| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: WIN32/Systweak.lWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.06.2016, 08:53
| #1 |
 |  WIN32/Systweak.l Hallo, ich habe ESETSMARTINSTALLER über meinen Laptop mit WIN7, SP1 laufen lassen. Das Ergebnis war 1 Bedrohung namens WIN32/Systweak.l, eine ventuelle Bedrohung. MBAM findet nichts. Ich habe nichts installiert. Soll ich dies entfernen und wenn wie mache ich das richtig? Vielen Dank im Voraus! Robert Geändert von PanSolo (26.06.2016 um 09:23 Uhr) |
|
26.06.2016, 12:41
| #2 |
| /// TB-Ausbilder   | WIN32/Systweak.l Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Bitte die Logdatei von ESET posten. Zur ersten Analyse zudem bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
26.06.2016, 13:16
| #3 |
| | WIN32/Systweak.l TDSSKiller:
__________________Code:
ATTFilter 14:06:55.0971 0x235c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:07:07.0394 0x235c ============================================================
14:07:07.0394 0x235c Current date / time: 2016/06/26 14:07:07.0394
14:07:07.0394 0x235c SystemInfo:
14:07:07.0394 0x235c
14:07:07.0394 0x235c OS Version: 6.1.7601 ServicePack: 1.0
14:07:07.0394 0x235c Product type: Workstation
14:07:07.0394 0x235c ComputerName: *****-THINK
14:07:07.0394 0x235c UserName: *****
14:07:07.0394 0x235c Windows directory: C:\Windows
14:07:07.0394 0x235c System windows directory: C:\Windows
14:07:07.0394 0x235c Running under WOW64
14:07:07.0394 0x235c Processor architecture: Intel x64
14:07:07.0394 0x235c Number of processors: 4
14:07:07.0394 0x235c Page size: 0x1000
14:07:07.0394 0x235c Boot type: Normal boot
14:07:07.0394 0x235c ============================================================
14:07:07.0820 0x235c KLMD registered as C:\Windows\system32\drivers\29403040.sys
14:07:07.0910 0x235c System UUID: {C71DCBEA-4680-93E0-73E8-42BBC5C9932E}
14:07:08.0217 0x235c Drive \Device\Harddisk0\DR0 - Size: 0x8BBA5F6000 ( 558.91 Gb ), SectorSize: 0x200, Cylinders: 0x11D01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:07:08.0222 0x235c ============================================================
14:07:08.0222 0x235c \Device\Harddisk0\DR0:
14:07:08.0222 0x235c MBR partitions:
14:07:08.0222 0x235c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
14:07:08.0222 0x235c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x424C9800
14:07:08.0222 0x235c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x42722000, BlocksNum 0x36B07B0
14:07:08.0222 0x235c ============================================================
14:07:08.0224 0x235c C: <-> \Device\Harddisk0\DR0\Partition2
14:07:08.0225 0x235c Q: <-> \Device\Harddisk0\DR0\Partition3
14:07:08.0226 0x235c ============================================================
14:07:08.0226 0x235c Initialize success
14:07:08.0226 0x235c ============================================================
14:07:49.0399 0x214c ============================================================
14:07:49.0399 0x214c Scan started
14:07:49.0399 0x214c Mode: Manual; SigCheck; TDLFS;
14:07:49.0399 0x214c ============================================================
14:07:49.0399 0x214c KSN ping started
14:07:49.0511 0x214c KSN ping finished: true
14:07:49.0770 0x214c ================ Scan system memory ========================
14:07:49.0770 0x214c System memory - ok
14:07:49.0770 0x214c ================ Scan services =============================
14:07:49.0807 0x214c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:07:49.0870 0x214c 1394ohci - ok
14:07:49.0880 0x214c [ F4AF97702BAD85BFEF64B9A557F11B6F, 8255B2FBE64C60562A7DAAAD575EED49EE0D23DD42E5C76C988B8A3673843EA6 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
14:07:49.0901 0x214c 5U877 - ok
14:07:49.0909 0x214c [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:07:49.0924 0x214c ACDaemon - ok
14:07:49.0934 0x214c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:07:49.0957 0x214c ACPI - ok
14:07:49.0961 0x214c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:07:49.0980 0x214c AcpiPmi - ok
14:07:49.0988 0x214c [ AA76F50E0880B73F2D34A37A9B0637F4, CDF6CD051E30A284DAADB7195CB3C3749C6BE00E4170A721E2107D53685D1723 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
14:07:49.0998 0x214c AcPrfMgrSvc - ok
14:07:50.0007 0x214c [ DD3F066FC7D8F9EF75A4DB66E0B3D084, A7F8B6FF0B1B9133AF5BE9964D31240AAF1B6F43DC92F823F0B663F2C344689B ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
14:07:50.0018 0x214c AcSvc - ok
14:07:50.0023 0x214c [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:07:50.0033 0x214c AdobeARMservice - ok
14:07:50.0047 0x214c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:07:50.0074 0x214c adp94xx - ok
14:07:50.0084 0x214c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:07:50.0107 0x214c adpahci - ok
14:07:50.0113 0x214c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:07:50.0132 0x214c adpu320 - ok
14:07:50.0138 0x214c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:07:50.0150 0x214c AeLookupSvc - ok
14:07:50.0166 0x214c [ 0517E1670A58213E3F206066CD209273, BC499306319DD811E8D52A4A18C8F058BF9D121508CF8B0D6E1AB1F20990F41D ] AF15BDA C:\Windows\system32\DRIVERS\AF15BDA.sys
14:07:50.0194 0x214c AF15BDA - ok
14:07:50.0211 0x214c [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
14:07:50.0226 0x214c Afc - ok
14:07:50.0241 0x214c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
14:07:50.0270 0x214c AFD - ok
14:07:50.0274 0x214c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:07:50.0290 0x214c agp440 - ok
14:07:50.0295 0x214c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:07:50.0307 0x214c ALG - ok
14:07:50.0310 0x214c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:07:50.0325 0x214c aliide - ok
14:07:50.0328 0x214c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:07:50.0342 0x214c amdide - ok
14:07:50.0347 0x214c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:07:50.0365 0x214c AmdK8 - ok
14:07:50.0369 0x214c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:07:50.0387 0x214c AmdPPM - ok
14:07:50.0393 0x214c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:07:50.0410 0x214c amdsata - ok
14:07:50.0417 0x214c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:07:50.0437 0x214c amdsbs - ok
14:07:50.0441 0x214c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:07:50.0456 0x214c amdxata - ok
14:07:50.0467 0x214c [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
14:07:50.0478 0x214c AppHostSvc - ok
14:07:50.0482 0x214c [ 5F9389D9A2D5A2A7B03DC92914B43A88, CCF08F6BCF2479CA97055A88849CB2E1D7DD32DD87AC3833CB349E788F594AAF ] AppID C:\Windows\system32\drivers\appid.sys
14:07:50.0500 0x214c AppID - ok
14:07:50.0504 0x214c [ 4EC449C6A6FE42F2E44F25C17D17C9F1, 24161794DEC599427F370970F7E03548F55BC8A4A58F3B667F565E571BCA0100 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:07:50.0514 0x214c AppIDSvc - ok
14:07:50.0519 0x214c [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\Windows\System32\appinfo.dll
14:07:50.0530 0x214c Appinfo - ok
14:07:50.0540 0x214c [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:07:50.0550 0x214c Apple Mobile Device Service - ok
14:07:50.0558 0x214c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:07:50.0571 0x214c AppMgmt - ok
14:07:50.0575 0x214c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:07:50.0592 0x214c arc - ok
14:07:50.0597 0x214c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:07:50.0614 0x214c arcsas - ok
14:07:50.0631 0x214c [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:07:50.0641 0x214c aspnet_state - ok
14:07:50.0645 0x214c [ 1694434F5B9AB16772C7A8E2EF9134CA, B84FA624EB6D438BB01AB886AE85FA42BEA46F2E33454C6C4D9078015813CDB5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
14:07:50.0663 0x214c aswHwid - ok
14:07:50.0668 0x214c [ 786E8BCDFF674068F3C950615FC2E71C, B5803960297F9622F594EC113FF6C89221606FC6B26B02EA6F021BE38AA66794 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
14:07:50.0684 0x214c aswKbd - ok
14:07:50.0689 0x214c [ 33D0DD0471FDF449C81338863FC63978, D5898B51B3BCE43E62D459CE808888085D82A4B9B284F90E3301CEF7C33C03E4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:07:50.0708 0x214c aswMonFlt - ok
14:07:50.0712 0x214c [ DF190688D993A3DB227BFB0BB40BD7D4, C7EDA64AE84001089AE2085B8336B7572DEDDCC80EAAA05D73C9C675CAD8C511 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
14:07:50.0731 0x214c aswRdr - ok
14:07:50.0736 0x214c [ D873455DFA27680585AE238503917DF5, CAD9CBCD24F33FF8E49C77C795F8FE0540243E455A6FC9E3035B8C15C9EEBD6C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
14:07:50.0754 0x214c aswRvrt - ok
14:07:50.0780 0x214c [ A371A06EC8F4830C263D3F5CA5A11B65, 62E55DD439C106184F3AF73198D5CEAB5828A0EE1E30A13C35103B1B57966AB6 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:07:50.0826 0x214c aswSnx - ok
14:07:50.0843 0x214c [ 6B7F6CE19A16240EE9DE2C528897ED9C, 3B7C24F5B152B408D87DA70B01AD2E744DCB877D46602C0620931FCADB275E17 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:07:50.0872 0x214c aswSP - ok
14:07:50.0881 0x214c [ 3575F9226251DE48E065ED5C384A21EF, 032F53FEEB0BB43F1AD673EE13F507D3A8AC10F78543EA1294C40BAA918ED323 ] aswStm C:\Windows\system32\drivers\aswStm.sys
14:07:50.0893 0x214c aswStm - ok
14:07:50.0902 0x214c [ BA4CDCD8C0395E91C38CD2C5CE3E7FA2, EF037C9C62F67C3D4432C86E3F568F62AABF468C792EA75477FCBC8EC8151C29 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
14:07:50.0928 0x214c aswVmm - ok
14:07:50.0932 0x214c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:07:50.0965 0x214c AsyncMac - ok
14:07:50.0968 0x214c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:07:50.0984 0x214c atapi - ok
14:07:51.0001 0x214c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:07:51.0023 0x214c AudioEndpointBuilder - ok
14:07:51.0040 0x214c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:07:51.0062 0x214c AudioSrv - ok
14:07:51.0077 0x214c [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:07:51.0091 0x214c avast! Antivirus - ok
14:07:51.0099 0x214c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:07:51.0114 0x214c AxInstSV - ok
14:07:51.0128 0x214c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:07:51.0157 0x214c b06bdrv - ok
14:07:51.0169 0x214c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:07:51.0194 0x214c b57nd60a - ok
14:07:51.0200 0x214c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:07:51.0211 0x214c BDESVC - ok
14:07:51.0214 0x214c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:07:51.0246 0x214c Beep - ok
14:07:51.0267 0x214c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:07:51.0290 0x214c BFE - ok
14:07:51.0311 0x214c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:07:51.0352 0x214c BITS - ok
14:07:51.0357 0x214c [ 7C450776DD17A05D8E63A02354A74A85, 2524819DBCB362D5C4E5389FE67AF3CF1FBB6826E900DF088D9746BC5238E4C0 ] blackberryncm C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys
14:07:51.0367 0x214c blackberryncm - detected UnsignedFile.Multi.Generic ( 1 )
14:07:51.0832 0x214c Detect skipped due to KSN trusted
14:07:51.0832 0x214c blackberryncm - ok
14:07:51.0836 0x214c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:07:51.0854 0x214c blbdrive - ok
14:07:51.0868 0x214c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:07:51.0883 0x214c Bonjour Service - ok
14:07:51.0889 0x214c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:07:51.0907 0x214c bowser - ok
14:07:51.0910 0x214c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:07:51.0930 0x214c BrFiltLo - ok
14:07:51.0932 0x214c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:07:51.0951 0x214c BrFiltUp - ok
14:07:51.0957 0x214c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:07:51.0970 0x214c Browser - ok
14:07:51.0979 0x214c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:07:52.0007 0x214c Brserid - ok
14:07:52.0011 0x214c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:07:52.0030 0x214c BrSerWdm - ok
14:07:52.0033 0x214c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:07:52.0052 0x214c BrUsbMdm - ok
14:07:52.0055 0x214c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:07:52.0073 0x214c BrUsbSer - ok
14:07:52.0077 0x214c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:07:52.0095 0x214c BthEnum - ok
14:07:52.0099 0x214c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:07:52.0120 0x214c BTHMODEM - ok
14:07:52.0125 0x214c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:07:52.0148 0x214c BthPan - ok
14:07:52.0164 0x214c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:07:52.0194 0x214c BTHPORT - ok
14:07:52.0199 0x214c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:07:52.0226 0x214c bthserv - ok
14:07:52.0231 0x214c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:07:52.0249 0x214c BTHUSB - ok
14:07:52.0262 0x214c [ 8834F87A6A745872894DF8223201A6C3, B8C26E11EAAB4A93E4241B4B6F00C1CA05501011E28D6A06D4B009BA4E3AB7CD ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
14:07:52.0287 0x214c BTWAMPFL - ok
14:07:52.0294 0x214c [ 9863D82ECBEC6106D377ED73680D99D8, 27DA7335BB14BBF9DC627C8F97ED59BA3479E5E084704AE4C16B1A3E67CB184C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:07:52.0312 0x214c btwaudio - ok
14:07:52.0319 0x214c [ 3432DD66AE75AB2DE6D0527AD78DBFC7, C2DEB409CDA3621E33E429E592A81E09095C52CDCE36732C9BEA00B92994E44D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:07:52.0337 0x214c btwavdt - ok
14:07:52.0362 0x214c [ EB4AFE08FB39BB444F221D7D501E0915, 2AF8ECEEAB5A0E972660C1553B555E49C49F19500ABD67DFEB9BEBA7E577A700 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
14:07:52.0386 0x214c btwdins - ok
14:07:52.0391 0x214c [ 382DC5A631CED0462EA09B7EB898BDBF, 7457145E194310F4EB9273471EA41100D3A1448BC2A366064B25A212B389AACB ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:07:52.0406 0x214c btwl2cap - ok
14:07:52.0411 0x214c [ 13A9C2CEDD44C175E6CA39A536795CA6, 13D6D24C2127E6A5E9AB2DFAA9729D57AA6CFCC72DFACF78E4DE7E63ABA122DF ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:07:52.0426 0x214c btwrchid - ok
14:07:52.0432 0x214c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:07:52.0469 0x214c cdfs - ok
14:07:52.0476 0x214c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:07:52.0496 0x214c cdrom - ok
