ok
11:30:35.0374 0x24a4 [ A771078558477068DFD8037B82EB00F8, 58E1686B12B747639FE3BF4CCA58D48B8BBB349C9D316315AD7237F44EF760A4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:30:35.0415 0x24a4 btwaudio - ok
11:30:35.0462 0x24a4 [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
11:30:35.0503 0x24a4 btwavdt - ok
11:30:35.0632 0x24a4 [ C8306C64F95DABC69A11DF3A664C00FB, 1AFE7B7E9FADA3A55CACADA8FEC1C2646CB99DA71CD033A28239932253B807C4 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
11:30:35.0778 0x24a4 btwdins - ok
11:30:35.0825 0x24a4 [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:30:35.0843 0x24a4 btwl2cap - ok
11:30:35.0904 0x24a4 [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:30:35.0920 0x24a4 btwrchid - ok
11:30:35.0995 0x24a4 [ 48360B88C4BF45850653BB7C86888ED4, 454C2DD81BFCC7FF4819CDFE3C5506E31A3FE86B06FB18009783CD2FEA74B0BF ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
11:30:36.0040 0x24a4 CAXHWAZL - ok
11:30:36.0081 0x24a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:30:36.0162 0x24a4 cdfs - ok
11:30:36.0233 0x24a4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:30:36.0265 0x24a4 cdrom - ok
11:30:36.0344 0x24a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
11:30:36.0420 0x24a4 CertPropSvc - ok
11:30:36.0439 0x24a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:30:36.0471 0x24a4 circlass - ok
11:30:36.0527 0x1b58 Object send P2P result: true
11:30:36.0528 0x1b58 Object required for P2P: [ 157DA3885AA4F03C80C10DAEB0949CAA ] AntiVirMailService
11:30:36.0545 0x24a4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
11:30:36.0603 0x24a4 CLFS - ok
11:30:36.0730 0x24a4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:36.0758 0x24a4 clr_optimization_v2.0.50727_32 - ok
11:30:36.0846 0x24a4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:30:36.0874 0x24a4 clr_optimization_v2.0.50727_64 - ok
11:30:36.0932 0x1b50 Object required for P2P: [ C9BED3BDC39FBCAA77A88308355B237E ] avipbb
11:30:37.0009 0x24a4 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:30:37.0382 0x24a4 clr_optimization_v4.0.30319_32 - ok
11:30:37.0443 0x24a4 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:30:37.0645 0x24a4 clr_optimization_v4.0.30319_64 - ok
11:30:37.0701 0x24a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:30:37.0725 0x24a4 CmBatt - ok
11:30:37.0773 0x24a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:30:37.0796 0x24a4 cmdide - ok
11:30:37.0926 0x24a4 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
11:30:37.0996 0x24a4 CNG - ok
11:30:38.0102 0x24a4 [ 22BC1C27274D1CB1C3A8C14CDBA0CDF2, D7D9D739748A7D1159623738464A92BBEC3AF5734B2A7B44291E2B9F21C91D7F ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
11:30:38.0171 0x24a4 CnxtHdAudService - ok
11:30:38.0204 0x24a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:30:38.0227 0x24a4 Compbatt - ok
11:30:38.0295 0x24a4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:30:38.0330 0x24a4 CompositeBus - ok
11:30:38.0341 0x24a4 COMSysApp - ok
11:30:38.0364 0x24a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:30:38.0387 0x24a4 crcdisk - ok
11:30:38.0469 0x24a4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:30:38.0516 0x24a4 CryptSvc - ok
11:30:38.0593 0x24a4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
11:30:38.0667 0x24a4 CSC - ok
11:30:38.0751 0x24a4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
11:30:38.0824 0x24a4 CscService - ok
11:30:38.0905 0x24a4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
11:30:38.0971 0x24a4 DcomLaunch - ok
11:30:38.0982 0x1b58 Object send P2P result: true
11:30:39.0019 0x24a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:30:39.0125 0x24a4 defragsvc - ok
11:30:39.0202 0x24a4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:30:39.0283 0x24a4 DfsC - ok
11:30:39.0371 0x24a4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:30:39.0387 0x1b50 Object send P2P result: true
11:30:39.0387 0x1b50 Object required for P2P: [ 125DFFF37D51A45A72934C3BF89A64CD ] Avira.ServiceHost
11:30:39.0458 0x24a4 Dhcp - ok
11:30:39.0626 0x24a4 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
11:30:39.0770 0x24a4 DiagTrack - ok
11:30:39.0819 0x24a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:30:39.0896 0x24a4 discache - ok
11:30:39.0957 0x24a4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
11:30:39.0982 0x24a4 Disk - ok
11:30:40.0069 0x24a4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:30:40.0115 0x24a4 Dnscache - ok
11:30:40.0178 0x24a4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
11:30:40.0276 0x24a4 dot3svc - ok
11:30:40.0363 0x24a4 [ 497E0E7CD4E6A708EDF8EF4D1702F427, 53591AFB2CACD1A1EDEAEDFABE57E04E219E0A7112F168E78A34DFE9413D7CEC ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
11:30:40.0409 0x24a4 DozeSvc - ok
11:30:40.0477 0x24a4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
11:30:40.0573 0x24a4 DPS - ok
11:30:40.0604 0x24a4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:30:40.0630 0x24a4 drmkaud - ok
11:30:40.0764 0x24a4 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:30:40.0897 0x24a4 DXGKrnl - ok
11:30:40.0950 0x24a4 [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
11:30:40.0971 0x24a4 DzHDD64 - ok
11:30:41.0057 0x24a4 [ 324FCD2DD8A4229DDEF3CC954FF12FA5, B5A5D8839846B31752C20819636940E85BCA0CE7110A83220676D9FB3C1B3EF0 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
11:30:41.0110 0x24a4 e1kexpress - ok
11:30:41.0164 0x24a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:30:41.0245 0x24a4 EapHost - ok
11:30:41.0442 0x24a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:30:41.0682 0x24a4 ebdrv - ok
11:30:41.0746 0x24a4 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS C:\Windows\System32\lsass.exe
11:30:41.0784 0x24a4 EFS - ok
11:30:41.0855 0x24a4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:30:41.0876 0x1b50 Object send P2P result: true
11:30:41.0877 0x1b50 Object required for P2P: [ 138A53D17B040F5A3A307D44A89D0905 ] avnetflt
11:30:41.0944 0x24a4 ehRecvr - ok
11:30:41.0983 0x24a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
11:30:42.0019 0x24a4 ehSched - ok
11:30:42.0109 0x24a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:30:42.0176 0x24a4 elxstor - ok
11:30:42.0234 0x24a4 [ 7C5BFAAC8DCE7292B0C04EBF892E71F9, 41EBFCE22D84A74358F3A85C94840106E5EE7FE618D17FA9E76998E3D8D86625 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
11:30:42.0265 0x24a4 EPSON_EB_RPCV4_04 - detected UnsignedFile.Multi.Generic ( 1 )
11:30:44.0336 0x1b50 Object send P2P result: true
11:30:44.0715 0x24a4 Detect skipped due to KSN trusted
11:30:44.0715 0x24a4 EPSON_EB_RPCV4_04 - ok
11:30:44.0774 0x24a4 [ D4615670CD49A1679E6067F155C47C68, 878D0D7BE72853660804AE4C182180DE8BCE33D8291ED841B8EEF3773EA49294 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
11:30:44.0790 0x24a4 EPSON_PM_RPCV4_04 - detected UnsignedFile.Multi.Generic ( 1 )
11:30:47.0235 0x24a4 Detect skipped due to KSN trusted
11:30:47.0235 0x24a4 EPSON_PM_RPCV4_04 - ok
11:30:47.0284 0x24a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:30:47.0308 0x24a4 ErrDev - ok
11:30:47.0374 0x24a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:30:47.0485 0x24a4 EventSystem - ok
11:30:47.0604 0x24a4 [ 770B15B8261A444B817F296EC27CE71E, 528E2ADBD22D72E9BD5F37504073AA1EBFFD037B6D4C3AABB4769DE9F1A10A55 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:30:47.0672 0x24a4 EvtEng - ok
11:30:47.0718 0x24a4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:30:47.0816 0x24a4 exfat - ok