14:07:52.0502 0x214c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:07:52.0527 0x214c CertPropSvc - ok
14:07:52.0532 0x214c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:07:52.0551 0x214c circlass - ok
14:07:52.0563 0x214c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:07:52.0587 0x214c CLFS - ok
14:07:52.0595 0x214c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:07:52.0605 0x214c clr_optimization_v2.0.50727_32 - ok
14:07:52.0611 0x214c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:07:52.0621 0x214c clr_optimization_v2.0.50727_64 - ok
14:07:52.0631 0x214c [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:07:52.0643 0x214c clr_optimization_v4.0.30319_32 - ok
14:07:52.0649 0x214c [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:07:52.0662 0x214c clr_optimization_v4.0.30319_64 - ok
14:07:52.0665 0x214c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:07:52.0682 0x214c CmBatt - ok
14:07:52.0685 0x214c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:07:52.0700 0x214c cmdide - ok
14:07:52.0713 0x214c [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
14:07:52.0743 0x214c CNG - ok
14:07:52.0778 0x214c [ 5BEC441B6B91E874C987C06F98176D90, FA4B523271947AE908C41BA2ABB1E4871359C8DE21E0ECC2B4CD49F734EF8FB4 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:07:52.0832 0x214c CnxtHdAudService - ok
14:07:52.0837 0x214c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:07:52.0852 0x214c Compbatt - ok
14:07:52.0855 0x214c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:07:52.0875 0x214c CompositeBus - ok
14:07:52.0877 0x214c COMSysApp - ok
14:07:52.0901 0x214c [ A93043E0B855AD23C97B9121D73DCA7E, B134450EFD61E901A3FA02A97BFE8B23B29E2551081CBE6D07DBC190F3711029 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:07:52.0919 0x214c cphs - ok
14:07:52.0923 0x214c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:07:52.0938 0x214c crcdisk - ok
14:07:52.0946 0x214c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:07:52.0959 0x214c CryptSvc - ok
14:07:52.0974 0x214c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:07:53.0003 0x214c CSC - ok
14:07:53.0022 0x214c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:07:53.0044 0x214c CscService - ok
14:07:53.0051 0x214c [ 9D0D050170D47E778B624A28C90F23DE, 48528AA9EB0C9FB5086D992EF1F9556C8249D267C2E3D4E681D5C8B6BC316C71 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
14:07:53.0062 0x214c CxAudMsg - ok
14:07:53.0078 0x214c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
14:07:53.0098 0x214c DcomLaunch - ok
14:07:53.0107 0x214c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:07:53.0137 0x214c defragsvc - ok
14:07:53.0143 0x214c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:07:53.0177 0x214c DfsC - ok
14:07:53.0187 0x214c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:07:53.0203 0x214c Dhcp - ok
14:07:53.0236 0x214c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
14:07:53.0271 0x214c DiagTrack - ok
14:07:53.0276 0x214c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:07:53.0308 0x214c discache - ok
14:07:53.0312 0x214c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
14:07:53.0329 0x214c Disk - ok
14:07:53.0336 0x214c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:07:53.0349 0x214c Dnscache - ok
14:07:53.0357 0x214c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:07:53.0386 0x214c dot3svc - ok
14:07:53.0400 0x214c [ 497E0E7CD4E6A708EDF8EF4D1702F427, 53591AFB2CACD1A1EDEAEDFABE57E04E219E0A7112F168E78A34DFE9413D7CEC ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
14:07:53.0413 0x214c DozeSvc - ok
14:07:53.0420 0x214c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:07:53.0447 0x214c DPS - ok
14:07:53.0451 0x214c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:07:53.0467 0x214c drmkaud - ok
14:07:53.0490 0x214c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:07:53.0529 0x214c DXGKrnl - ok
14:07:53.0533 0x214c [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
14:07:53.0548 0x214c DzHDD64 - ok
14:07:53.0563 0x214c [ B9D6EF0377E1B3D904B2977C0BC34A0A, B369EE06B1F8E6D24A14CF076EF68D1C606373829072AF775E3EBB163D359A2E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
14:07:53.0593 0x214c e1cexpress - ok
14:07:53.0598 0x214c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:07:53.0626 0x214c EapHost - ok
14:07:53.0693 0x214c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:07:53.0759 0x214c ebdrv - ok
14:07:53.0765 0x214c [ F88F2E5806FC405B0FA94B7947A5875E, 292DA82C308C9F9775DF4E2C8FDE726D4BA6B224049C113809422EDE07919248 ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
14:07:53.0780 0x214c ecnssndis - ok
14:07:53.0783 0x214c [ C8CD88218EFC28F7E44A9892B3E97F4D, 3C84997B657808BBE1A9B9AD5EB8E1900ED703D67C3CE66F85BA0BADDA616CD8 ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
14:07:53.0798 0x214c ecnssndisfltr - ok
14:07:53.0802 0x214c [ A836A81E333B9AC8D5EA62B36B7A6CD9, D8EEB77A6DA2BF483E36F142AE3D8BCE4DE41ACD70122E90B5EFE86DDE449BC0 ] EFS C:\Windows\System32\lsass.exe
14:07:53.0813 0x214c EFS - ok
14:07:53.0831 0x214c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:07:53.0853 0x214c ehRecvr - ok
14:07:53.0860 0x214c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:07:53.0872 0x214c ehSched - ok
14:07:53.0886 0x214c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:07:53.0915 0x214c elxstor - ok
14:07:53.0922 0x214c epp - ok
14:07:53.0925 0x214c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:07:53.0941 0x214c ErrDev - ok
14:07:53.0946 0x214c [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner C:\Windows\system32\DRIVERS\EsgScanner.sys
14:07:53.0961 0x214c EsgScanner - ok
14:07:53.0966 0x214c [ 67FA5ECD5A643CFCEF30DF4DD263CFA5, 3546C8CE2AEA2653B343F488C8108EFE1C2BC325D00B74D6B26251D30583FA57 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
14:07:53.0982 0x214c ESProtectionDriver - ok
14:07:53.0995 0x214c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:07:54.0027 0x214c EventSystem - ok
14:07:54.0045 0x214c [ 2761809D0BA8BD0F83463509624FD74A, BF057B1490AB912943772F3FCC97E068F365A15E67E02927E38AB31CC9EAC7D7 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:07:54.0064 0x214c EvtEng - ok
14:07:54.0071 0x214c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:07:54.0107 0x214c exfat - ok
14:07:54.0115 0x214c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:07:54.0152 0x214c fastfat - ok
14:07:54.0170 0x214c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:07:54.0192 0x214c Fax - ok
14:07:54.0195 0x214c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:07:54.0213 0x214c fdc - ok
14:07:54.0216 0x214c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:07:54.0241 0x214c fdPHost - ok
14:07:54.0246 0x214c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:07:54.0272 0x214c FDResPub - ok
14:07:54.0276 0x214c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:07:54.0292 0x214c FileInfo - ok
14:07:54.0296 0x214c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:07:54.0328 0x214c Filetrace - ok
14:07:54.0345 0x214c [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:07:54.0363 0x214c FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:07:55.0247 0x214c Detect skipped due to KSN trusted
14:07:55.0247 0x214c FLEXnet Licensing Service - ok
14:07:55.0251 0x214c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:07:55.0269 0x214c flpydisk - ok
14:07:55.0279 0x214c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:07:55.0301 0x214c FltMgr - ok
14:07:55.0329 0x214c [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
14:07:55.0360 0x214c FontCache - ok
14:07:55.0366 0x214c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:07:55.0374 0x214c FontCache3.0.0.0 - ok
14:07:55.0378 0x214c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:07:55.0393 0x214c FsDepends - ok
14:07:55.0397 0x214c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:07:55.0412 0x214c Fs_Rec - ok
14:07:55.0420 0x214c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:07:55.0442 0x214c fvevol - ok
14:07:55.0447 0x214c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:07:55.0463 0x214c gagp30kx - ok
14:07:55.0466 0x214c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:07:55.0480 0x214c GEARAspiWDM - ok
14:07:55.0500 0x214c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
14:07:55.0524 0x214c gpsvc - ok
14:07:55.0531 0x214c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:07:55.0540 0x214c gupdate - ok
14:07:55.0546 0x214c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:07:55.0556 0x214c gupdatem - ok
14:07:55.0562 0x214c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:07:55.0579 0x214c hcw85cir - ok
14:07:55.0590 0x214c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:07:55.0617 0x214c HdAudAddService - ok
14:07:55.0622 0x214c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:07:55.0644 0x214c HDAudBus - ok
14:07:55.0648 0x214c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:07:55.0665 0x214c HidBatt - ok
14:07:55.0670 0x214c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:07:55.0690 0x214c HidBth - ok
14:07:55.0694 0x214c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:07:55.0714 0x214c HidIr - ok
14:07:55.0717 0x214c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:07:55.0743 0x214c hidserv - ok
14:07:55.0747 0x214c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:07:55.0764 0x214c HidUsb - ok
14:07:55.0768 0x214c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:07:55.0795 0x214c hkmsvc - ok
14:07:55.0804 0x214c [ 48CE2D2864B372AF170C0FDFADC27887, CC50A375F82036A4BEEC01B61668838ED36371B5F68B5898591EDF61AED036E8 ] hmpalert C:\Windows\system32\drivers\hmpalert.sys
14:07:55.0824 0x214c hmpalert - ok
14:07:55.0906 0x214c [ 7F6CB19F83D7F4EB10394A17EB266622, E8EF7C0459DF9CDBEEC1C5E70A20146D5B3E0394D55170BE2687A40981078FD5 ] hmpalertsvc C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
14:07:55.0987 0x214c hmpalertsvc - ok
14:07:55.0996 0x214c [ 796DF7E2082B4B0320B21639D475768A, 88BECC17C5D0E026FB3241DE104582D66267B632CBDF9D3E1AC03E94F7BC2465 ] hmpnet C:\Windows\system32\drivers\hmpnet.sys
14:07:56.0012 0x214c hmpnet - ok
14:07:56.0020 0x214c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:07:56.0034 0x214c HomeGroupListener - ok
14:07:56.0041 0x214c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:07:56.0055 0x214c HomeGroupProvider - ok
14:07:56.0067 0x214c [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:07:56.0074 0x214c hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
14:07:56.0177 0x214c Detect skipped due to KSN trusted
14:07:56.0177 0x214c hpqcxs08 - ok
14:07:56.0186 0x214c [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:07:56.0191 0x214c hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
14:07:56.0669 0x214c Detect skipped due to KSN trusted
14:07:56.0669 0x214c hpqddsvc - ok
14:07:56.0674 0x214c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:07:56.0691 0x214c HpSAMD - ok
14:07:56.0720 0x214c [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:07:56.0744 0x214c HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
14:07:56.0849 0x214c Detect skipped due to KSN trusted
14:07:56.0849 0x214c HPSLPSVC - ok
14:07:56.0873 0x214c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:07:56.0910 0x214c HTTP - ok
14:07:56.0915 0x214c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:07:56.0930 0x214c hwpolicy - ok
14:07:56.0935 0x214c [ 9149907FF8681AD6475607EEBF62DD2F, F3F766ED689BCD69DC8BC705FF08BE9830B562D8CB85AD74A12FE370F5DA9668 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
14:07:56.0944 0x214c HyperW7Svc - ok
14:07:56.0949 0x214c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:07:56.0970 0x214c i8042prt - ok
14:07:56.0986 0x214c [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:07:57.0015 0x214c iaStor - ok
14:07:57.0027 0x214c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:07:57.0053 0x214c iaStorV - ok
14:07:57.0058 0x214c [ 6503A3910E6117C09686428E4AF51857, B5E214981BBA07F014ADD93183DAE960E9E11E79EBA62CDD7BFDD7EDEC40760C ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
14:07:57.0076 0x214c IBMPMDRV - ok
14:07:57.0083 0x214c [ 7989803615931F0664750C4C67C54238, 992C49982F89C3B07756E5D5241CAD76F21B14C8209357EA5FA8F49256DA703C ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
14:07:57.0096 0x214c IBMPMSVC - ok
14:07:57.0103 0x214c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:07:57.0114 0x214c ICCS - ok
14:07:57.0136 0x214c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:07:57.0161 0x214c idsvc - ok
14:07:57.0165 0x214c IEEtwCollectorService - ok
14:07:57.0275 0x214c [ E294EA00A7B5616215C0A3DFB8BF3A6D, F7E20695EF0A9E4F6C30F86823BBF24CE7CBDE9432958A1D98E82E62DCCCB167 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:07:57.0381 0x214c igfx - ok
14:07:57.0392 0x214c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:07:57.0408 0x214c iirsp - ok
14:07:57.0429 0x214c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:07:57.0455 0x214c IKEEXT - ok
14:07:57.0463 0x214c [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:07:57.0482 0x214c intaud_WaveExtensible - ok
14:07:57.0493 0x214c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:07:57.0509 0x214c IntcDAud - ok
14:07:57.0512 0x214c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:07:57.0528 0x214c intelide - ok
14:07:57.0533 0x214c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:07:57.0552 0x214c intelppm - ok
14:07:57.0557 0x214c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:07:57.0584 0x214c IPBusEnum - ok
14:07:57.0589 0x214c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:07:57.0621 0x214c IpFilterDriver - ok
14:07:57.0636 0x214c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:07:57.0657 0x214c iphlpsvc - ok
14:07:57.0662 0x214c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:07:57.0681 0x214c IPMIDRV - ok
14:07:57.0686 0x214c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:07:57.0720 0x214c IPNAT - ok
14:07:57.0739 0x214c [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:07:57.0758 0x214c iPod Service - ok
14:07:57.0762 0x214c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:07:57.0781 0x214c IRENUM - ok
14:07:57.0784 0x214c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:07:57.0800 0x214c isapnp - ok
14:07:57.0808 0x214c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:07:57.0830 0x214c iScsiPrt - ok
14:07:57.0837 0x214c [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
14:07:57.0852 0x214c iwdbus - ok
14:07:57.0860 0x214c [ BD7C4C575FF1A0E47B346890998FE72F, ED80337E85AC149C8BF6A9ABDF2D281BE173375F04277567AFA607B3B683ED71 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
14:07:57.0872 0x214c jhi_service - ok
14:07:57.0876 0x214c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:07:57.0892 0x214c kbdclass - ok
14:07:57.0896 0x214c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:07:57.0913 0x214c kbdhid - ok
14:07:57.0916 0x214c [ A836A81E333B9AC8D5EA62B36B7A6CD9, D8EEB77A6DA2BF483E36F142AE3D8BCE4DE41ACD70122E90B5EFE86DDE449BC0 ] KeyIso C:\Windows\system32\lsass.exe
14:07:57.0927 0x214c KeyIso - ok
14:07:57.0932 0x214c [ 5BBD8497E3E19128FFA06B7CCA5CC717, 93F64FB0848F25976EA3A2C198B23B496A15249005DE0D6339EEC41C9EB096B8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:07:57.0948 0x214c KSecDD - ok
14:07:57.0954 0x214c [ 326D48841B92CB8E8B6B1308311B5727, C6E2B8D1F6F18BC1D72C20E4EE71D1C41EC2B5734B1128C4358E9240470C7331 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:07:57.0972 0x214c KSecPkg - ok
14:07:57.0976 0x214c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:07:58.0007 0x214c ksthunk - ok
14:07:58.0018 0x214c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:07:58.0050 0x214c KtmRm - ok
14:07:58.0056 0x214c [ F761A831C9DC8D0204B7FB43E3A896B7, 9739FC721C774C0C754D0E558D39A77FF8B976CC98C044CB4D16446A9AF3E0A1 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
14:07:58.0065 0x214c l36wgps - ok
14:07:58.0072 0x214c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:07:58.0102 0x214c LanmanServer - ok
14:07:58.0108 0x214c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:07:58.0135 0x214c LanmanWorkstation - ok
14:07:58.0155 0x214c [ B28F352952FC7B77A06DCFF01CBF8131, DAC90126613D2BE9E95E8884444A984D08BAC8A1B37571C54EB9B228EF7EEA24 ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
14:07:58.0173 0x214c Lenovo EasyPlus Hotspot - ok
14:07:58.0178 0x214c [ 403F6798A847D9F98B650D27D0FA3FD3, D69314309E251C74D77CDEF1DED7A4E83788871FA723D0D74B9FE5BAA89F9998 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
14:07:58.0186 0x214c LENOVO.CAMMUTE - ok
14:07:58.0192 0x214c [ A062A18F4F792534F898AEB3BD723D01, 4B620E9BBADAC69F4F116F19BA00B07E49F01DE0516A6091772E8515A8636B72 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
14:07:58.0201 0x214c LENOVO.MICMUTE - ok
14:07:58.0204 0x214c [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
14:07:58.0218 0x214c lenovo.smi - ok
14:07:58.0222 0x214c [ 00F2E095C36199D8BF14A8E40CDBC2D0, A7E048E496056E7554F9BB2CA71374820821371F39D5BE22C88285D412E2FCBE ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
14:07:58.0230 0x214c LENOVO.TPKNRSVC - ok
14:07:58.0234 0x214c [ 6F2CC57EB5836D2AC9BD37F3554D55F8, C877F63AACA68AD3505EC4A8B8916FA2E07C2CB29E74FA368A103F612E18499E ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
14:07:58.0242 0x214c Lenovo.VIRTSCRLSVC - ok
14:07:58.0246 0x214c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:07:58.0278 0x214c lltdio - ok
14:07:58.0288 0x214c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:07:58.0319 0x214c lltdsvc - ok
14:07:58.0323 0x214c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:07:58.0348 0x214c lmhosts - ok
14:07:58.0358 0x214c [ A41FDFC6618B688E403440E2E6252504, D8DDE0B6167F0176FCEBCF3CD50717B3A48862EDAECEA1693921F577C48427DE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:07:58.0372 0x214c LMS - ok
14:07:58.0393 0x214c [ FEBD1A5F4A7BDBC0B8CD0E9B23A0EFC5, 5C4B7263D8E3A1D4623CBD16F5C7819956F9BC084180C62F8B4FFE974C1D078B ] LPlatSvc C:\Windows\system32\LPlatSvc.exe
14:07:58.0415 0x214c LPlatSvc - ok
14:07:58.0430 0x214c [ 5F2C900A90848BCBF8650D5D3F1BDA88, 9FCDA71C2C9F827255A47A973C60D6DBA167EDA702320CA581A2F70FF2B7AD00 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
14:07:58.0446 0x214c LSC.Services.SystemService - ok
14:07:58.0451 0x214c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:07:58.0468 0x214c LSI_FC - ok
14:07:58.0473 0x214c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:07:58.0491 0x214c LSI_SAS - ok
14:07:58.0495 0x214c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:07:58.0511 0x214c LSI_SAS2 - ok
14:07:58.0517 0x214c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:07:58.0534 0x214c LSI_SCSI - ok
14:07:58.0538 0x214c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:07:58.0573 0x214c luafv - ok
14:07:58.0577 0x214c [ 0CC0E238C431F699C13FD47202B7E265, A2FE971BC708FBE5C384AC9C7FD83899F2EE4456C2974A36E89FF28210893B59 ] MacheenService C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
14:07:58.0585 0x214c MacheenService - ok
14:07:58.0605 0x214c [ 94A5E35D81C121A74E6AC4DC58AA869B, 46C3902EC86E69A78EEA3E27C902165BA88EBD97553F85FF782458B29B58D37D ] MbaeSvc C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
14:07:58.0625 0x214c MbaeSvc - ok
14:07:58.0638 0x214c [ D8BA1ECBF0B9A4B4E1F3B7EB517D6C20, 9A72B2FAE2E39D1F7E73DD55888D30AAE46BDC5294A5EA558AF00CABF1C20D5B ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
14:07:58.0662 0x214c Mbm3CBus - ok
14:07:58.0675 0x214c [ 01E60917101B309E15F30DA26ACF64F6, 141BBBCA6A2E20A1AF242483F98E03401A956C691177EBCC1946D87736B42D59 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
14:07:58.0690 0x214c Mbm3DevMt - ok
14:07:58.0693 0x214c [ 6350A2CA21FB7B14432EFFDC61863AED, C2C051E155455AD57219C1E8689B51D736FB50876BE10F3770B0560BF27C538B ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
14:07:58.0707 0x214c Mbm3mdfl - ok
14:07:58.0721 0x214c [ 9FC3A8713D148E15D0472E1C44DD0FDA, A36FF9787477E7D1F9C202B7D87A701114B76B6A796A89D6D199D351CC040622 ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
14:07:58.0749 0x214c Mbm3Mdm - ok
14:07:58.0755 0x214c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:07:58.0767 0x214c Mcx2Svc - ok
14:07:58.0771 0x214c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:07:58.0787 0x214c megasas - ok
14:07:58.0796 0x214c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:07:58.0817 0x214c MegaSR - ok
14:07:58.0822 0x214c [ 6EA2F13DEAF130753F6FC19AFFFF94A8, ADA5BA2DBCD58372918FD278834B2E13FE0F73E200A2E747AB7B123C31E46825 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:07:58.0838 0x214c MEIx64 - ok
14:07:58.0842 0x214c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:07:58.0869 0x214c MMCSS - ok
14:07:58.0873 0x214c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:07:58.0906 0x214c Modem - ok
14:07:58.0910 0x214c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:07:58.0929 0x214c monitor - ok
14:07:58.0933 0x214c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:07:58.0948 0x214c mouclass - ok
14:07:58.0952 0x214c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:07:58.0969 0x214c mouhid - ok
14:07:58.0974 0x214c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:07:58.0991 0x214c mountmgr - ok
14:07:58.0999 0x214c [ A62B2E296BCDC105EB5B24A21CF4188A, AB491D65DBDB555EFDE7A5622CDF8F2809476A33449C4CF6AB3A07D1A6CBB0BB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:07:59.0010 0x214c MozillaMaintenance - ok
14:07:59.0016 0x214c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:07:59.0035 0x214c mpio - ok
14:07:59.0039 0x214c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:07:59.0072 0x214c mpsdrv - ok
14:07:59.0093 0x214c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:07:59.0133 0x214c MpsSvc - ok
14:07:59.0140 0x214c [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:07:59.0160 0x214c MRxDAV - ok
14:07:59.0166 0x214c [ E8B2BE69999B74528DFD454F62ADA978, C48652D66E470DDFBBB11E6EC80A775B2227AA8F3EBD0728665B0589F16A9E24 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:07:59.0187 0x214c mrxsmb - ok
14:07:59.0196 0x214c [ 8F3B145F690B36201CF2F468D8FF02B9, 09204FA8E47BBDD7D801A3BF57BF6AE14C57F6EED83209BDBAF1AAF9DCF352D4 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:07:59.0219 0x214c mrxsmb10 - ok
14:07:59.0225 0x214c [ 5ECCDFFA286EA61CBCC17D3E733A9951, 20500F6918EADA34D65999E7A218F103F58784481BFD7DC15BF351CCFA79BE8B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:07:59.0244 0x214c mrxsmb20 - ok
14:07:59.0248 0x214c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:07:59.0263 0x214c msahci - ok
14:07:59.0268 0x214c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:07:59.0287 0x214c msdsm - ok
14:07:59.0292 0x214c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:07:59.0306 0x214c MSDTC - ok
14:07:59.0312 0x214c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:07:59.0344 0x214c Msfs - ok
14:07:59.0347 0x214c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:07:59.0378 0x214c mshidkmdf - ok
14:07:59.0382 0x214c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:07:59.0396 0x214c msisadrv - ok
14:07:59.0403 0x214c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:07:59.0431 0x214c MSiSCSI - ok
14:07:59.0433 0x214c msiserver - ok
14:07:59.0437 0x214c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:07:59.0468 0x214c MSKSSRV - ok
14:07:59.0471 0x214c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:07:59.0502 0x214c MSPCLOCK - ok
14:07:59.0505 0x214c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:07:59.0536 0x214c MSPQM - ok
14:07:59.0547 0x214c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:07:59.0572 0x214c MsRPC - ok
14:07:59.0577 0x214c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:07:59.0592 0x214c mssmbios - ok
14:07:59.0595 0x214c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:07:59.0626 0x214c MSTEE - ok
14:07:59.0629 0x214c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:07:59.0645 0x214c MTConfig - ok
14:07:59.0650 0x214c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:07:59.0666 0x214c Mup - ok
14:07:59.0674 0x214c [ FAA1B47AEADDB64CB9A4D31A894AA8F8, 4FDE81AF3B5C2C6652A14E97BD763275704AA13FF5691002CF1197055E4B039C ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:07:59.0687 0x214c MyWiFiDHCPDNS - ok
14:07:59.0700 0x214c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:07:59.0734 0x214c napagent - ok
14:07:59.0744 0x214c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:07:59.0771 0x214c NativeWifiP - ok
14:07:59.0795 0x214c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:07:59.0835 0x214c NDIS - ok
14:07:59.0839 0x214c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:07:59.0873 0x214c NdisCap - ok
14:07:59.0876 0x214c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:07:59.0908 0x214c NdisTapi - ok
14:07:59.0913 0x214c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:07:59.0945 0x214c Ndisuio - ok
14:07:59.0952 0x214c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:07:59.0987 0x214c NdisWan - ok
14:07:59.0991 0x214c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:08:00.0024 0x214c NDProxy - ok
14:08:00.0030 0x214c [ C3A9A4EDB8842884F888BE669834F3D1, D0F3C8500A9AD82149E82258258F55894662E70BFE7C73CA623DDF9BD059E2C4 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:08:00.0035 0x214c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:08:02.0941 0x214c Detect skipped due to KSN trusted
14:08:02.0941 0x214c Net Driver HPZ12 - ok
14:08:02.0946 0x214c [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
14:08:02.0957 0x214c Netaapl - ok
14:08:02.0960 0x214c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:08:02.0993 0x214c NetBIOS - ok
14:08:03.0002 0x214c [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:08:03.0024 0x214c NetBT - ok
14:08:03.0028 0x214c [ A836A81E333B9AC8D5EA62B36B7A6CD9, D8EEB77A6DA2BF483E36F142AE3D8BCE4DE41ACD70122E90B5EFE86DDE449BC0 ] Netlogon C:\Windows\system32\lsass.exe
14:08:03.0039 0x214c Netlogon - ok
14:08:03.0049 0x214c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
|
|
26.06.2016, 13:17
| #4 |
| | WIN32/Systweak.lCode:
ATTFilter 14:08:03.0081 0x214c Netman - ok
14:08:03.0092 0x214c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:08:03.0103 0x214c NetMsmqActivator - ok
14:08:03.0109 0x214c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:08:03.0120 0x214c NetPipeActivator - ok
14:08:03.0134 0x214c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:08:03.0168 0x214c netprofm - ok
14:08:03.0174 0x214c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:08:03.0186 0x214c NetTcpActivator - ok
14:08:03.0191 0x214c [ 9D0157074866FCF3EA2A07185D93FC72, C4107EE60ADA7E326DF7B27602166E9D57CB9982717605730BF7C7D2401E30A9 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:08:03.0201 0x214c NetTcpPortSharing - ok
14:08:03.0310 0x214c [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:08:03.0450 0x214c netw5v64 - ok
14:08:03.0679 0x214c [ E4FFBBE8022D736E2B42BF0A1B24B08C, D830820CA53C6CBE9F45B9412217537A5D21E5E9D97CDF2F5C018736695EE644 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw01.sys
14:08:03.0935 0x214c NETwNs64 - ok
14:08:03.0948 0x214c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:08:03.0965 0x214c nfrd960 - ok
14:08:03.0974 0x214c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:08:03.0991 0x214c NlaSvc - ok
14:08:03.0995 0x214c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:08:04.0029 0x214c Npfs - ok
14:08:04.0033 0x214c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:08:04.0060 0x214c nsi - ok
14:08:04.0064 0x214c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:08:04.0096 0x214c nsiproxy - ok
14:08:04.0134 0x214c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:08:04.0202 0x214c Ntfs - ok
14:08:04.0206 0x214c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:08:04.0238 0x214c Null - ok
14:08:04.0244 0x214c [ 69FCDECD0215195261EC5362AB4A1520, B1B1DBACC4641AC4A4520CDE736074468BC9B5605BD5DFB140D946A0DF810F08 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
14:08:04.0255 0x214c nusb3hub - ok
14:08:04.0263 0x214c [ F813EA99DA158FB4079622D882873D63, 243DE756315C8652718871AB499DC3AEBA2A48438706CA37B3C46B02ED6DFF63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:08:04.0284 0x214c nusb3xhc - ok