11:30:47.0846 0x24a4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:30:47.0946 0x24a4 fastfat - ok
11:30:48.0017 0x24a4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
11:30:48.0092 0x24a4 Fax - ok
11:30:48.0122 0x24a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:30:48.0148 0x24a4 fdc - ok
11:30:48.0188 0x24a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:30:48.0265 0x24a4 fdPHost - ok
11:30:48.0279 0x24a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:30:48.0368 0x24a4 FDResPub - ok
11:30:48.0404 0x24a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:30:48.0431 0x24a4 FileInfo - ok
11:30:48.0443 0x24a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:30:48.0524 0x24a4 Filetrace - ok
11:30:48.0541 0x24a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:30:48.0565 0x24a4 flpydisk - ok
11:30:48.0598 0x24a4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:30:48.0653 0x24a4 FltMgr - ok
11:30:48.0785 0x24a4 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
11:30:48.0898 0x24a4 FontCache - ok
11:30:48.0984 0x24a4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:30:49.0007 0x24a4 FontCache3.0.0.0 - ok
11:30:49.0049 0x24a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:30:49.0074 0x24a4 FsDepends - ok
11:30:49.0127 0x24a4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:30:49.0154 0x24a4 Fs_Rec - ok
11:30:49.0188 0x24a4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:30:49.0245 0x24a4 fvevol - ok
11:30:49.0283 0x24a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:30:49.0312 0x24a4 gagp30kx - ok
11:30:49.0399 0x24a4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
11:30:49.0552 0x24a4 gpsvc - ok
11:30:49.0578 0x24a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:30:49.0612 0x24a4 hcw85cir - ok
11:30:49.0715 0x24a4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:30:49.0791 0x24a4 HdAudAddService - ok
11:30:49.0872 0x24a4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:30:49.0910 0x24a4 HDAudBus - ok
11:30:49.0951 0x24a4 [ 7F40163C7A7369A147761C9B57A1223E, 1BF89A4E405F24FB339151CCC2957D22683548B8064F08DC9CECB7580D0A173B ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:30:49.0973 0x24a4 HECIx64 - ok
11:30:49.0989 0x24a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:30:50.0017 0x24a4 HidBatt - ok
11:30:50.0041 0x24a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:30:50.0079 0x24a4 HidBth - ok
11:30:50.0118 0x24a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:30:50.0152 0x24a4 HidIr - ok
11:30:50.0192 0x24a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
11:30:50.0275 0x24a4 hidserv - ok
11:30:50.0337 0x24a4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
11:30:50.0377 0x24a4 HidUsb - ok
11:30:50.0436 0x24a4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:30:50.0515 0x24a4 hkmsvc - ok
11:30:50.0553 0x24a4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:30:50.0612 0x24a4 HomeGroupListener - ok
11:30:50.0669 0x24a4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:30:50.0714 0x24a4 HomeGroupProvider - ok
11:30:50.0775 0x24a4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:30:50.0801 0x24a4 HpSAMD - ok
11:30:50.0953 0x24a4 [ 5ECEC779312AD35B1B19951A4B53FAC1, 67F4D2603E233FA0C2957419BB196BE6273C02FF6AAA188BA613EF62E80BCBC1 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:30:51.0051 0x24a4 HPSLPSVC - ok
11:30:51.0201 0x24a4 [ 447256D1C026654C5CD3CC17E7B20631, F89589AC17BC50483E6687963370937E6CD19D6030F30D70577A7DA266116919 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
11:30:51.0256 0x24a4 HsfXAudioService - ok
11:30:51.0345 0x24a4 [ F6AC1087A131FBB385400667BEA64FBE, 131661287953708893FE564602E8ED6832B96CCA523C205EDE0C9E82DD930178 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
11:30:51.0459 0x24a4 HSF_DPV - ok
11:30:51.0564 0x24a4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:30:51.0648 0x24a4 HTTP - ok
11:30:51.0753 0x24a4 [ 2237E787A3E84FF361A385040F66B5FA, F4964C6334E74AB5F50CB53C88DFC8761721158EBD78CFE0C03FA4677D9E28C8 ] HuaweiHiSuiteService64.exe C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
11:30:51.0802 0x24a4 HuaweiHiSuiteService64.exe - ok
11:30:51.0884 0x24a4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:30:51.0906 0x24a4 hwpolicy - ok
11:30:51.0976 0x24a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:30:52.0006 0x24a4 i8042prt - ok
11:30:52.0092 0x24a4 [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:30:52.0138 0x24a4 iaStor - ok
11:30:52.0223 0x24a4 [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
11:30:52.0296 0x24a4 iaStorA - ok
11:30:52.0326 0x24a4 [ 005C0887D8B57A19883E3ADEF5478F05, E4D53F6197F128C5A753DBA0592619893D93F87575678E9708830B04C4CE1553 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
11:30:52.0345 0x24a4 iaStorF - ok
11:30:52.0435 0x24a4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:30:52.0492 0x24a4 iaStorV - ok
11:30:52.0580 0x24a4 [ 11451E40F18B263DEFE8F523F4AB03A4, 3A345DDD8E68751077AC665D5B3EE04F6FD2196A4735BD56FCB5313226E176D9 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
11:30:52.0604 0x24a4 IBMPMDRV - ok
11:30:52.0617 0x24a4 [ A1A8DE81B5A1FCDFA5D324C1F8C799C3, AC1174F4427B7A80112EBD7CA66C47AC065309125B4DCD8EB42B6D1A18DCDC1B ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
11:30:52.0639 0x24a4 IBMPMSVC - ok
11:30:52.0763 0x24a4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:30:52.0874 0x24a4 idsvc - ok
11:30:52.0891 0x24a4 IEEtwCollectorService - ok
11:30:53.0595 0x24a4 [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:30:54.0497 0x24a4 igfx - ok
11:30:54.0567 0x24a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:30:54.0592 0x24a4 iirsp - ok
11:30:54.0693 0x24a4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
11:30:54.0779 0x24a4 IKEEXT - ok
11:30:54.0851 0x24a4 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
11:30:54.0906 0x24a4 Impcd - ok
11:30:54.0971 0x24a4 [ AE594CC17C33AC146739494615E14851, 0E4FA415C1B4065083D761A458450FAE9C6A6EE6E49B3A598B43871D6F01B3EC ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:30:55.0022 0x24a4 IntcDAud - ok
11:30:55.0086 0x24a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
11:30:55.0108 0x24a4 intelide - ok
11:30:55.0164 0x24a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:30:55.0193 0x24a4 intelppm - ok
11:30:55.0217 0x24a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:30:55.0301 0x24a4 IPBusEnum - ok
11:30:55.0336 0x24a4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:30:55.0419 0x24a4 IpFilterDriver - ok
11:30:55.0500 0x24a4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:30:55.0563 0x24a4 iphlpsvc - ok
11:30:55.0625 0x24a4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:30:55.0653 0x24a4 IPMIDRV - ok
11:30:55.0681 0x24a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:30:55.0762 0x24a4 IPNAT - ok
11:30:55.0785 0x24a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:30:55.0819 0x24a4 IRENUM - ok
11:30:55.0891 0x24a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:30:55.0914 0x24a4 isapnp - ok
11:30:55.0962 0x24a4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:30:56.0009 0x24a4 iScsiPrt - ok
11:30:56.0086 0x24a4 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
11:30:56.0109 0x24a4 IviRegMgr - ok
11:30:56.0128 0x24a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:30:56.0153 0x24a4 kbdclass - ok
11:30:56.0220 0x24a4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:30:56.0245 0x24a4 kbdhid - ok