14:08:04.0291 0x214c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:08:04.0309 0x214c nvraid - ok
14:08:04.0315 0x214c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:08:04.0335 0x214c nvstor - ok
14:08:04.0340 0x214c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:08:04.0358 0x214c nv_agp - ok
14:08:04.0362 0x214c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:08:04.0380 0x214c ohci1394 - ok
14:08:04.0387 0x214c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:08:04.0396 0x214c ose - ok
14:08:04.0491 0x214c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:08:04.0586 0x214c osppsvc - ok
14:08:04.0601 0x214c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:08:04.0619 0x214c p2pimsvc - ok
14:08:04.0632 0x214c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:08:04.0650 0x214c p2psvc - ok
14:08:04.0656 0x214c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:08:04.0675 0x214c Parport - ok
14:08:04.0680 0x214c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:08:04.0697 0x214c partmgr - ok
14:08:04.0704 0x214c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:08:04.0718 0x214c PcaSvc - ok
14:08:04.0728 0x214c [ ACD84D961942E2204A4475F9AF356F2E, 5CE1506BBDB1F6F501DDFCCA67531B63E29F288B3CCD2CB67544FF13DD0643AC ] PCDSRVC{127174DC-C366ED8B-06020000}_0 c:\program files\pc-doctor\pcdsrvc_x64.pkms
14:08:04.0744 0x214c PCDSRVC{127174DC-C366ED8B-06020000}_0 - ok
14:08:04.0751 0x214c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:08:04.0772 0x214c pci - ok
14:08:04.0775 0x214c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:08:04.0791 0x214c pciide - ok
14:08:04.0798 0x214c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:08:04.0819 0x214c pcmcia - ok
14:08:04.0824 0x214c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:08:04.0840 0x214c pcw - ok
14:08:04.0857 0x214c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:08:04.0878 0x214c PEAUTH - ok
14:08:04.0910 0x214c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:08:04.0945 0x214c PeerDistSvc - ok
14:08:04.0965 0x214c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:08:04.0977 0x214c PerfHost - ok
14:08:04.0984 0x214c [ 18EEA095AF22AC5FA16FC27FB98C82D3, B9E7D8D7172E873650FB61604F192958E86BE51EDCD22278995F4F0441167E39 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
14:08:04.0997 0x214c PHCORE - ok
14:08:05.0029 0x214c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:08:05.0079 0x214c pla - ok
14:08:05.0093 0x214c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:08:05.0111 0x214c PlugPlay - ok
14:08:05.0118 0x214c [ C203F2064F6AEA4C902C86B1E40F3D1B, DA6846CC64299BFC8056A791394A0BE1F077E72429C78980FF035DD2F78ABF4E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:08:05.0123 0x214c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:08:05.0205 0x214c Detect skipped due to KSN trusted
14:08:05.0205 0x214c Pml Driver HPZ12 - ok
14:08:05.0209 0x214c [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
14:08:05.0225 0x214c pmxdrv - ok
14:08:05.0229 0x214c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:08:05.0241 0x214c PNRPAutoReg - ok
14:08:05.0250 0x214c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:08:05.0266 0x214c PNRPsvc - ok
14:08:05.0281 0x214c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:08:05.0301 0x214c PolicyAgent - ok
14:08:05.0311 0x214c [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
14:08:05.0325 0x214c Power - ok
14:08:05.0365 0x214c [ 3E1BA96F0B2E07117AD0E81C2B685E32, 8E6C45C1222D3C5442ECCE5E29B1023DDEB1E457FE86267A1DDEF8ED06ADDB3B ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
14:08:05.0402 0x214c Power Manager DBC Service - ok
14:08:05.0409 0x214c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:08:05.0444 0x214c PptpMiniport - ok
14:08:05.0448 0x214c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:08:05.0466 0x214c Processor - ok
14:08:05.0473 0x214c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:08:05.0487 0x214c ProfSvc - ok
14:08:05.0490 0x214c [ A836A81E333B9AC8D5EA62B36B7A6CD9, D8EEB77A6DA2BF483E36F142AE3D8BCE4DE41ACD70122E90B5EFE86DDE449BC0 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:08:05.0501 0x214c ProtectedStorage - ok
14:08:05.0505 0x214c [ 515A7C5A0886FCC60901916785EFD549, B9B7C39CDBFC3860752C305433EADBC594AC2EEC66818E91F4AA779915A3A21C ] psadd C:\Windows\system32\DRIVERS\psadd.sys
14:08:05.0520 0x214c psadd - ok
14:08:05.0526 0x214c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:08:05.0560 0x214c Psched - ok
14:08:05.0567 0x214c [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:08:05.0577 0x214c PSI_SVC_2 - ok
14:08:05.0612 0x214c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:08:05.0668 0x214c ql2300 - ok
14:08:05.0676 0x214c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:08:05.0694 0x214c ql40xx - ok
14:08:05.0702 0x214c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:08:05.0720 0x214c QWAVE - ok
14:08:05.0724 0x214c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:08:05.0744 0x214c QWAVEdrv - ok
14:08:05.0747 0x214c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:08:05.0778 0x214c RasAcd - ok
14:08:05.0783 0x214c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:08:05.0815 0x214c RasAgileVpn - ok
14:08:05.0821 0x214c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:08:05.0849 0x214c RasAuto - ok
14:08:05.0856 0x214c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:08:05.0890 0x214c Rasl2tp - ok
14:08:05.0900 0x214c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:08:05.0935 0x214c RasMan - ok
14:08:05.0941 0x214c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:08:05.0974 0x214c RasPppoe - ok
14:08:05.0979 0x214c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:08:06.0012 0x214c RasSstp - ok
14:08:06.0022 0x214c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:08:06.0061 0x214c rdbss - ok
14:08:06.0065 0x214c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:08:06.0083 0x214c rdpbus - ok
14:08:06.0086 0x214c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:08:06.0118 0x214c RDPCDD - ok
14:08:06.0126 0x214c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:08:06.0146 0x214c RDPDR - ok
14:08:06.0152 0x214c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:08:06.0186 0x214c RDPENCDD - ok
14:08:06.0191 0x214c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:08:06.0222 0x214c RDPREFMP - ok
14:08:06.0229 0x214c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:08:06.0246 0x214c RdpVideoMiniport - ok
14:08:06.0253 0x214c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:08:06.0277 0x214c RDPWD - ok
14:08:06.0285 0x214c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:08:06.0323 0x214c rdyboost - ok
14:08:06.0333 0x214c [ B16782353A0FF62FF4E92145FC9FEDDA, 45E28A34CD115574C8E315EB51F33DD88E3DB178736294036C8B00C3386158A7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:08:06.0343 0x214c RegSrvc - ok
14:08:06.0349 0x214c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:08:06.0377 0x214c RemoteAccess - ok
14:08:06.0384 0x214c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:08:06.0413 0x214c RemoteRegistry - ok
14:08:06.0421 0x214c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:08:06.0444 0x214c RFCOMM - ok
14:08:06.0450 0x214c [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:08:06.0466 0x214c RimUsb - ok
14:08:06.0469 0x214c [ A8C0368EF257B84D4E5A174FB999F7D2, D2B4FCD6B4BBA9DEBFAF24629E518211E913BC9B4D07F72BA5DA99CF4DCA6ABB ] rimvndis C:\Windows\system32\Drivers\rimvndis6_AMD64.sys
14:08:06.0486 0x214c rimvndis - ok
14:08:06.0490 0x214c [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
14:08:06.0507 0x214c RimVSerPort - ok
14:08:06.0512 0x214c [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
14:08:06.0530 0x214c risdxc - ok
14:08:06.0533 0x214c [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:08:06.0564 0x214c ROOTMODEM - ok
14:08:06.0570 0x214c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:08:06.0597 0x214c RpcEptMapper - ok
14:08:06.0600 0x214c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:08:06.0612 0x214c RpcLocator - ok
14:08:06.0626 0x214c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
14:08:06.0647 0x214c RpcSs - ok
14:08:06.0652 0x214c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:08:06.0686 0x214c rspndr - ok
14:08:06.0690 0x214c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:08:06.0706 0x214c s3cap - ok
14:08:06.0709 0x214c [ A836A81E333B9AC8D5EA62B36B7A6CD9, D8EEB77A6DA2BF483E36F142AE3D8BCE4DE41ACD70122E90B5EFE86DDE449BC0 ] SamSs C:\Windows\system32\lsass.exe
14:08:06.0721 0x214c SamSs - ok
14:08:06.0723 0x214c SAService - ok
14:08:06.0728 0x214c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:08:06.0746 0x214c sbp2port - ok
14:08:06.0754 0x214c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:08:06.0784 0x214c SCardSvr - ok
14:08:06.0789 0x214c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:08:06.0820 0x214c scfilter - ok
14:08:06.0847 0x214c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
14:08:06.0878 0x214c Schedule - ok
14:08:06.0885 0x214c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:08:06.0911 0x214c SCPolicySvc - ok
14:08:06.0917 0x214c [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:08:06.0938 0x214c sdbus - ok
14:08:06.0946 0x214c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:08:06.0960 0x214c SDRSVC - ok
14:08:07.0001 0x214c [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:08:07.0039 0x214c SDScannerService - ok
14:08:07.0088 0x214c [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:08:07.0132 0x214c SDUpdateService - ok
14:08:07.0143 0x214c [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:08:07.0154 0x214c SDWSCService - ok
14:08:07.0160 0x214c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:08:07.0179 0x214c secdrv - ok
14:08:07.0182 0x214c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
14:08:07.0194 0x214c seclogon - ok
14:08:07.0199 0x214c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:08:07.0227 0x214c SENS - ok
14:08:07.0231 0x214c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:08:07.0243 0x214c SensrSvc - ok
14:08:07.0247 0x214c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:08:07.0264 0x214c Serenum - ok
14:08:07.0268 0x214c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:08:07.0287 0x214c Serial - ok
14:08:07.0291 0x214c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:08:07.0308 0x214c sermouse - ok
14:08:07.0317 0x214c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:08:07.0345 0x214c SessionEnv - ok
14:08:07.0348 0x214c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:08:07.0366 0x214c sffdisk - ok
14:08:07.0370 0x214c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:08:07.0388 0x214c sffp_mmc - ok
14:08:07.0391 0x214c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:08:07.0409 0x214c sffp_sd - ok
14:08:07.0413 0x214c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:08:07.0429 0x214c sfloppy - ok
14:08:07.0440 0x214c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:08:07.0472 0x214c SharedAccess - ok
14:08:07.0479 0x214c [ 79C05C44012998A0C90E17F627BF5734, 735806210108BB0FBF1B4864FA13C8863AE07283749A13BBE2EADCE5A1476DEC ] ShareItSvc C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
14:08:07.0487 0x214c ShareItSvc - ok
14:08:07.0498 0x214c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:08:07.0531 0x214c ShellHWDetection - ok
14:08:07.0538 0x214c [ 380B52126E62C6C2D3C8BA805AADFDC7, 7F59B04A7449523838D9746AA8E3B38E8860FB8D0B62A0CA02358DC9A980BD18 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
14:08:07.0548 0x214c Shockprf - ok
14:08:07.0551 0x214c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:08:07.0567 0x214c SiSRaid2 - ok
14:08:07.0572 0x214c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:08:07.0588 0x214c SiSRaid4 - ok
14:08:07.0600 0x214c [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:08:07.0615 0x214c SkypeUpdate - ok
14:08:07.0620 0x214c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:08:07.0658 0x214c Smb - ok
14:08:07.0663 0x214c [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:08:07.0674 0x214c SmbDrvI - ok
14:08:07.0680 0x214c [ 3BC2844AF786CA422CC31D505ACFA9F2, 38936490E2F404FC1235D8C6C7E87809E2935057041CBE884D887B0A69A47279 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
14:08:07.0695 0x214c smihlp - ok
14:08:07.0707 0x214c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:08:07.0720 0x214c SNMPTRAP - ok
14:08:07.0723 0x214c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:08:07.0738 0x214c spldr - ok
14:08:07.0754 0x214c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:08:07.0775 0x214c Spooler - ok
14:08:07.0846 0x214c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:08:07.0935 0x214c sppsvc - ok
14:08:07.0943 0x214c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:08:07.0970 0x214c sppuinotify - ok
14:08:07.0985 0x214c [ C8832DEA7AF7AD005548F1F5C7C086EB, 0D3DA9CE653D7750647BF50658B731E986AFDC7477C08B794FF12C5A485B4648 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
14:08:07.0999 0x214c SROSVC - ok
14:08:08.0013 0x214c [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv C:\Windows\system32\DRIVERS\srv.sys
14:08:08.0040 0x214c srv - ok
14:08:08.0053 0x214c [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:08:08.0081 0x214c srv2 - ok
14:08:08.0091 0x214c [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:08:08.0115 0x214c SrvHsfHDA - ok
14:08:08.0148 0x214c [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:08:08.0202 0x214c SrvHsfV92 - ok
14:08:08.0222 0x214c [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:08:08.0258 0x214c SrvHsfWinac - ok
14:08:08.0266 0x214c [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:08:08.0286 0x214c srvnet - ok
14:08:08.0294 0x214c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:08:08.0325 0x214c SSDPSRV - ok
14:08:08.0330 0x214c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:08:08.0358 0x214c SstpSvc - ok
14:08:08.0362 0x214c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:08:08.0378 0x214c stexstor - ok
14:08:08.0381 0x214c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:08:08.0398 0x214c StillCam - ok
14:08:08.0413 0x214c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:08:08.0439 0x214c stisvc - ok
14:08:08.0444 0x214c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:08:08.0461 0x214c storflt - ok
14:08:08.0465 0x214c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
14:08:08.0477 0x214c StorSvc - ok
14:08:08.0481 0x214c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:08:08.0497 0x214c storvsc - ok
14:08:08.0504 0x214c [ 71303975843CC57EE49A01A67C4A0765, 385A327A1F71644349FBBE932903E9F46F6C7C2AA218E07D86A55F3E22E0E772 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
14:08:08.0513 0x214c SUService - ok
14:08:08.0516 0x214c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:08:08.0531 0x214c swenum - ok
14:08:08.0546 0x214c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:08:08.0581 0x214c swprv - ok
14:08:08.0596 0x214c [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:08:08.0612 0x214c SynTP - ok
14:08:08.0651 0x214c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
14:08:08.0693 0x214c SysMain - ok
14:08:08.0700 0x214c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:08:08.0717 0x214c TabletInputService - ok
14:08:08.0721 0x214c [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
14:08:08.0737 0x214c tap0901 - ok
14:08:08.0747 0x214c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:08:08.0779 0x214c TapiSrv - ok
14:08:08.0785 0x214c [ 8DDC7B23BEA4EFDB0683D25549E93A57, E37CAE7210AAEFD44830CB619693266C2E6A23FDD2C3A699A3ED9779DC156F4A ] tapse01 C:\Windows\system32\DRIVERS\tapse01.sys
14:08:08.0800 0x214c tapse01 - ok
14:08:08.0842 0x214c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:08:08.0905 0x214c Tcpip - ok
14:08:08.0950 0x214c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:08:09.0013 0x214c TCPIP6 - ok
14:08:09.0020 0x214c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:08:09.0037 0x214c tcpipreg - ok
14:08:09.0042 0x214c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:08:09.0058 0x214c TDPIPE - ok
14:08:09.0062 0x214c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:08:09.0078 0x214c TDTCP - ok
14:08:09.0083 0x214c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:08:09.0102 0x214c tdx - ok
14:08:09.0218 0x214c [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:08:09.0323 0x214c TeamViewer - ok
14:08:09.0333 0x214c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:08:09.0349 0x214c TermDD - ok
14:08:09.0367 0x214c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:08:09.0390 0x214c TermService - ok
14:08:09.0394 0x214c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:08:09.0409 0x214c Themes - ok
14:08:09.0414 0x214c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:08:09.0441 0x214c THREADORDER - ok
14:08:09.0445 0x214c [ 5523C729F1ED31B63C88490AF3D220FA, 3172801BD47E053B2D6F94843342A7BB58EF3A5196F5F35E6A5FA331793C7004 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
14:08:09.0459 0x214c TPDIGIMN - ok
14:08:09.0462 0x214c [ ECB098A3404ACB8A05F0673DC086BB43, 46DC9CA4670A0A5D16703023CF40C82CDBF1789DD4AA664744E0941BD2FE9A2D ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
14:08:09.0472 0x214c TPHDEXLGSVC - ok
14:08:09.0478 0x214c [ 6FE3085AB39EA391FCABE7275C8A380C, A3BBD17237D29BE9C11E1CA15C89028218ECAEB5E1151047D12957CEB7F434E2 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
14:08:09.0488 0x214c TPHKLOAD - ok
14:08:09.0492 0x214c [ F7B2314456B1676777AA9FFEF6776B45, FC6B4909BB698BC9EC151EC68357F1C27725E8F0AF8074338FD9502B1DEBCD0B ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
14:08:09.0502 0x214c TPHKSVC - ok
14:08:09.0508 0x214c [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\Windows\system32\drivers\tpm.sys
14:08:09.0527 0x214c TPM - ok
14:08:09.0531 0x214c [ 1B58B92F059C30F33A7B9DF7EC61F288, 0C0469784166F0433A178017BFB79831919372C5B5A7C948BAA8727F753FBF09 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
14:08:09.0547 0x214c TPPWRIF - ok
14:08:09.0552 0x214c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:08:09.0581 0x214c TrkWks - ok
14:08:09.0589 0x214c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:08:09.0616 0x214c TrustedInstaller - ok
14:08:09.0622 0x214c [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:08:09.0639 0x214c tssecsrv - ok
14:08:09.0645 0x214c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:08:09.0662 0x214c TsUsbFlt - ok
14:08:09.0669 0x214c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:08:09.0703 0x214c tunnel - ok
14:08:09.0708 0x214c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:08:09.0724 0x214c uagp35 - ok
14:08:09.0734 0x214c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:08:09.0773 0x214c udfs - ok
14:08:09.0780 0x214c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:08:09.0793 0x214c UI0Detect - ok
14:08:09.0797 0x214c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:08:09.0814 0x214c uliagpkx - ok
14:08:09.0818 0x214c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
14:08:09.0836 0x214c umbus - ok
14:08:09.0839 0x214c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:08:09.0855 0x214c UmPass - ok
14:08:09.0863 0x214c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:08:09.0878 0x214c UmRdpService - ok
14:08:09.0883 0x214c [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
14:08:09.0897 0x214c UnlockerDriver5 - ok
14:08:09.0950 0x214c [ C4A807D3FA652C0B349A282E7BC87215, FCA5DDA410D34CE60F3D7A029E1632A07B7C8D0ED37188150D50CCC9A9AD96E1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:08:10.0004 0x214c UNS - ok
14:08:10.0017 0x214c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:08:10.0049 0x214c upnphost - ok
14:08:10.0060 0x214c [ 524BFB402B1AB1007ED91E94D6AB6F72, 5A970292D2E7A580FAD86615BC6E66C2A5C74044EFF6C1543E928773E5B9C0F8 ] usb3Hub C:\Windows\system32\DRIVERS\usb3Hub.sys
14:08:10.0080 0x214c usb3Hub - ok
14:08:10.0085 0x214c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:08:10.0103 0x214c USBAAPL64 - ok
14:08:10.0109 0x214c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:08:10.0127 0x214c usbaudio - ok
14:08:10.0133 0x214c [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:08:10.0151 0x214c usbccgp - ok
14:08:10.0156 0x214c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:08:10.0175 0x214c usbcir - ok
14:08:10.0179 0x214c [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:08:10.0197 0x214c usbehci - ok
14:08:10.0207 0x214c [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:08:10.0233 0x214c usbhub - ok
14:08:10.0237 0x214c [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:08:10.0253 0x214c usbohci - ok
14:08:10.0258 0x214c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:08:10.0277 0x214c usbprint - ok
14:08:10.0282 0x214c [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
14:08:10.0299 0x214c usbrndis6 - ok
14:08:10.0304 0x214c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
14:08:10.0323 0x214c USBSTOR - ok
14:08:10.0327 0x214c [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:08:10.0344 0x214c usbuhci - ok
14:08:10.0351 0x214c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:08:10.0371 0x214c usbvideo - ok
14:08:10.0376 0x214c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:08:10.0404 0x214c UxSms - ok
14:08:10.0408 0x214c [ A836A81E333B9AC8D5EA62B36B7A6CD9, D8EEB77A6DA2BF483E36F142AE3D8BCE4DE41ACD70122E90B5EFE86DDE449BC0 ] VaultSvc C:\Windows\system32\lsass.exe
14:08:10.0419 0x214c VaultSvc - ok
14:08:10.0424 0x214c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:08:10.0440 0x214c vdrvroot - ok
14:08:10.0458 0x214c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:08:10.0494 0x214c vds - ok
14:08:10.0504 0x214c [ 7DDDC7BA58D226706553921D16C68E18, 8BAE0C47E7DA7E510254B485F091FC96124EA334845A09986901EE55E6C2C525 ] veracrypt C:\Windows\system32\drivers\veracrypt.sys
14:08:10.0525 0x214c veracrypt - ok
14:08:10.0529 0x214c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:08:10.0547 0x214c vga - ok
14:08:10.0551 0x214c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:08:10.0583 0x214c VgaSave - ok
14:08:10.0592 0x214c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:08:10.0612 0x214c vhdmp - ok
14:08:10.0616 0x214c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:08:10.0631 0x214c viaide - ok
14:08:10.0639 0x214c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:08:10.0659 0x214c vmbus - ok
14:08:10.0663 0x214c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:08:10.0679 0x214c VMBusHID - ok
14:08:10.0684 0x214c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:08:10.0701 0x214c volmgr - ok
14:08:10.0711 0x214c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:08:10.0735 0x214c volmgrx - ok
14:08:10.0746 0x214c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:08:10.0769 0x214c volsnap - ok
14:08:10.0777 0x214c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:08:10.0795 0x214c vsmraid - ok
14:08:10.0831 0x214c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:08:10.0884 0x214c VSS - ok
14:08:10.0890 0x214c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:08:10.0908 0x214c vwifibus - ok
14:08:10.0913 0x214c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:08:10.0933 0x214c vwififlt - ok
14:08:10.0937 0x214c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:08:10.0956 0x214c vwifimp - ok
14:08:10.0971 0x214c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:08:11.0005 0x214c W32Time - ok
14:08:11.0020 0x214c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
14:08:11.0038 0x214c W3SVC - ok
14:08:11.0043 0x214c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:08:11.0060 0x214c WacomPen - ok
14:08:11.0065 0x214c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:08:11.0099 0x214c WANARP - ok
14:08:11.0103 0x214c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:08:11.0136 0x214c Wanarpv6 - ok
14:08:11.0151 0x214c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
14:08:11.0170 0x214c WAS - ok
14:08:11.0200 0x214c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:08:11.0231 0x214c WatAdminSvc - ok
14:08:11.0265 0x214c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:08:11.0303 0x214c wbengine - ok
14:08:11.0313 0x214c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:08:11.0331 0x214c WbioSrvc - ok
14:08:11.0343 0x214c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:08:11.0364 0x214c wcncsvc - ok
14:08:11.0369 0x214c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:08:11.0381 0x214c WcsPlugInService - ok
14:08:11.0385 0x214c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:08:11.0400 0x214c Wd - ok
14:08:11.0419 0x214c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:08:11.0455 0x214c Wdf01000 - ok
14:08:11.0461 0x214c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:08:11.0473 0x214c WdiServiceHost - ok
14:08:11.0478 0x214c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:08:11.0490 0x214c WdiSystemHost - ok
14:08:11.0499 0x214c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
14:08:11.0514 0x214c WebClient - ok
14:08:11.0537 0x214c [ 507D80C0ACCC3B4FC123BD99D0AF3F97, 09AF6BBAFEA01B0A108C2EFE019F3D8ACA89C2C9D2DEB5F7E83F4E9971BAD338 ] WebUpdate4 C:\Windows\SysWOW64\WebUpdateSvc4.exe
14:08:11.0550 0x214c WebUpdate4 - ok
14:08:11.0559 0x214c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:08:11.0590 0x214c Wecsvc - ok
14:08:11.0595 0x214c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:08:11.0624 0x214c wercplsupport - ok
14:08:11.0629 0x214c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:08:11.0657 0x214c WerSvc - ok
14:08:11.0662 0x214c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:08:11.0693 0x214c WfpLwf - ok
14:08:11.0697 0x214c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:08:11.0712 0x214c WIMMount - ok
14:08:11.0715 0x214c WinDefend - ok
14:08:11.0720 0x214c WinHttpAutoProxySvc - ok
14:08:11.0731 0x214c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:08:11.0761 0x214c Winmgmt - ok
14:08:11.0805 0x214c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:08:11.0852 0x214c WinRM - ok
14:08:11.0862 0x214c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
14:08:11.0881 0x214c WinUsb - ok
14:08:11.0903 0x214c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:08:11.0932 0x214c Wlansvc - ok
14:08:11.0982 0x214c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:08:12.0028 0x214c wlidsvc - ok
14:08:12.0034 0x214c WMCoreService - ok
14:08:12.0038 0x214c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:08:12.0055 0x214c WmiAcpi - ok
14:08:12.0064 0x214c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:08:12.0078 0x214c wmiApSrv - ok
14:08:12.0081 0x214c WMPNetworkSvc - ok
14:08:12.0085 0x214c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:08:12.0097 0x214c WPCSvc - ok
14:08:12.0102 0x214c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:08:12.0117 0x214c WPDBusEnum - ok
14:08:12.0121 0x214c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:08:12.0152 0x214c ws2ifsl - ok
14:08:12.0167 0x214c [ 198E8FA1545F8C08BB6B9F34D00E00FC, 42B4502F12E0B858D67B878A2C319D31266C3FCA9E87769C6A402C23E6CD3748 ] WsAppService C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
14:08:12.0178 0x214c WsAppService - detected UnsignedFile.Multi.Generic ( 1 )
14:08:12.0251 0x214c Detect skipped due to KSN trusted
14:08:12.0251 0x214c WsAppService - ok
14:08:12.0259 0x214c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:08:12.0276 0x214c wscsvc - ok
14:08:12.0280 0x214c WSearch - ok
14:08:12.0338 0x214c [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
14:08:12.0396 0x214c wuauserv - ok
14:08:12.0404 0x214c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:08:12.0423 0x214c WudfPf - ok
14:08:12.0430 0x214c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:08:12.0452 0x214c WUDFRd - ok
14:08:12.0458 0x214c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:08:12.0471 0x214c wudfsvc - ok
14:08:12.0479 0x214c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:08:12.0495 0x214c WwanSvc - ok
14:08:12.0505 0x214c [ 63DD9FFD416D66959C9DA57D8B001531, 3DB6C38B698565F9DAD0680D8E9BF3CE285E4298307E81918FF21F509E32CF0D ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