11:30:56.0268 0x24a4 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso C:\Windows\system32\lsass.exe
11:30:56.0292 0x24a4 KeyIso - ok
11:30:56.0306 0x24a4 KMService - ok
11:30:56.0369 0x24a4 [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:30:56.0421 0x24a4 KSecDD - ok
11:30:56.0472 0x24a4 [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:30:56.0506 0x24a4 KSecPkg - ok
11:30:56.0539 0x24a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:30:56.0616 0x24a4 ksthunk - ok
11:30:56.0679 0x24a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:30:56.0825 0x24a4 KtmRm - ok
11:30:56.0896 0x24a4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:30:56.0994 0x24a4 LanmanServer - ok
11:30:57.0061 0x24a4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:30:57.0145 0x24a4 LanmanWorkstation - ok
11:30:57.0244 0x24a4 [ 403F6798A847D9F98B650D27D0FA3FD3, D69314309E251C74D77CDEF1DED7A4E83788871FA723D0D74B9FE5BAA89F9998 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
11:30:57.0264 0x24a4 LENOVO.CAMMUTE - ok
11:30:57.0303 0x24a4 [ A062A18F4F792534F898AEB3BD723D01, 4B620E9BBADAC69F4F116F19BA00B07E49F01DE0516A6091772E8515A8636B72 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
11:30:57.0328 0x24a4 LENOVO.MICMUTE - ok
11:30:57.0362 0x24a4 [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
11:30:57.0380 0x24a4 lenovo.smi - ok
11:30:57.0408 0x24a4 [ 00F2E095C36199D8BF14A8E40CDBC2D0, A7E048E496056E7554F9BB2CA71374820821371F39D5BE22C88285D412E2FCBE ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
11:30:57.0430 0x24a4 LENOVO.TPKNRSVC - ok
11:30:57.0473 0x24a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:30:57.0550 0x24a4 lltdio - ok
11:30:57.0596 0x24a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:30:57.0696 0x24a4 lltdsvc - ok
11:30:57.0716 0x24a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:30:57.0794 0x24a4 lmhosts - ok
11:30:57.0878 0x24a4 [ 1DC4D529183A4275809A7646F2180A22, 218403A5EA4EACEEF6C701320345075978FA1C36C9B522BC34142E2D8A6D77CE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:30:57.0920 0x24a4 LMS - ok
11:30:57.0956 0x24a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:30:57.0983 0x24a4 LSI_FC - ok
11:30:58.0017 0x24a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:30:58.0044 0x24a4 LSI_SAS - ok
11:30:58.0066 0x24a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:30:58.0091 0x24a4 LSI_SAS2 - ok
11:30:58.0113 0x24a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:30:58.0139 0x24a4 LSI_SCSI - ok
11:30:58.0156 0x24a4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:30:58.0239 0x24a4 luafv - ok
11:30:58.0294 0x24a4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:30:58.0325 0x24a4 Mcx2Svc - ok
11:30:58.0344 0x24a4 [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:30:58.0363 0x24a4 mdmxsdk - ok
11:30:58.0380 0x24a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:30:58.0405 0x24a4 megasas - ok
11:30:58.0435 0x24a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:30:58.0482 0x24a4 MegaSR - ok
11:30:58.0630 0x24a4 Microsoft SharePoint Workspace Audit Service - ok
11:30:58.0674 0x24a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:30:58.0756 0x24a4 MMCSS - ok
11:30:58.0770 0x24a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:30:58.0848 0x24a4 Modem - ok
11:30:58.0898 0x24a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:30:58.0929 0x24a4 monitor - ok
11:30:58.0989 0x24a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:30:59.0013 0x24a4 mouclass - ok
11:30:59.0032 0x24a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:30:59.0056 0x24a4 mouhid - ok
11:30:59.0121 0x24a4 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:30:59.0146 0x24a4 mountmgr - ok
11:30:59.0227 0x24a4 [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:30:59.0257 0x24a4 MozillaMaintenance - ok
11:30:59.0309 0x24a4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
11:30:59.0354 0x24a4 mpio - ok
11:30:59.0376 0x24a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:30:59.0455 0x24a4 mpsdrv - ok
11:30:59.0549 0x24a4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:30:59.0685 0x24a4 MpsSvc - ok
11:30:59.0747 0x24a4 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:30:59.0803 0x24a4 MRxDAV - ok
11:30:59.0860 0x24a4 [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:30:59.0908 0x24a4 mrxsmb - ok
11:30:59.0977 0x24a4 [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:31:00.0025 0x24a4 mrxsmb10 - ok
11:31:00.0080 0x24a4 [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:31:00.0110 0x24a4 mrxsmb20 - ok
11:31:00.0202 0x24a4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
11:31:00.0227 0x24a4 msahci - ok
11:31:00.0318 0x24a4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:31:00.0355 0x24a4 msdsm - ok
11:31:00.0375 0x24a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:31:00.0424 0x24a4 MSDTC - ok
11:31:00.0473 0x24a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:31:00.0554 0x24a4 Msfs - ok
11:31:00.0582 0x24a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:31:00.0659 0x24a4 mshidkmdf - ok
11:31:00.0712 0x24a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:31:00.0735 0x24a4 msisadrv - ok
11:31:00.0773 0x24a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:31:00.0861 0x24a4 MSiSCSI - ok
11:31:00.0867 0x24a4 msiserver - ok
11:31:00.0898 0x24a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:31:00.0973 0x24a4 MSKSSRV - ok
11:31:01.0006 0x24a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:31:01.0082 0x24a4 MSPCLOCK - ok
11:31:01.0099 0x24a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:31:01.0175 0x24a4 MSPQM - ok
11:31:01.0232 0x24a4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:31:01.0280 0x24a4 MsRPC - ok
11:31:01.0346 0x24a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:31:01.0369 0x24a4 mssmbios - ok
11:31:01.0375 0x24a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:31:01.0460 0x24a4 MSTEE - ok
11:31:01.0467 0x24a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:31:01.0493 0x24a4 MTConfig - ok
11:31:01.0549 0x24a4 [ EFD3191F669B19D761E1500E5726E536, 04DCF5C22B802263CA060327E7780ADC1032580F631B422FD58E52796520E986 ] mtkmbim C:\Windows\system32\DRIVERS\mtkmbim7_x64.sys
11:31:01.0582 0x24a4 mtkmbim - detected UnsignedFile.Multi.Generic ( 1 )
11:31:03.0950 0x24a4 Detect skipped due to KSN trusted
11:31:03.0950 0x24a4 mtkmbim - ok
11:31:03.0989 0x24a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:31:04.0030 0x24a4 Mup - ok
11:31:04.0105 0x24a4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
11:31:04.0233 0x24a4 napagent - ok
11:31:04.0271 0x24a4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:31:04.0358 0x24a4 NativeWifiP - ok
11:31:04.0471 0x24a4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:31:04.0562 0x24a4 NDIS - ok
11:31:04.0593 0x24a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:31:04.0671 0x24a4 NdisCap - ok
11:31:04.0692 0x24a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:31:04.0769 0x24a4 NdisTapi - ok
11:31:04.0840 0x24a4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:31:04.0932 0x24a4 Ndisuio - ok
11:31:04.0975 0x24a4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:31:05.0072 0x24a4 NdisWan - ok
11:31:05.0132 0x24a4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:31:05.0208 0x24a4 NDProxy - ok
11:31:05.0283 0x24a4 [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:31:05.0293 0x24a4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:31:07.0655 0x24a4 Detect skipped due to KSN trusted
11:31:07.0655 0x24a4 Net Driver HPZ12 - ok
11:31:07.0707 0x24a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:31:07.0794 0x24a4 NetBIOS - ok
11:31:07.0861 0x24a4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:31:07.0965 0x24a4 NetBT - ok
11:31:07.0978 0x24a4 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon C:\Windows\system32\lsass.exe
11:31:08.0002 0x24a4 Netlogon - ok
11:31:08.0050 0x24a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:31:08.0177 0x24a4 Netman - ok
11:31:08.0313 0x24a4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0437 0x24a4 NetMsmqActivator - ok
11:31:08.0448 0x24a4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0481 0x24a4 NetPipeActivator - ok
11:31:08.0509 0x24a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:31:08.0614 0x24a4 netprofm - ok
11:31:08.0628 0x24a4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0662 0x24a4 NetTcpActivator - ok
11:31:08.0673 0x24a4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:31:08.0705 0x24a4 NetTcpPortSharing - ok
11:31:09.0133 0x24a4 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
11:31:09.0730 0x24a4 NETw5s64 - ok
11:31:10.0086 0x24a4 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
11:31:10.0485 0x24a4 netw5v64 - ok
11:31:11.0214 0x24a4 [ 62A8A81674F71B76289E460615A0AC73, 18EC13F46360DB819200F7B77E0F952D43C25FEE91D6CB44C42502F4E3042D74 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
11:31:12.0141 0x24a4 NETwNs64 - ok
11:31:12.0199 0x24a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:31:12.0225 0x24a4 nfrd960 - ok
11:31:12.0298 0x24a4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:31:12.0356 0x24a4 NlaSvc - ok
11:31:12.0389 0x24a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:31:12.0485 0x24a4 Npfs - ok
11:31:12.0508 0x24a4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:31:12.0592 0x24a4 nsi - ok
11:31:12.0605 0x24a4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:31:12.0685 0x24a4 nsiproxy - ok
11:31:12.0829 0x24a4 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:31:12.0969 0x24a4 Ntfs - ok
11:31:12.0987 0x24a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:31:13.0065 0x24a4 Null - ok
11:31:13.0163 0x24a4 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:31:13.0206 0x24a4 NVHDA - ok
11:31:13.0841 0x24a4 [ 993D73A8090C957230DE4E14AA9C5DFF, 3864CB466E0F76881131AC8043C53297B70C30D3F1B5C3C7A8CC031EA86D60FC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:31:14.0643 0x24a4 nvlddmkm - ok
11:31:14.0778 0x24a4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:31:14.0820 0x24a4 nvraid - ok
11:31:14.0883 0x24a4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:31:14.0964 0x24a4 nvstor - ok
11:31:15.0080 0x24a4 [ C367AD646714E03E14F24F39EC206736, 231EFD56E51497DC452D96F249E1C193CEF8139392253CDB32AA664107B76E62 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:31:15.0198 0x24a4 nvsvc - ok
11:31:15.0250 0x24a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:31:15.0285 0x24a4 nv_agp - ok
11:31:15.0340 0x24a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:31:15.0370 0x24a4 ohci1394 - ok
11:31:15.0471 0x24a4 [ 9F16274E1B4E65C80CC3BC84F3F44C41, 293863FAC6146417FCFECF6E4921A58C4B163057D0DFD45A8397A2882B87B492 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:31:15.0510 0x24a4 ose - ok
11:31:15.0880 0x24a4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:31:16.0251 0x24a4 osppsvc - ok
11:31:16.0338 0x24a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:31:16.0405 0x24a4 p2pimsvc - ok
11:31:16.0464 0x24a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:31:16.0528 0x24a4 p2psvc - ok
11:31:16.0583 0x24a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:31:16.0617 0x24a4 Parport - ok
11:31:16.0678 0x24a4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:31:16.0705 0x24a4 partmgr - ok
11:31:16.0756 0x24a4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:31:16.0844 0x24a4 PcaSvc - ok
11:31:16.0997 0x24a4 [ 51209FBDB13A46E05C1B0077A9310264, 2EB5E29476A07B9E114F36DEFFAF71B3C6A4F2371E09AFDF12B37D5EA9890972 ] PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 c:\progra~1\pc-doc~1\pcdsrvc_x64.pkms
11:31:17.0444 0x24a4 PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 - ok
11:31:17.0550 0x24a4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
11:31:17.0586 0x24a4 pci - ok
11:31:17.0638 0x24a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
11:31:17.0665 0x24a4 pciide - ok
11:31:17.0709 0x24a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:31:17.0753 0x24a4 pcmcia - ok
11:31:17.0779 0x24a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:31:17.0804 0x24a4 pcw - ok
11:31:17.0868 0x24a4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:31:17.0942 0x24a4 PEAUTH - ok
11:31:18.0050 0x24a4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:31:18.0178 0x24a4 PeerDistSvc - ok
11:31:18.0256 0x24a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:31:18.0281 0x24a4 PerfHost - ok
11:31:18.0423 0x24a4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
11:31:18.0622 0x24a4 pla - ok
11:31:18.0686 0x24a4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:31:18.0745 0x24a4 PlugPlay - ok
11:31:18.0812 0x24a4 [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:31:18.0824 0x24a4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:31:21.0180 0x24a4 Detect skipped due to KSN trusted
11:31:21.0180 0x24a4 Pml Driver HPZ12 - ok
11:31:21.0235 0x24a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:31:21.0267 0x24a4 PNRPAutoReg - ok
11:31:21.0304 0x24a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:31:21.0353 0x24a4 PNRPsvc - ok
11:31:21.0413 0x24a4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:31:21.0531 0x24a4 PolicyAgent - ok
11:31:21.0572 0x24a4 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
11:31:21.0626 0x24a4 Power - ok
11:31:21.0820 0x24a4 [ 3E1BA96F0B2E07117AD0E81C2B685E32, 8E6C45C1222D3C5442ECCE5E29B1023DDEB1E457FE86267A1DDEF8ED06ADDB3B ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
11:31:21.0959 0x24a4 Power Manager DBC Service - ok
11:31:22.0020 0x24a4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:31:22.0106 0x24a4 PptpMiniport - ok
11:31:22.0136 0x24a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:31:22.0167 0x24a4 Processor - ok
11:31:22.0207 0x24a4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
11:31:22.0268 0x24a4 ProfSvc - ok
11:31:22.0333 0x24a4 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:31:22.0359 0x24a4 ProtectedStorage - ok
11:31:22.0418 0x24a4 [ B8035AF9CC0CCBA9A09AC0A0D9801797, 6F09D25BAD66951B795326EBF01EFB3E03B000E51EB7A0D8D99C1ACC7478209B ] psadd C:\Windows\system32\DRIVERS\psadd.sys
11:31:22.0436 0x24a4 psadd - ok
11:31:22.0523 0x24a4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:31:22.0608 0x24a4 Psched - ok
11:31:22.0660 0x24a4 [ 052031A92809B438683FDCF5B574234D, F177BAD4444613DEC575FE19269BAFC90CD6B573C4FD3D7F429B321429583B36 ] qcfilterlno2k C:\Windows\system32\DRIVERS\qcfilterlno2k.sys
11:31:22.0692 0x24a4 qcfilterlno2k - ok
11:31:22.0753 0x24a4 [ B7FB4EAE56062A732EC962BF980512FA, 9FD8C67BF5B3573A3ECA9976FE1437B27640A94868E7A8B93BF77D8AE1F799F6 ] qcusbnetlno2k C:\Windows\system32\DRIVERS\qcusbnetlno2k.sys
11:31:22.0888 0x24a4 qcusbnetlno2k - ok
11:31:22.0933 0x24a4 [ C868E37AD834538EDAA652EC465EE6E8, 7530C04F0F38E0E45CA3C9AC7618D17DCE7E23739230AD50AD74E78E520F9322 ] qcusbserlno2k C:\Windows\system32\DRIVERS\qcusbserlno2k.sys