14:08:12.0517 0x214c WwanUsbServ - ok
14:08:12.0601 0x214c [ DFE071BEAA1AC65D49ECBEFC15B73D30, 510AD2507FAEFFBB6FD229484070D4DC704EFA3931EFBA5BE9115E699438F530 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
14:08:12.0676 0x214c ZeroConfigService - ok
14:08:12.0698 0x214c ================ Scan global ===============================
14:08:12.0701 0x214c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:08:12.0710 0x214c [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
14:08:12.0724 0x214c [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
14:08:12.0732 0x214c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:08:12.0744 0x214c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:08:12.0751 0x214c [ Global ] - ok
14:08:12.0752 0x214c ================ Scan MBR ==================================
14:08:12.0754 0x214c [ A498D26D11627826A349E55B5F56CAA8 ] \Device\Harddisk0\DR0
14:08:12.0860 0x214c \Device\Harddisk0\DR0 - ok
14:08:12.0861 0x214c ================ Scan VBR ==================================
14:08:12.0863 0x214c [ 5DEB3902B7E16803D73FEDF567866BBD ] \Device\Harddisk0\DR0\Partition1
14:08:12.0864 0x214c \Device\Harddisk0\DR0\Partition1 - ok
14:08:12.0866 0x214c [ F1B681ABF4BF3BCB401A0548E3025A99 ] \Device\Harddisk0\DR0\Partition2
14:08:12.0867 0x214c \Device\Harddisk0\DR0\Partition2 - ok
14:08:12.0869 0x214c [ E9BFE67D127A68708CF3A26A7B99D75D ] \Device\Harddisk0\DR0\Partition3
14:08:12.0871 0x214c \Device\Harddisk0\DR0\Partition3 - ok
14:08:12.0871 0x214c ================ Scan generic autorun ======================
14:08:12.0881 0x214c [ DB0CE31BEBF21542890941744FC576D3, 6114512FA828D2CBA67C0742D2D8E6AC96E7DEFBC5BBA190D0446A877FE21077 ] C:\Windows\system32\TpShocks.exe
14:08:12.0896 0x214c TpShocks - ok
14:08:12.0899 0x214c [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
14:08:12.0907 0x214c ForteConfig - ok
14:08:12.0910 0x214c [ 084F1404AE15651DF5F5246C2E3D5569, 52212D1CBDDE9B5C5210216094EEB0D7AF8B85CE7A61690023F24A43338AC0C0 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
14:08:12.0918 0x214c LENOVO.TPKNRRES - ok
14:08:12.0929 0x214c [ 1D89A66C922883E1A1A7BA83DCA8EED9, 1843841275B07F9F3F71C13FC305A7DCC844E705E483150D699DC7FE188B9CCC ] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
14:08:12.0942 0x214c ALCKRESI.EXE - ok
14:08:12.0948 0x214c [ 0595633F7880176ACF5C32A94808AAE9, C75DAAF3B9F7312BCF57DBC04C08379DC71F22B996295E64182B454BF28AAFBE ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
14:08:12.0957 0x214c AcWin7Hlpr - ok
14:08:12.0966 0x214c [ 4F12EAD0B4C8BDAED5A11CC11F394B0A, EF769C2C2564D42979746B8BFD1D6E6532BFAB3BFCE2D09A0A17D0E64498B9B3 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
14:08:12.0979 0x214c SmartAudio - ok
14:08:12.0980 0x214c SynTPEnh - ok
14:08:12.0984 0x214c [ 138CD5C7641C8229AB2EE904105C65F2, 13895AF37BAABC3443065E2A1236407938F0514A564808AEBBAB17DC8BD275BA ] C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe
14:08:12.0993 0x214c PSQLLauncher - ok
14:08:12.0999 0x214c [ 0FFB5B307B3CD92E6ED89D5B7BAC1C01, 4AA5124443BB4F28B856688788A4F341212B1C1E05E4716F82522454C73552A9 ] C:\Windows\system32\igfxtray.exe
14:08:13.0013 0x214c IgfxTray - ok
14:08:13.0024 0x214c [ 7BF9B8232D62635C22944C1BCD1C1378, A9AA1FA62BC05E766B17847FBC52A5B33C0A7874833B5E0AC323240EDFB7078B ] C:\Windows\system32\hkcmd.exe
14:08:13.0041 0x214c HotKeysCmds - ok
14:08:13.0053 0x214c [ 1BBD5272533630E6E2AE1DFF4A5EC2FF, 9522DC4A51659A6DDFF4629CB55AC56E58A024503FB8774900B412053C428EBA ] C:\Windows\system32\igfxpers.exe
14:08:13.0071 0x214c Persistence - ok
14:08:13.0078 0x214c [ 747CEF68DA0B3BABD64B74C0E06C050E, C640AF94F66025E8B9937A37A361547580DB3F0B5F62F21E8B30A087BE018015 ] C:\Program Files\iTunes\iTunesHelper.exe
14:08:13.0089 0x214c iTunesHelper - ok
14:08:13.0094 0x214c [ 36B8CD690F411AB6094A3FE8E71892A0, 64AAE57E6A4053F595518416CAF7AE3C851C6FF547EA143F58BD7D4BB09344B7 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
14:08:13.0104 0x214c IMSS - ok
14:08:13.0106 0x214c PWMTRV - ok
14:08:13.0111 0x214c [ 8943465BEFA91044227D42E84ECB8280, 76D19CE3EB7E6C6573F250543CDC10B3601604535BFB756805AE246FA55AC265 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
14:08:13.0121 0x214c NUSB3MON - ok
14:08:13.0124 0x214c [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
14:08:13.0128 0x214c RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
14:08:13.0225 0x214c Detect skipped due to KSN trusted
14:08:13.0225 0x214c RotateImage - ok
14:08:13.0231 0x214c [ 7BBA18CEF2B7213CF1D123AE17A9DA89, A0C2C8C0058AA600840608BD4F9D16390EE818E1B2F655482734B874655A17F5 ] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
14:08:13.0241 0x214c MobileAccess - ok
14:08:13.0246 0x214c [ 35FD33EAE23AF69715EE3231A9F15B82, C7351F3537F4B938E4E8A8A8DD59039298F9B09678A4BC09B2A362DC4B25E2C0 ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
14:08:13.0254 0x214c Adobe Acrobat Speed Launcher - ok
14:08:13.0271 0x214c [ 0FE0EDF01CEA3BEB2E65A904BB87525E, 8846CE71FC5DD86151F467B656D886A8E81E337B10A591097E5695BDB2821447 ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
14:08:13.0288 0x214c Acrobat Assistant 8.0 - ok
14:08:13.0294 0x214c [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
14:08:13.0303 0x214c HP Software Update - ok
14:08:13.0310 0x214c [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
14:08:13.0321 0x214c ArcSoft Connection Service - ok
14:08:13.0364 0x214c [ 3422682D3D1E2CA70030FEC7968A0AD7, 1437B7DD9A1564C12A7FE38148F958D9DA232A64A4EBF5E06A198D53F659C958 ] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
14:08:13.0403 0x214c iSkysoft Helper Compact.exe - detected UnsignedFile.Multi.Generic ( 1 )
14:08:13.0482 0x214c Detect skipped due to KSN trusted
14:08:13.0483 0x214c iSkysoft Helper Compact.exe - ok
14:08:13.0633 0x214c [ 2D6800E17FEBB51E3C75CD935E2BA8F5, 0831307B35FB346116B6DB67B8EF87384A1BF08A8EEEB6343560AA5C4EED2B23 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:08:13.0777 0x214c AvastUI.exe - ok
14:08:13.0866 0x214c [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
14:08:13.0942 0x214c SDTray - ok
14:08:13.0988 0x214c [ D153F7BA81BE77350F60E4942E00F34E, 8AA6A7500E88D547ED305788FA6084C89CA4D33F1B0B19EC29EA6656B889D230 ] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
14:08:14.0029 0x214c DelaypluginInstall - ok
14:08:14.0086 0x214c [ 54137098AA6C3B65DF277130A9123FF5, C49FFE45140E79795DF16A54FC9C70A886EE4D1B1D812FFB9A0812868C108EA9 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
14:08:14.0136 0x214c Malwarebytes Anti-Exploit - ok
14:08:14.0168 0x214c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:08:14.0205 0x214c Sidebar - ok
14:08:14.0211 0x214c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:08:14.0227 0x214c mctadmin - ok
14:08:14.0255 0x214c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:08:14.0286 0x214c Sidebar - ok
14:08:14.0291 0x214c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:08:14.0306 0x214c mctadmin - ok
14:08:14.0481 0x214c [ C4668A2D015BFC941394010662CC21CC, 971712B7C2B12C2931A26B39D7FEB8D1AE0FDF2CEE33A6DE28232DA669CADB16 ] C:\Program Files\CCleaner\CCleaner64.exe
14:08:14.0637 0x214c CCleaner Monitoring - ok
14:08:14.0645 0x214c Skype - ok
14:08:14.0648 0x214c Skype - ok
14:08:14.0821 0x214c [ C4668A2D015BFC941394010662CC21CC, 971712B7C2B12C2931A26B39D7FEB8D1AE0FDF2CEE33A6DE28232DA669CADB16 ] C:\Program Files\CCleaner\CCleaner64.exe
14:08:14.0982 0x214c CCleaner Monitoring - ok
14:08:14.0996 0x214c [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Robert *****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
14:08:15.0007 0x214c Dropbox Update - ok
14:08:15.0029 0x214c [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
14:08:15.0055 0x214c SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
14:08:15.0144 0x214c Detect skipped due to KSN trusted
14:08:15.0144 0x214c SpybotPostWindows10UpgradeReInstall - ok
14:08:15.0155 0x214c [ AA0F7ACF7F561BCF677A2B71E27BFEBE, DCCD870E4C966243F26F7004AE3518BB66FD2441D7F8949443A49BF31E95DC8E ] C:\Program Files (x86)\Evernote Sticky Notes\StickyNotes.Wpf.exe
14:08:15.0165 0x214c EDO-Soft Sticky Notes - detected UnsignedFile.Multi.Generic ( 1 )
14:08:15.0276 0x214c Detect skipped due to KSN trusted
14:08:15.0276 0x214c EDO-Soft Sticky Notes - ok
14:08:15.0303 0x214c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:08:15.0334 0x214c Sidebar - ok
14:08:15.0339 0x214c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:08:15.0354 0x214c mctadmin - ok
14:08:15.0354 0x214c Waiting for KSN requests completion. In queue: 212
14:08:16.0372 0x214c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
14:08:16.0375 0x214c Win FW state via NFP2: enabled ( trusted )
14:08:16.0541 0x214c ============================================================
14:08:16.0541 0x214c Scan finished
14:08:16.0541 0x214c ============================================================
14:08:16.0547 0x1bbc Detected object count: 0
14:08:16.0547 0x1bbc Actual detected object count: 0
|
|
26.06.2016, 13:17
| #5 |
| | WIN32/Systweak.l FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 01
durchgeführt von ***** (Administrator) auf *****-THINK (26-06-2016 14:03:06)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: ***** (Verfügbare Profile: ***** & Robert ***** & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ArcSoft, Inc.) C:\Program Files (x86)\MSI\ArcSoft TotalMedia\TMMonitor.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Lenovo) C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Data Perceptions / PowerProgrammer) C:\Windows\SysWOW64\WebUpdateSvc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
() C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63656 2016-02-19] (Lenovo)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [86312 2013-03-05] (Authentec Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [113656 2013-07-02] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [MobileAccess] => C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [155424 2012-07-10] (Lenovo)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2066432 2014-10-31] (iSkySoft)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-11] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-03-21] ()
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-06-02] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-3260024445-841682204-2698663456-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-3260024445-841682204-2698663456-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-08-05] (Microsoft Corporation)
Lsa: [Notification Packages] scecli ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-02]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-07-02]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\MSI\ArcSoft TotalMedia\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Robert *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5E2C735F-82C3-46DD-9DB9-1DDACEF3CB0F}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3260024445-841682204-2698663456-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de
HKU\S-1-5-21-3260024445-841682204-2698663456-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
SearchScopes: HKLM -> {6018DFCB-CDBB-4EA0-8AE7-96069FF696E7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {70A223B1-0C97-4DE4-B7D9-BBBA15BE4F40} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-16] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-03-21] (Wondershare)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-16] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default
FF Homepage: www.spiegel.de
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2014-07-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2014-07-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: LEO Wörterbücher - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\extensions\contextMenuExtension@leo.org.xpi [2016-06-15]
FF Extension: Best Proxy Switcher - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2016-06-15]
FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\extensions\admin@proxy-listen.de.xpi [2016-06-15]
FF Extension: Exif Viewer - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\extensions\exif_viewer@mozilla.doslash.org.xpi [2016-06-15]
FF Extension: Combo - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\Extensions\combo@yandex.ru.xpi [2016-02-09]
FF Extension: YouTube High Definition - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-06-26]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-15]
FF Extension: YouTube Video Download and Convert - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\Extensions\{e8deb9e5-5688-4655-838a-b7a121a9f16e}.xpi [2016-06-26]
FF Extension: YouTube Flash Video Player - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\wbkf721r.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-06-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-03-31] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2016-05-02]
FF HKU\S-1-5-21-3260024445-841682204-2698663456-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-05-27]
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-04]
CHR Extension: (Gmail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-08-05] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4108104 2016-03-10] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-06-23] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo)
R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [29472 2012-07-10] (Macheen)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-06-02] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-05-25] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WebUpdate4; C:\Windows\SysWOW64\WebUpdateSvc4.exe [278800 2010-08-18] (Data Perceptions / PowerProgrammer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [Datei ist nicht signiert]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [24576 2014-04-15] (BlackBerry) [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-06-04] ()
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-06-02] ()
R3 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [198216 2016-03-10] (SurfRight B.V.)