11:31:22.0997 0x24a4 qcusbserlno2k - ok
11:31:23.0131 0x24a4 [ D36BFE02494BC70707EEFCDC18FB16C7, 1ED850A2AA449BF026EB3FE5D58D691B47F8EC394BE7B0CBC9D0A2E79B903028 ] QDLService2kLenovo C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
11:31:23.0264 0x24a4 QDLService2kLenovo - ok
11:31:23.0382 0x24a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:31:23.0518 0x24a4 ql2300 - ok
11:31:23.0565 0x24a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:31:23.0596 0x24a4 ql40xx - ok
11:31:23.0637 0x24a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:31:23.0700 0x24a4 QWAVE - ok
11:31:23.0720 0x24a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:31:23.0759 0x24a4 QWAVEdrv - ok
11:31:23.0781 0x24a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:31:23.0870 0x24a4 RasAcd - ok
11:31:23.0918 0x24a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:31:24.0003 0x24a4 RasAgileVpn - ok
11:31:24.0023 0x24a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:31:24.0113 0x24a4 RasAuto - ok
11:31:24.0155 0x24a4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:31:24.0235 0x24a4 Rasl2tp - ok
11:31:24.0285 0x24a4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
11:31:24.0390 0x24a4 RasMan - ok
11:31:24.0425 0x24a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:31:24.0507 0x24a4 RasPppoe - ok
11:31:24.0541 0x24a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:31:24.0629 0x24a4 RasSstp - ok
11:31:24.0683 0x24a4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:31:24.0785 0x24a4 rdbss - ok
11:31:24.0821 0x24a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:31:24.0852 0x24a4 rdpbus - ok
11:31:24.0911 0x24a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:31:24.0990 0x24a4 RDPCDD - ok
11:31:25.0066 0x24a4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:31:25.0146 0x24a4 RDPDR - ok
11:31:25.0153 0x24a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:31:25.0232 0x24a4 RDPENCDD - ok
11:31:25.0264 0x24a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:31:25.0339 0x24a4 RDPREFMP - ok
11:31:25.0489 0x24a4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:31:25.0525 0x24a4 RdpVideoMiniport - ok
11:31:25.0581 0x24a4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:31:25.0665 0x24a4 RDPWD - ok
11:31:25.0749 0x24a4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:31:25.0795 0x24a4 rdyboost - ok
11:31:25.0896 0x24a4 [ 992E3160D3AB2D8F083B6808D73A4016, BFB0C76A03472827D577783270B01AEADAC32EE644177C2A8027CDC593179E13 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:31:25.0921 0x24a4 RegSrvc - ok
11:31:25.0948 0x24a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:31:26.0035 0x24a4 RemoteAccess - ok
11:31:26.0072 0x24a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:31:26.0173 0x24a4 RemoteRegistry - ok
11:31:26.0215 0x24a4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:31:26.0259 0x24a4 RFCOMM - ok
11:31:26.0310 0x24a4 [ 3DCA561AAF776AA2E356FB5B142AA5F8, E11F6776F02A09D64FDBB23D7169AB5467E0D8684AACB3D7CA8FAC42F3A02677 ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
11:31:26.0334 0x24a4 rimspci - ok
11:31:26.0351 0x24a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:31:26.0435 0x24a4 RpcEptMapper - ok
11:31:26.0463 0x24a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:31:26.0491 0x24a4 RpcLocator - ok
11:31:26.0570 0x24a4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
11:31:26.0621 0x24a4 RpcSs - ok
11:31:26.0660 0x24a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:31:26.0739 0x24a4 rspndr - ok
11:31:26.0792 0x24a4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:31:26.0815 0x24a4 s3cap - ok
11:31:26.0833 0x24a4 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs C:\Windows\system32\lsass.exe
11:31:26.0858 0x24a4 SamSs - ok
11:31:26.0926 0x24a4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:31:26.0955 0x24a4 sbp2port - ok
11:31:26.0985 0x24a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:31:27.0086 0x24a4 SCardSvr - ok
11:31:27.0142 0x24a4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:31:27.0223 0x24a4 scfilter - ok
11:31:27.0332 0x24a4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
11:31:27.0448 0x24a4 Schedule - ok
11:31:27.0509 0x24a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:31:27.0588 0x24a4 SCPolicySvc - ok
11:31:27.0672 0x24a4 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:31:27.0711 0x24a4 sdbus - ok
11:31:27.0821 0x24a4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:31:27.0860 0x24a4 SDRSVC - ok
11:31:27.0904 0x24a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:31:27.0946 0x24a4 secdrv - ok
11:31:27.0996 0x24a4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
11:31:28.0030 0x24a4 seclogon - ok
11:31:28.0072 0x24a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
11:31:28.0155 0x24a4 SENS - ok
11:31:28.0206 0x24a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:31:28.0237 0x24a4 SensrSvc - ok
11:31:28.0262 0x24a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:31:28.0288 0x24a4 Serenum - ok
11:31:28.0343 0x24a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:31:28.0371 0x24a4 Serial - ok
11:31:28.0488 0x24a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:31:28.0513 0x24a4 sermouse - ok
11:31:28.0691 0x24a4 [ 1A2FE33591A3172B0AE624A3BA3C64CD, B675CC100423822CA318BAC6D271F7E9FA6C4229D4E0DB710E0F8CCC8E3332FC ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
11:31:28.0828 0x24a4 Service KMSELDI - detected UnsignedFile.Multi.Generic ( 1 )
11:31:31.0363 0x24a4 Service KMSELDI ( UnsignedFile.Multi.Generic ) - warning
11:31:33.0916 0x24a4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
11:31:34.0066 0x24a4 SessionEnv - ok
11:31:34.0119 0x24a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:31:34.0151 0x24a4 sffdisk - ok
11:31:34.0209 0x24a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:31:34.0241 0x24a4 sffp_mmc - ok
11:31:34.0258 0x24a4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:31:34.0292 0x24a4 sffp_sd - ok
11:31:34.0346 0x24a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:31:34.0378 0x24a4 sfloppy - ok
11:31:34.0459 0x24a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:31:34.0578 0x24a4 SharedAccess - ok
11:31:34.0627 0x24a4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:31:34.0740 0x24a4 ShellHWDetection - ok
11:31:34.0775 0x24a4 [ C45942985943FC4AB8A7EA7A92F29C00, C1E2FCA82A78BA59E014ED257C7FBA034C60B947242C363A910EBA0B67AA1B30 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
11:31:34.0808 0x24a4 Shockprf - ok
11:31:34.0841 0x24a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:31:34.0867 0x24a4 SiSRaid2 - ok
11:31:34.0900 0x24a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:31:34.0927 0x24a4 SiSRaid4 - ok
11:31:35.0014 0x24a4 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:31:35.0068 0x24a4 SkypeUpdate - ok
11:31:35.0101 0x24a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:31:35.0191 0x24a4 Smb - ok
11:31:35.0243 0x24a4 [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
11:31:35.0267 0x24a4 SmbDrvI - ok
11:31:35.0302 0x24a4 smihlp2 - ok
11:31:35.0345 0x24a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:31:35.0374 0x24a4 SNMPTRAP - ok
11:31:35.0416 0x24a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:31:35.0442 0x24a4 spldr - ok
11:31:35.0508 0x24a4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