R3 hmpnet; C:\Windows\system32\drivers\hmpnet.sys [75640 2016-03-10] (SurfRight B.V.)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw01.sys [11532704 2015-03-13] (Intel Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-02] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39096 2015-12-02] (The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [192344 2015-06-03] (IDRIX)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB)
S1 epp; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [X]
S3 PCDSRVC{127174DC-C366ED8B-06020000}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-26 14:03 - 2016-06-26 14:03 - 00032103 _____ C:\Users\*****\Desktop\FRST.txt
2016-06-26 14:02 - 2016-06-26 14:02 - 02388992 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2016-06-26 14:01 - 2016-06-26 14:01 - 00000000 ____D C:\Users\*****\Desktop\Trojaner-Board B - 1
2016-06-26 13:47 - 2016-06-26 13:47 - 00000000 ____D C:\Users\Robert *****\Desktop\Alte Firefox-Daten
2016-06-26 09:33 - 2016-06-26 09:33 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-06-26 09:30 - 2016-06-26 09:30 - 00000186 _____ C:\Users\*****\Desktop\WIN32systweak..txt
2016-06-25 11:51 - 2016-06-26 14:03 - 00000000 ____D C:\FRST
2016-06-25 11:48 - 2016-06-25 11:48 - 22851472 _____ (Malwarebytes ) C:\Users\Robert *****\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-25 11:37 - 2016-06-25 11:38 - 11438608 _____ (SurfRight B.V.) C:\Users\Robert *****\Desktop\HitmanPro_x64.exe
2016-06-25 11:32 - 2016-06-25 11:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Robert *****\Desktop\revosetup95.exe
2016-06-25 11:27 - 2016-06-25 09:55 - 00001131 _____ C:\Users\Robert *****\Desktop\Malwarebytes Anti-Exploit.lnk
2016-06-25 11:18 - 2016-06-26 09:50 - 00000000 ____D C:\AdwCleaner
2016-06-25 11:18 - 2016-06-25 11:18 - 03703360 _____ C:\Users\*****\Desktop\AdwCleaner_5.200.exe
2016-06-25 11:10 - 2016-06-25 11:10 - 02870984 _____ (ESET) C:\Users\*****\Desktop\esetsmartinstaller_deu.exe
2016-06-25 09:54 - 2016-06-25 09:54 - 01858888 _____ (Malwarebytes ) C:\Users\Robert *****\Downloads\mbae-setup-1.08.1.2563.exe
2016-06-25 09:52 - 2016-06-25 09:53 - 02870984 _____ (ESET) C:\Users\Robert *****\Desktop\esetsmartinstaller_deu.exe
2016-06-25 06:04 - 2016-05-17 01:22 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-06-25 06:04 - 2016-05-17 01:19 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-25 06:04 - 2016-05-17 01:19 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-25 06:04 - 2016-05-17 01:19 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-25 06:04 - 2016-05-17 01:19 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-25 06:04 - 2016-05-17 01:18 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-06-25 06:04 - 2016-05-17 01:18 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-06-25 06:04 - 2016-05-17 01:17 - 01732888 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-25 06:04 - 2016-05-17 01:16 - 01314136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-06-25 06:04 - 2016-05-17 01:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-06-25 06:04 - 2016-05-16 23:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-06-25 06:04 - 2016-05-16 23:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-25 06:04 - 2016-05-16 23:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-06-25 06:04 - 2016-05-16 23:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-06-25 06:04 - 2016-05-16 23:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-06-25 06:04 - 2016-05-16 23:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-06-25 06:04 - 2016-05-16 23:16 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-25 06:04 - 2016-05-16 23:15 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-25 06:04 - 2016-05-16 23:15 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-25 06:04 - 2016-05-16 23:14 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-06-25 06:04 - 2016-05-16 23:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-25 06:04 - 2016-05-16 23:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-25 06:04 - 2016-05-16 23:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-06-25 06:04 - 2016-05-16 23:10 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-06-25 06:04 - 2016-05-16 23:10 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-06-25 06:04 - 2016-05-16 23:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-06-25 06:04 - 2016-05-16 23:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-25 06:04 - 2016-05-16 23:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-06-25 06:04 - 2016-05-16 23:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-25 06:04 - 2016-05-16 23:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-06-25 06:04 - 2016-05-16 23:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-06-25 06:04 - 2016-05-14 00:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-25 06:04 - 2016-05-14 00:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-25 06:04 - 2016-05-14 00:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-25 06:04 - 2016-05-14 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-06-25 06:04 - 2016-05-13 23:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-25 06:04 - 2016-05-13 23:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-25 06:04 - 2016-05-13 23:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-25 06:04 - 2016-05-13 23:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-25 06:04 - 2016-05-13 23:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-06-25 06:04 - 2016-05-13 23:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-25 06:04 - 2016-05-13 23:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-06-25 06:04 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-25 06:04 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-25 06:04 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-25 06:04 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-25 06:04 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-25 06:04 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-25 06:04 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-25 06:04 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-06-25 06:04 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-25 06:04 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-25 06:04 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-25 06:04 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-25 06:04 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-25 06:04 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-25 06:04 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-25 06:04 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-06-25 06:04 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-25 06:04 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-25 06:04 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-25 06:04 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-25 06:04 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-25 06:04 - 2016-05-04 19:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-25 06:04 - 2016-05-04 19:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-25 06:04 - 2016-05-04 19:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-25 06:04 - 2016-05-04 19:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-25 06:04 - 2016-05-04 19:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-25 06:04 - 2016-05-04 19:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-25 06:04 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-25 06:04 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-25 06:04 - 2016-05-04 19:16 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-25 06:04 - 2016-05-04 19:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-25 06:04 - 2016-05-04 17:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-25 06:04 - 2016-05-04 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-25 06:03 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-25 06:03 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-25 06:03 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-25 06:03 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-25 06:03 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-25 06:03 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-25 06:03 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-25 06:03 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-25 06:03 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-25 06:03 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-25 06:03 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-25 06:03 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-25 06:03 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-25 06:03 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-25 06:03 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-25 06:03 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-25 06:03 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-25 06:03 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-25 06:03 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-25 06:03 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-25 06:03 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-25 06:03 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-25 06:03 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-25 06:03 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-25 06:03 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-25 06:03 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-25 06:03 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-25 06:03 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-25 06:03 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-25 06:03 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-25 06:03 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-25 06:03 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-25 06:03 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-25 06:03 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-25 06:03 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-25 06:03 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-25 06:03 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-25 06:03 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-25 06:03 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-25 06:03 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-25 06:03 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-25 06:03 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-25 06:03 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-25 06:03 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-25 06:03 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-25 06:03 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-25 06:03 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-25 06:03 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-25 06:03 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-25 06:03 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-25 06:03 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-25 06:03 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-25 06:03 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-25 06:03 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-25 06:03 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-25 06:03 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-25 06:03 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-25 06:03 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-25 06:03 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-25 06:03 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-25 06:03 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-25 06:03 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-25 06:03 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-25 06:03 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-25 06:03 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-25 06:03 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-25 06:03 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-25 06:03 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-25 06:03 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-25 06:03 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-25 06:03 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-25 06:03 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-25 06:03 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-25 06:03 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-25 06:03 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-25 06:03 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-25 06:03 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-25 06:03 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-25 06:03 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-25 06:03 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-25 06:03 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-25 06:03 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-25 06:03 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-25 06:03 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-25 06:03 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-25 06:03 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-25 06:03 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-25 06:03 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-06-25 06:03 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-06-25 06:03 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-06-25 06:03 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-06-25 06:03 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-06-25 06:03 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-06-25 06:03 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-06-25 06:03 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-06-25 06:03 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-06-25 06:03 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-06-25 06:03 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-06-25 06:03 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-06-25 06:02 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-25 06:02 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-24 22:15 - 2016-06-24 22:15 - 00000000 ____D C:\660d1cbeaeecc6f8c7559821c8d421
2016-06-24 21:45 - 2016-06-24 21:45 - 00000000 ____D C:\Users\Robert *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 19:19 - 2016-06-25 10:40 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-06-24 19:19 - 2016-06-25 09:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-06-24 19:19 - 2016-06-25 09:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-06-24 19:19 - 2016-06-24 19:19 - 00001131 _____ C:\Users\*****\Desktop\Malwarebytes Anti-Exploit.lnk
2016-06-24 18:50 - 2016-06-24 18:51 - 00000000 ____D C:\Users\*****\Desktop\Trojaner-Board Abschluss
2016-06-24 18:45 - 2016-06-25 09:58 - 00000889 _____ C:\DelFix.txt
2016-06-24 18:45 - 2016-06-24 18:45 - 00000000 ____D C:\Windows\ERUNT
2016-06-24 09:21 - 2016-06-25 11:50 - 00000000 ____D C:\Users\Robert *****\Desktop\Fehlermeldungen
2016-06-24 08:41 - 2016-06-24 08:41 - 00000000 ____D C:\Program Files (x86)\ESET
2016-06-24 08:38 - 2016-06-24 08:38 - 00000000 ____D C:\Program Files\HitmanPro
2016-06-23 07:49 - 2016-06-23 07:49 - 00180736 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2016-06-23 07:49 - 2016-06-23 07:49 - 00088064 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2016-06-23 07:49 - 2016-06-23 07:49 - 00082240 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2016-06-23 07:49 - 2016-06-23 07:49 - 00058368 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2016-06-23 07:44 - 2016-06-23 07:44 - 00710144 _____ (Lenovo.) C:\Windows\system32\LPlatSvc.exe
2016-06-22 20:43 - 2016-06-22 20:43 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2016-06-22 20:43 - 2016-06-22 20:43 - 00000000 ____D C:\Users\DefaultAppPool
2016-06-22 20:43 - 2016-03-15 23:28 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2016-06-22 20:43 - 2016-02-22 19:55 - 00000000 ____D C:\Users\DefaultAppPool\Downloads\SHAREit
2016-06-22 20:43 - 2016-02-22 19:55 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\SHAREit
2016-06-22 20:43 - 2016-01-23 08:05 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Sun
2016-06-22 20:43 - 2016-01-20 23:10 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Adobe
2016-06-22 20:43 - 2016-01-20 23:10 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Adobe
2016-06-22 20:43 - 2015-08-21 22:38 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Tvsukernel
2016-06-22 20:43 - 2015-08-19 08:59 - 00002131 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2016-06-22 20:43 - 2015-01-22 09:13 - 00000122 _____ C:\Users\DefaultAppPool\AppData\Local\WiDiLog.20150122.081350.wdl
2016-06-22 20:43 - 2014-10-25 20:14 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Apple Computer
2016-06-22 20:43 - 2014-10-25 20:14 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Apple Computer
2016-06-22 20:43 - 2014-08-05 14:54 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2016-06-22 20:43 - 2009-07-14 09:44 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\Windows\system32\BestPractices
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\Program Files\MSBuild
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-22 14:16 - 2016-06-22 14:16 - 00000000 ____D C:\inetpub
2016-06-20 18:53 - 2016-06-20 18:53 - 03703360 _____ C:\Users\Robert *****\Desktop\adwcleaner_5.200.exe
2016-06-20 14:27 - 2016-06-20 14:28 - 00131072 ___HT C:\Users\Robert *****\Desktop\~20090522.pst.tmp
2016-06-15 19:56 - 2016-06-15 19:56 - 00000000 ____D C:\Users\*****\AppData\Local\CEF
2016-06-15 06:56 - 2016-06-15 06:56 - 00003272 _____ C:\Windows\System32\Tasks\{307AEC3E-4BD1-4CC0-ACE0-9862B1F9F787}
2016-06-15 06:37 - 2016-06-26 09:33 - 00001275 _____ C:\Users\*****\Desktop\Revo Uninstaller.lnk