11:31:35.0582 0x24a4 Spooler - ok
11:31:35.0823 0x24a4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
11:31:36.0124 0x24a4 sppsvc - ok
11:31:36.0175 0x24a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:31:36.0258 0x24a4 sppuinotify - ok
11:31:36.0346 0x24a4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:31:36.0432 0x24a4 srv - ok
11:31:36.0512 0x24a4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:31:36.0570 0x24a4 srv2 - ok
11:31:36.0625 0x24a4 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:31:36.0683 0x24a4 SrvHsfHDA - ok
11:31:36.0794 0x24a4 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:31:36.0925 0x24a4 SrvHsfV92 - ok
11:31:36.0990 0x24a4 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:31:37.0065 0x24a4 SrvHsfWinac - ok
11:31:37.0136 0x24a4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:31:37.0173 0x24a4 srvnet - ok
11:31:37.0216 0x24a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:31:37.0320 0x24a4 SSDPSRV - ok
11:31:37.0331 0x24a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:31:37.0417 0x24a4 SstpSvc - ok
11:31:37.0520 0x24a4 [ 17FC2EAD763F0237457817A753A5A676, CDA2EFE4AC5A7BE034FF1A5A6469CF7C4B295BF5E1D995C9A289AD9E8FBD3740 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:31:37.0574 0x24a4 Stereo Service - ok
11:31:37.0604 0x24a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:31:37.0629 0x24a4 stexstor - ok
11:31:37.0667 0x24a4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:31:37.0713 0x24a4 StillCam - ok
11:31:37.0780 0x24a4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
11:31:37.0865 0x24a4 stisvc - ok
11:31:37.0940 0x24a4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:31:37.0965 0x24a4 storflt - ok
11:31:37.0988 0x24a4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
11:31:38.0025 0x24a4 StorSvc - ok
11:31:38.0060 0x24a4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:31:38.0084 0x24a4 storvsc - ok
11:31:38.0231 0x24a4 [ FBB679A987A096E37330033863CA710F, 7C7DBB84B7619E689C3FC4CF90364BA05497E8BAA3833D51D288F865D1E226FB ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
11:31:38.0250 0x24a4 SUService - ok
11:31:38.0326 0x24a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
11:31:38.0349 0x24a4 swenum - ok
11:31:38.0422 0x24a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:31:38.0540 0x24a4 swprv - ok
11:31:38.0603 0x24a4 [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:31:38.0659 0x24a4 SynTP - ok
11:31:38.0806 0x24a4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
11:31:38.0979 0x24a4 SysMain - ok
11:31:39.0037 0x24a4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:31:39.0082 0x24a4 TabletInputService - ok
11:31:39.0235 0x24a4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
11:31:39.0330 0x24a4 TapiSrv - ok
11:31:39.0527 0x24a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:31:39.0744 0x24a4 Tcpip - ok
11:31:39.0883 0x24a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:31:40.0007 0x24a4 TCPIP6 - ok
11:31:40.0071 0x24a4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:31:40.0095 0x24a4 tcpipreg - ok
11:31:40.0141 0x24a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:31:40.0206 0x24a4 TDPIPE - ok
11:31:40.0237 0x24a4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:31:40.0262 0x24a4 TDTCP - ok
11:31:40.0327 0x24a4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:31:40.0356 0x24a4 tdx - ok
11:31:40.0415 0x24a4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
11:31:40.0442 0x24a4 TermDD - ok
11:31:40.0663 0x24a4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
11:31:40.0760 0x24a4 TermService - ok
11:31:40.0818 0x24a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:31:40.0863 0x24a4 Themes - ok
11:31:40.0983 0x24a4 [ 39AC444E07FDBD8C2E8E291A65D515D3, 4BFAEF295168AF4A78D3DE456B3819368BF55302EB17E1DB5391BDABB0E577A4 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
11:31:41.0072 0x24a4 ThinkVantage Registry Monitor Service - detected UnsignedFile.Multi.Generic ( 1 )
11:31:43.0518 0x24a4 Detect skipped due to KSN trusted
11:31:43.0518 0x24a4 ThinkVantage Registry Monitor Service - ok
11:31:43.0584 0x24a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:31:43.0666 0x24a4 THREADORDER - ok
11:31:43.0683 0x24a4 [ 6DB3FAE611554DC373E266ED50111B1C, CAE806DC0076B0ACD0020F2D20333C9D50CFE4E1EF32576D413BB2067C8AD206 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
11:31:43.0700 0x24a4 TPDIGIMN - ok
11:31:43.0726 0x24a4 [ 47D2009FDC682833EE03B6DCBA23FDD2, 39236BECB9AAFC2055E1706EE35CE506E4A72A284DACBC3D2C3A990BB4510389 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
11:31:43.0747 0x24a4 TPHDEXLGSVC - ok
11:31:43.0818 0x24a4 [ 6FE3085AB39EA391FCABE7275C8A380C, A3BBD17237D29BE9C11E1CA15C89028218ECAEB5E1151047D12957CEB7F434E2 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
11:31:43.0842 0x24a4 TPHKLOAD - ok
11:31:43.0857 0x24a4 [ F7B2314456B1676777AA9FFEF6776B45, FC6B4909BB698BC9EC151EC68357F1C27725E8F0AF8074338FD9502B1DEBCD0B ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
11:31:43.0882 0x24a4 TPHKSVC - ok
11:31:43.0937 0x24a4 [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\Windows\system32\drivers\tpm.sys
11:31:43.0967 0x24a4 TPM - ok
11:31:44.0016 0x24a4 [ 1B58B92F059C30F33A7B9DF7EC61F288, 0C0469784166F0433A178017BFB79831919372C5B5A7C948BAA8727F753FBF09 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
11:31:44.0039 0x24a4 TPPWRIF - ok
11:31:44.0076 0x24a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:31:44.0161 0x24a4 TrkWks - ok
11:31:44.0234 0x24a4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:31:44.0331 0x24a4 TrustedInstaller - ok
11:31:44.0390 0x24a4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:31:44.0418 0x24a4 tssecsrv - ok
11:31:44.0473 0x24a4 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:31:44.0499 0x24a4 TsUsbFlt - ok
11:31:44.0588 0x24a4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:31:44.0671 0x24a4 tunnel - ok
11:31:44.0706 0x24a4 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7, CAA2385DCD65009E4AC4328675FBE7F6B8078FDE42F3369D70E2A37AE1827B90 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
11:31:44.0725 0x24a4 TurboB - ok
11:31:44.0762 0x24a4 [ B670DF651F00194434ADC6B326743709, 8074B79F7928236338C0BC3F15363E4110A07CF5965621673CB6516BBB734E7D ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:31:44.0796 0x24a4 TurboBoost - ok
11:31:44.0943 0x24a4 [ 4581A61AD590BC3CCDF2759D0BDD69FC, 1D48CC783CF6112B342C3C9A10A539C14FB1C22B5F019463DC22E60E88838023 ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
11:31:45.0067 0x24a4 TVT Backup Service - ok
11:31:45.0094 0x24a4 [ 4DAAE0413CD4E816258838E2FAFB3147, 7D45621A0148C2EEA4302A5852D9407DCEF1947936E9E840788F01625E869CDD ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
11:31:45.0112 0x24a4 TVTI2C - ok
11:31:45.0144 0x24a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:31:45.0169 0x24a4 uagp35 - ok
11:31:45.0214 0x24a4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:31:45.0314 0x24a4 udfs - ok
11:31:45.0351 0x24a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:31:45.0380 0x24a4 UI0Detect - ok
11:31:45.0398 0x24a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:31:45.0424 0x24a4 uliagpkx - ok
11:31:45.0486 0x24a4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:31:45.0518 0x24a4 umbus - ok
11:31:45.0535 0x24a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:31:45.0559 0x24a4 UmPass - ok
11:31:45.0625 0x24a4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
11:31:45.0672 0x24a4 UmRdpService - ok
11:31:45.0869 0x24a4 [ 792F2F9563996C374C4BE221518BC291, 8D3C7DCA63C91ACB54E53E68D80D51EEDF666A9E7E0E3770F49877C860B5EA90 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:31:46.0062 0x24a4 UNS - ok
11:31:46.0113 0x24a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:31:46.0227 0x24a4 upnphost - ok
11:31:46.0288 0x24a4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:31:46.0322 0x24a4 usbccgp - ok
11:31:46.0384 0x24a4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:31:46.0422 0x24a4 usbcir - ok
11:31:46.0437 0x24a4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:31:46.0463 0x24a4 usbehci - ok
11:31:46.0538 0x24a4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:31:46.0586 0x24a4 usbhub - ok
11:31:46.0644 0x24a4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:31:46.0668 0x24a4 usbohci - ok
11:31:46.0725 0x24a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:31:46.0758 0x24a4 usbprint - ok
11:31:46.0808 0x24a4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:31:46.0898 0x24a4 USBSTOR - ok
11:31:46.0950 0x24a4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:31:46.0975 0x24a4 usbuhci - ok
11:31:47.0047 0x24a4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:31:47.0108 0x24a4 usbvideo - ok
11:31:47.0140 0x24a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:31:47.0221 0x24a4 UxSms - ok
11:31:47.0234 0x24a4 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc C:\Windows\system32\lsass.exe
11:31:47.0258 0x24a4 VaultSvc - ok
11:31:47.0291 0x24a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:31:47.0315 0x24a4 vdrvroot - ok
11:31:47.0375 0x24a4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
11:31:47.0497 0x24a4 vds - ok
11:31:47.0526 0x24a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:31:47.0557 0x24a4 vga - ok
11:31:47.0583 0x24a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:31:47.0660 0x24a4 VgaSave - ok
11:31:47.0729 0x24a4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:31:47.0786 0x24a4 vhdmp - ok
11:31:47.0847 0x24a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
11:31:47.0871 0x24a4 viaide - ok
11:31:47.0940 0x24a4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:31:47.0985 0x24a4 vmbus - ok
11:31:48.0008 0x24a4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:31:48.0045 0x24a4 VMBusHID - ok
11:31:48.0065 0x24a4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:31:48.0092 0x24a4 volmgr - ok
11:31:48.0160 0x24a4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:31:48.0207 0x24a4 volmgrx - ok
11:31:48.0235 0x24a4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:31:48.0282 0x24a4 volsnap - ok
11:31:48.0333 0x24a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:31:48.0365 0x24a4 vsmraid - ok
11:31:48.0494 0x24a4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
11:31:48.0689 0x24a4 VSS - ok
11:31:48.0712 0x24a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:31:48.0743 0x24a4 vwifibus - ok
11:31:48.0778 0x24a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:31:48.0822 0x24a4 vwififlt - ok
11:31:48.0857 0x24a4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:31:48.0893 0x24a4 vwifimp - ok
11:31:48.0947 0x24a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
11:31:49.0057 0x24a4 W32Time - ok
11:31:49.0084 0x24a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:31:49.0111 0x24a4 WacomPen - ok
11:31:49.0198 0x24a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:31:49.0276 0x24a4 WANARP - ok
11:31:49.0285 0x24a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:31:49.0361 0x24a4 Wanarpv6 - ok
11:31:49.0497 0x24a4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:31:49.0627 0x24a4 WatAdminSvc - ok
11:31:49.0769 0x24a4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
11:31:49.0903 0x24a4 wbengine - ok
11:31:49.0953 0x24a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:31:50.0013 0x24a4 WbioSrvc - ok
11:31:50.0065 0x24a4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:31:50.0141 0x24a4 wcncsvc - ok
11:31:50.0162 0x24a4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:31:50.0198 0x24a4 WcsPlugInService - ok
11:31:50.0233 0x24a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:31:50.0257 0x24a4 Wd - ok
11:31:50.0344 0x24a4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:31:50.0434 0x24a4 Wdf01000 - ok
11:31:50.0473 0x24a4 [ 4CD8E04173F5954EEC3704164591981D, B57CA43E119CCEB1167FE944585DE27EB334F6AFB69521518D9E1D7E2E86E259 ] wdf_usb C:\Windows\system32\DRIVERS\usb2ser.sys
11:31:50.0486 0x24a4 wdf_usb - detected UnsignedFile.Multi.Generic ( 1 )
11:31:52.0940 0x24a4 Detect skipped due to KSN trusted
11:31:52.0940 0x24a4 wdf_usb - ok
11:31:53.0001 0x24a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:31:53.0038 0x24a4 WdiServiceHost - ok
11:31:53.0048 0x24a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:31:53.0082 0x24a4 WdiSystemHost - ok
11:31:53.0149 0x24a4 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
11:31:53.0205 0x24a4 WebClient - ok
11:31:53.0243 0x24a4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:31:53.0344 0x24a4 Wecsvc - ok
11:31:53.0363 0x24a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:31:53.0453 0x24a4 wercplsupport - ok
11:31:53.0484 0x24a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:31:53.0572 0x24a4 WerSvc - ok
11:31:53.0612 0x24a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:31:53.0690 0x24a4 WfpLwf - ok
11:31:53.0706 0x24a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:31:53.0729 0x24a4 WIMMount - ok
11:31:53.0934 0x24a4 [ 1EDBBF412A382550AF6EB35F5E46928E, 23FC32929913CF784A78C334D0B0E9D812EA6BDF70BB5C993DDE492CBEE8265E ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
11:31:54.0003 0x24a4 winachsf - ok
11:31:54.0043 0x24a4 WinDefend - ok
11:31:54.0070 0x24a4 WinHttpAutoProxySvc - ok
11:31:54.0309 0x24a4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:31:54.0404 0x24a4 Winmgmt - ok
11:31:54.0547 0x24a4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
11:31:54.0775 0x24a4 WinRM - ok
11:31:55.0007 0x24a4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:31:55.0040 0x24a4 WinUsb - ok
11:31:55.0124 0x24a4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:31:55.0226 0x24a4 Wlansvc - ok
11:31:55.0291 0x24a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:31:55.0317 0x24a4 WmiAcpi - ok
11:31:55.0353 0x24a4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:31:55.0405 0x24a4 wmiApSrv - ok
11:31:55.0444 0x24a4 WMPNetworkSvc - ok
11:31:55.0476 0x24a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:31:55.0511 0x24a4 WPCSvc - ok
11:31:55.0553 0x24a4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:31:55.0592 0x24a4 WPDBusEnum - ok
11:31:55.0628 0x24a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:31:55.0707 0x24a4 ws2ifsl - ok
11:31:55.0721 0x24a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
11:31:55.0764 0x24a4 wscsvc - ok
11:31:55.0809 0x24a4 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:31:55.0841 0x24a4 WSDPrintDevice - ok
11:31:55.0864 0x24a4 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
11:31:55.0888 0x24a4 WSDScan - ok
11:31:55.0893 0x24a4 WSearch - ok
11:31:56.0097 0x24a4 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
11:31:56.0316 0x24a4 wuauserv - ok
11:31:56.0380 0x24a4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:31:56.0411 0x24a4 WudfPf - ok
11:31:56.0450 0x24a4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:31:56.0482 0x24a4 WUDFRd - ok
11:31:56.0533 0x24a4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:31:56.0562 0x24a4 wudfsvc - ok
11:31:56.0628 0x24a4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:31:56.0725 0x24a4 WwanSvc - ok
11:31:56.0783 0x24a4 [ E8F3FA126A06F8E7088F63757112A186, FC742ECA6DD823C5B17A514EC4473F65EE290FA6501370675B3628FD881A1C4B ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
11:31:56.0802 0x24a4 XAudio - ok
11:31:57.0047 0x24a4 [ 9FA1347D0E96998C3793F51BB94D7AC3, D4C692E8313B96D03AB5A37C1CF15B7F7D8B76948555B4CFBA1ADA4D3E051C3B ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:31:57.0293 0x24a4 ZeroConfigService - ok
11:31:57.0406 0x24a4 ================ Scan global ===============================
11:31:57.0462 0x24a4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:31:57.0527 0x24a4 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
11:31:57.0562 0x24a4 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
11:31:57.0607 0x24a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:31:57.0682 0x24a4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:31:57.0705 0x24a4 [ Global ] - ok
11:31:57.0706 0x24a4 ================ Scan MBR ==================================
11:31:57.0717 0x24a4 [ E3AE5443A16C96EFF913BCA4BF5D3C22 ] \Device\Harddisk0\DR0
11:31:58.0190 0x24a4 \Device\Harddisk0\DR0 - ok
11:31:58.0191 0x24a4 ================ Scan VBR ==================================
11:31:58.0194 0x24a4 [ DF825394D6137E0F2441E13294350D28 ] \Device\Harddisk0\DR0\Partition1
11:31:58.0198 0x24a4 \Device\Harddisk0\DR0\Partition1 - ok
11:31:58.0203 0x24a4 [ 733E8A8BBE4E87263F1771E4BBBBE8F2 ] \Device\Harddisk0\DR0\Partition2
11:31:58.0206 0x24a4 \Device\Harddisk0\DR0\Partition2 - ok
11:31:58.0211 0x24a4 [ A9B07E50061D1B081506FC3895F8E4D3 ] \Device\Harddisk0\DR0\Partition3
11:31:58.0213 0x24a4 \Device\Harddisk0\DR0\Partition3 - ok
11:31:58.0216 0x24a4 ================ Scan generic autorun ======================
11:31:58.0267 0x24a4 [ 4EAB67E885087BDB2B247CD2E290CC22, D10092DCDBE1BB36D5777BD240129F788C58D5D6A92F45E9A5AD7A5FAF37A422 ] C:\Windows\system32\TpShocks.exe
11:31:58.0318 0x24a4 TpShocks - ok
11:31:58.0366 0x24a4 [ D3222DED64E0C5FF6860695186ECADEB, 54983A84FBCC5F909CAC0B4A0F4691723C62BD8053F4BCE2BA633AE2AB97DF55 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
11:31:58.0387 0x24a4 AcWin7Hlpr - ok
11:31:58.0787 0x24a4 [ 57C4F3063CEF84343DDF6E8045ADB50C, AD8827F2A28858E4BF40EFF16105FB0211042E33202CA43AC082EAC8361B1959 ] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
11:31:59.0312 0x24a4 cssauth - ok
11:31:59.0387 0x24a4 [ 084F1404AE15651DF5F5246C2E3D5569, 52212D1CBDDE9B5C5210216094EEB0D7AF8B85CE7A61690023F24A43338AC0C0 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
11:31:59.0408 0x24a4 LENOVO.TPKNRRES - ok
11:31:59.0413 0x24a4 SynTPEnh - ok
11:31:59.0476 0x24a4 [ E951218EB9A965F39B38EDC747922FDD, D1901383BD0622956A60AB3FD48773F36DE3897F2DE32A51460A5F0931D1BBA1 ] C:\Windows\system32\igfxtray.exe
11:31:59.0502 0x24a4 IgfxTray - ok
11:31:59.0536 0x24a4 [ 2ACE3C21083F5BB95CD56385A0E1581E, 6D668145D6CE8F70586FF504A272BD63EB2BF0EEC597D64A9D9F9B88EDA8C392 ] C:\Windows\system32\hkcmd.exe
11:31:59.0593 0x24a4 HotKeysCmds - ok
11:31:59.0624 0x24a4 [ 8C1183225C6774C103046DBC6BDDD446, 6B77DDF23C6E5EC35F050B54C7D85A607C43E510E2DCDD8A7B215940EFEC5768 ] C:\Windows\system32\igfxpers.exe
11:31:59.0679 0x24a4 Persistence - ok
11:31:59.0725 0x24a4 [ 5245671B65D182489C11C5D216601628, FADF0A825052AF72AB881565FC32421AB7809CF73DD0FEDDD4716CDA1183BC66 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
11:31:59.0747 0x24a4 IMSS - ok
11:31:59.0830 0x24a4 [ 62634246BADBB538F78309510CAAEFDA, 74AEF5CA769BF72AC64D22A5C8CFA84438DD7611011987D10DFD81D447B65F5D ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
11:31:59.0853 0x24a4 Avira SystrayStartTrigger - ok
11:32:00.0000 0x24a4 [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
11:32:00.0085 0x24a4 avgnt - ok
11:32:00.0091 0x24a4 PWMTRV - ok
11:32:00.0178 0x24a4 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
11:32:00.0200 0x24a4 HP Software Update - ok
11:32:00.0325 0x24a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:32:00.0446 0x24a4 Sidebar - ok
11:32:00.0477 0x24a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:32:00.0515 0x24a4 mctadmin - ok
11:32:00.0589 0x24a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:32:00.0682 0x24a4 Sidebar - ok
11:32:00.0695 0x24a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:32:00.0735 0x24a4 mctadmin - ok
11:32:00.0842 0x24a4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
11:32:00.0987 0x24a4 Sidebar - ok
11:32:01.0077 0x24a4 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\ThinkPad User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
11:32:01.0130 0x24a4 Dropbox Update - ok
11:32:01.0301 0x24a4 [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\ThinkPad User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:32:01.0438 0x24a4 Spotify Web Helper - ok
11:32:01.0442 0x24a4 Waiting for KSN requests completion. In queue: 156
11:32:02.0442 0x24a4 Waiting for KSN requests completion. In queue: 156
11:32:03.0443 0x24a4 Waiting for KSN requests completion. In queue: 156
11:32:03.0836 0x2018 Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
11:32:04.0443 0x24a4 Waiting for KSN requests completion. In queue: 146
11:32:05.0443 0x24a4 Waiting for KSN requests completion. In queue: 146
11:32:06.0288 0x2018 Object send P2P result: true
11:32:06.0308 0x2018 Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\ThinkPad User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:32:06.0443 0x24a4 Waiting for KSN requests completion. In queue: 1
11:32:07.0443 0x24a4 Waiting for KSN requests completion. In queue: 1
11:32:08.0443 0x24a4 Waiting for KSN requests completion. In queue: 1
11:32:08.0767 0x2018 Object send P2P result: true
11:32:09.0465 0x24a4 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
11:32:09.0615 0x24a4 Win FW state via NFP2: enabled ( trusted )
11:32:11.0990 0x24a4 ============================================================
11:32:11.0990 0x24a4 Scan finished
11:32:11.0990 0x24a4 ============================================================
11:32:12.0003 0x0f0c Detected object count: 1
11:32:12.0003 0x0f0c Actual detected object count: 1
11:32:23.0215 0x0f0c Service KMSELDI ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:23.0215 0x0f0c Service KMSELDI ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:34:26.0007 0x1d14 Deinitialize success
|
|
17.05.2016, 11:10
| #5 |
| /// TB-Ausbilder | Windows 7 Professional: Browser mit Malware infiziert: "klicken sie hier um weiter mit advertise" Du hast da mindestens eine illegale/gecrackte Software auf deinem Rechner: Microsoft Office Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter, wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems. |
|
20.05.2016, 23:04
| #6 |
| /// TB-Ausbilder | Windows 7 Professional: Browser mit Malware infiziert: "klicken sie hier um weiter mit advertise" Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Windows 7 Professional: Browser mit Malware infiziert: "klicken sie hier um weiter mit advertise" |
| anderen, avira, bestimmte, browser, curser, einfach, firefox, forum, gelöst, hinweis, infiziert, internetseite, klicke, klicken, malware, meldung, problem, professional, seite, system, threads, wiederholt, windows, windows 7, worte |
Linear-Darstellung