2016-06-15 06:37 - 2016-06-26 09:33 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-06-13 20:03 - 2016-06-21 21:30 - 02387456 _____ (Farbar) C:\Users\Robert *****\Desktop\FRST64.exe
2016-06-09 07:30 - 2016-06-09 07:30 - 00612705 _____ C:\Users\Robert *****\Desktop\Corality_Excel_Shortcuts.pdf
2016-06-08 21:55 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-08 21:55 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-08 21:55 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-08 21:55 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-08 21:55 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-08 21:55 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-08 21:55 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-08 21:55 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-08 18:08 - 2016-06-22 09:57 - 00027676 _____ C:\Users\Robert *****\Desktop\Test Corality.xlsx
2016-06-08 08:32 - 2016-06-08 10:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-06 20:00 - 2016-06-06 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-06 19:59 - 2016-06-06 20:00 - 00000000 ____D C:\Program Files\iTunes
2016-06-06 19:59 - 2016-06-06 19:59 - 00000000 ____D C:\Program Files\iPod
2016-06-04 12:37 - 2016-06-04 12:37 - 00000000 ____D C:\Users\*****\Documents\ProcAlyzer Dumps
2016-06-04 12:06 - 2016-06-04 12:06 - 00000000 _____ C:\autoexec.bat
2016-06-04 12:05 - 2016-06-04 12:05 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-06-04 11:48 - 2016-06-04 11:48 - 00000017 _____ C:\Users\Robert *****\AppData\Local\resmon.resmoncfg
2016-06-04 11:15 - 2016-06-04 11:15 - 00000000 ____D C:\Users\Robert *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote
2016-06-03 22:55 - 2016-06-03 22:55 - 00000000 ____D C:\Users\*****\Documents\Wondershare Dr.Fone for iOS
2016-06-03 22:55 - 2016-06-03 22:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\HMYGSetting
2016-06-03 22:54 - 2016-06-03 22:54 - 00000000 ___HD C:\Program Files (x86)\Dr.Fone_Temp
2016-06-02 11:04 - 2016-06-04 10:49 - 00000000 ____D C:\Users\Robert *****\Desktop\Software Desktop
2016-06-02 08:54 - 2016-06-02 08:55 - 00000000 ____D C:\9e668ca4e4ed8aec4b68f8b95793dd
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-26 14:03 - 2014-08-02 00:38 - 00000382 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-06-26 14:02 - 2016-02-15 08:13 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-06-26 14:02 - 2014-10-08 21:48 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2016-06-26 14:02 - 2014-08-05 15:55 - 00000000 ____D C:\Users\Robert *****\Documents\Outlook-Dateien
2016-06-26 14:00 - 2014-11-20 11:18 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2016-06-26 14:00 - 2014-08-04 19:24 - 00000440 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-06-26 13:59 - 2014-10-17 14:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-26 13:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-26 13:58 - 2015-06-22 10:47 - 00001256 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3260024445-841682204-2698663456-1001UA.job
2016-06-26 13:58 - 2015-06-14 09:45 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2016-06-26 13:57 - 2014-08-11 20:07 - 00000000 ____D C:\Users\Robert *****\AppData\Roaming\Skype
2016-06-26 13:55 - 2014-08-02 00:38 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2016-06-26 13:19 - 2014-10-17 14:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-26 12:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-06-26 10:34 - 2009-07-14 06:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-26 10:34 - 2009-07-14 06:45 - 00030064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-26 10:31 - 2014-08-02 01:10 - 00788726 _____ C:\Windows\system32\perfh007.dat
2016-06-26 10:31 - 2014-08-02 01:10 - 00182796 _____ C:\Windows\system32\perfc007.dat
2016-06-26 10:31 - 2009-07-14 07:13 - 01847784 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-26 10:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-26 10:26 - 2014-08-05 10:20 - 00000000 ___RD C:\Users\Robert *****\Dropbox
2016-06-26 08:23 - 2014-08-05 10:12 - 00000000 ____D C:\Users\Robert *****\AppData\Local\MobileAccess
2016-06-26 06:58 - 2015-06-22 10:47 - 00001204 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3260024445-841682204-2698663456-1001Core.job
2016-06-25 15:25 - 2015-07-21 10:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-25 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-25 13:34 - 2016-02-18 19:53 - 00000000 ____D C:\Users\Robert *****\AppData\Roaming\vlc
2016-06-25 09:47 - 2016-01-31 17:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 09:47 - 2016-01-31 17:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-25 09:47 - 2009-07-14 06:45 - 00516192 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-25 09:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-06-25 09:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-06-25 06:15 - 2014-08-01 17:42 - 00000000 ____D C:\Windows\system32\MRT
2016-06-25 06:08 - 2016-01-31 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-25 06:08 - 2014-08-01 17:42 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-24 21:45 - 2014-08-05 10:16 - 00000000 ____D C:\Users\Robert *****\AppData\Roaming\Dropbox
2016-06-24 20:06 - 2014-08-01 17:19 - 00000000 ____D C:\Users\*****\AppData\Local\MobileAccess
2016-06-24 19:15 - 2015-12-06 14:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-24 07:58 - 2014-08-01 16:10 - 00148136 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-23 20:36 - 2016-04-30 12:59 - 00015189 _____ C:\Users\Robert *****\Desktop\EIC Einnahmen Überschuss Rechnung 20160430.xlsx
2016-06-23 17:21 - 2015-09-03 23:16 - 00000509 _____ C:\Users\Robert *****\AppData\Roaming\com.iliumsoft.ewallet.plist
2016-06-22 18:56 - 2014-08-02 00:33 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-06-22 18:56 - 2014-08-02 00:32 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2016-06-22 18:56 - 2014-08-02 00:32 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-06-22 18:56 - 2014-08-01 16:59 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2016-06-22 18:55 - 2014-08-02 00:35 - 00000000 ____D C:\ProgramData\Lenovo
2016-06-22 17:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-22 14:50 - 2014-08-01 16:07 - 00000000 ____D C:\Users\*****
2016-06-22 14:31 - 2015-10-29 14:55 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-22 14:16 - 2014-08-01 16:51 - 01667814 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-06-22 13:40 - 2014-08-05 10:12 - 00148136 _____ C:\Users\Robert *****\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-22 13:30 - 2014-08-05 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-06-22 13:29 - 2009-07-14 09:45 - 00000000 ____D C:\Windows\ShellNew
2016-06-22 13:28 - 2009-07-14 04:34 - 00000513 _____ C:\Windows\win.ini
2016-06-22 11:40 - 2016-02-28 19:26 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-21 21:25 - 2014-09-04 15:07 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-16 16:21 - 2014-08-06 13:21 - 00000000 ____D C:\Users\Robert *****\Documents\Eigene Scans
2016-06-15 19:56 - 2014-08-22 20:33 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2016-06-15 10:13 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-15 09:53 - 2015-04-28 21:52 - 00007638 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2016-06-15 07:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2016-06-15 06:51 - 2015-10-29 14:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\TeamViewer
2016-06-08 21:55 - 2014-12-11 13:46 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-08 10:00 - 2015-03-02 18:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-06 19:59 - 2016-05-19 08:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-06 19:59 - 2014-08-14 14:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-04 11:51 - 2016-01-16 23:31 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-06-04 11:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-06-03 23:06 - 2016-05-02 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-06-03 23:06 - 2016-05-02 11:55 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-06-03 22:54 - 2016-05-02 11:55 - 00000000 ____D C:\ProgramData\Wondershare
2016-06-03 22:54 - 2016-05-02 11:53 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-06-02 10:14 - 2015-11-17 09:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-29 19:59 - 2014-08-13 16:46 - 00000047 _____ C:\Users\Robert
2016-05-27 08:16 - 2014-08-11 20:07 - 00000000 ____D C:\ProgramData\Skype
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-02-28 19:21 - 2016-02-28 19:22 - 50063360 _____ () C:\Program Files (x86)\GUTD5E5.tmp
2015-11-27 10:49 - 2015-11-27 11:06 - 0000430 _____ () C:\Users\*****\AppData\Roaming\com.iliumsoft.ewallet.plist
2014-08-04 15:44 - 2015-07-12 11:37 - 0004042 _____ () C:\Users\*****\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-07-11 11:59 - 2015-07-18 09:29 - 0003584 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-28 21:52 - 2016-06-15 09:53 - 0007638 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2015-07-10 14:03 - 2015-07-10 14:03 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-08-06 12:03 - 2016-03-31 13:01 - 0063811 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Robert *****\AppData\Local\Temp\vlc-2.2.4-win64.exe
C:\Users\Robert *****\AppData\Local\Temp\{F0133237-C3AC-4773-A550-55895923BCD8}-DropboxClient_5.4.24.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-17 15:44
==================== Ende von FRST.txt ============================
|
|
26.06.2016, 13:19
| #6 |
| | WIN32/Systweak.l Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-06-2016 01
durchgeführt von ***** (2016-06-26 14:03:36)
Gestartet von C:\Users\*****\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-08-01 14:07:24)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3260024445-841682204-2698663456-500 - Administrator - Disabled)
***** (S-1-5-21-3260024445-841682204-2698663456-1000 - Administrator - Enabled) => C:\Users\*****
Gast (S-1-5-21-3260024445-841682204-2698663456-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3260024445-841682204-2698663456-1003 - Limited - Enabled)
Robert ***** (S-1-5-21-3260024445-841682204-2698663456-1001 - Limited - Enabled) => C:\Users\Robert *****
tvsu_tmp_godmtMFODY (S-1-5-21-3260024445-841682204-2698663456-1140 - Administrator - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat 9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: - ArcSoft)
Attribute Changer 7.11 (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 7.11 - Romain Petges)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.823 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote Sticky Notes (HKLM-x32\...\{4FC3ACD7-105C-42E2-9A48-4FFF58C76D19}) (Version: 1.5.9 - Evernote Sticky Notes)
Evernote v. 6.1.2 (HKLM-x32\...\{A46ABD1E-2837-11E6-9E7C-005056951CAD}) (Version: 6.1.2.2292 - Evernote Corp.)
eWallet 8.2.1 for Windows PC (desktop) (HKLM-x32\...\Ilium Software eWallet_is1) (Version: 8.2.1 - Ilium Software)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Folder Colorizer version 1.4.2 (HKLM\...\{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1) (Version: 1.4.2 - Softorino)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 3.0.57.207 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
hppLaserJetService (x32 Version: 009.033.00906 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{D39DD5B4-3FF8-490F-B8E8-451C8948D427}) (Version: 12.3.6.6 - HP)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.32.0 (HKLM-x32\...\{2D793E41-F598-1014-9984-F3B169A93F79}) (Version: 1.2.32.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.80.1211 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Mobile Access (HKLM-x32\...\{3F0501BE-3203-4001-8125-BAA857C92F51}) (Version: 3.1.0.1268 - Lenovo)
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0029 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5632.21 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
LibreCAD (HKLM-x32\...\LibreCAD) (Version: 2.0.9 - LibreCAD Team)
Malwarebytes Anti-Exploit version 1.8.1.2563 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2563 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Message Center Plus (HKLM\...\{C2C2DB64-1BCE-4FA7-962D-457795ECCEC0}) (Version: 3.3.0004.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MindMapper 2008 (HKLM-x32\...\{232E984E-F02D-4DAE-80F4-97884EC52F16}) (Version: 6.00.1832 - SimTech)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB)
Mozilla Firefox 47.0 (x64 de) (HKLM\...\Mozilla Firefox 47.0 (x64 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SecureSafe 2.1.14 (HKLM-x32\...\{F2E103B2-75D2-463F-BAF3-86EF3519C825}) (Version: 2.1.14 - DSwiss AG)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Web Plugin (HKLM-x32\...\{D675FB66-8B6B-4950-A38E-D5BB32AF283D}) (Version: 7.15.0.49 - Skype Technologies S.A.)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SmartDeblur (HKLM-x32\...\SmartDeblur_is1) (Version: 2.2 - )
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Studie zur Verbesserung von HP OfficeJet 7510 series (HKLM\...\{35EF2AF3-3BBE-41F9-B93F-FC230A207AF3}) (Version: 35.0.72.55351 - Hewlett-Packard Co.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.26.81 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - Lenovo)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.0f-2 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse (01/19/2011 15.2.9.1) (HKLM\...\56985FF2BB205B671BCE0645CA198C9EC5176EBA) (Version: 01/19/2011 15.2.9.1 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinZip 15.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}) (Version: 15.5.9579 - WinZip Computing, S.L. )
Wondershare Video Converter Ultimate(Build 8.6.0.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.6.0.0 - Wondershare Software)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)
Zwangs-Update-Killer (HKLM-x32\...\{8E446BC1-620B-47AE-A0B1-ED592A4A758C}_is1) (Version: 1.0.0.0 - pXc-coding.com)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3260024445-841682204-2698663456-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Robert *****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C233393-90D6-4810-9530-34D9D9934FEA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2010-08-11] (PC-Doctor, Inc.)
Task: {19D8DAF7-DBDB-44C4-8139-2222F1AC1C02} - System32\Tasks\SafeZone scheduled Autoupdate 1458718045 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {1B2FD011-7D1F-4DB8-B869-993ADC1A9CFE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1E407D2A-81A1-44B9-8E71-400F139730F8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {264438A3-A859-4A2D-9666-0A6BA6CFCEB1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3A9BE327-D866-40E4-940A-605E42BA09DF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {3D077A56-89C6-484A-8D50-27369E53C512} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {3EBAA335-8176-4F8C-B5C3-98FB67F81FA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {3F77CDA0-6ED1-42CB-8246-B13546538C9A} - System32\Tasks\IPVanish => C:\Program Files (x86)\IPVanish\ElevateClient.exe
Task: {4E508C83-FE88-43B4-8B9B-216C582937D8} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdrcui.exe [2010-08-11] (PC-Doctor, Inc.)
Task: {53558C46-9A22-40C2-B385-E00A9562FE4F} - System32\Tasks\HPCustParticipation HP OfficeJet 7510 series => C:\Program Files\HP\HP OfficeJet 7510 series\Bin\HPCustPartic.exe [2015-05-12] (Hewlett-Packard Development Company, LP)
Task: {5AFE90B0-232D-4109-8C2D-87E8B9FA7FF5} - System32\Tasks\Toolbox.exe_{D63D1549-E7F9-41E1-812C-45DEF29EA4C0} => C:\Program Files\HP\HP Deskjet 3520 series\Bin\Toolbox.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {5FFE8EB7-AE0A-4341-A5E2-7C68472A7827} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3260024445-841682204-2698663456-1001UA => C:\Users\Robert *****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {6E90923A-94F4-412F-BAF5-A4714336B701} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {8E4E46C4-C2E2-4501-B9DC-79F036DCB4B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8F3BA474-C06B-4787-85E4-7811DD9C17CE} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo)
Task: {906353F2-6078-46D3-9087-69642395FC8B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] ()
Task: {966AE816-5A41-4CBA-BB8A-06905FAB2C59} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe [2012-03-05] (Lenovo Group Limited)
Task: {985D5CFD-FEF0-4FEA-BAE0-C8041B6F675C} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2014-09-13] (Lenovo)
Task: {9E64DA44-66BF-4499-8E5F-B46AF427299D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A95C8A43-2E9C-4603-95C6-8994B28367C1} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {AD930B0B-195D-4F07-9A5A-9F813F6E3FDE} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {B579E999-8833-4C9B-9D3E-7F0AE324FDD6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {B606EEC6-8848-4628-94A4-7A468D11B4BD} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo)
Task: {BAE26F04-F6B8-46AC-990E-492ABEAABC80} - System32\Tasks\ScanToPCActivationApp.exe_{E7D694F9-CAA5-4370-86D5-4010818DE2D5} => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {BB7D439C-EEB1-40D6-94D2-32C399565C8F} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {C003AB03-4ADF-477A-B890-67E7CF014501} - System32\Tasks\hpUtility.exe_{A9B61BC9-B5FD-4CC2-89EC-1321A00E5FF2} => C:\Program Files\HP\HP Deskjet 3520 series\Bin\utils\hpUtility.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {C20E4154-36E8-4B33-9B1D-0893DEDA2040} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-04] (AVAST Software)
Task: {D913538E-EA17-4291-8FBC-CBA50B4E9C03} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-05-25] ()
Task: {DB29BA0E-5DEB-425D-911F-86FDAEEB3DC0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo)
Task: {DD34831F-9B28-4AF0-B676-82DE02499169} - System32\Tasks\{307AEC3E-4BD1-4CC0-ACE0-9862B1F9F787} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {E02572BA-1C9A-477B-8A13-C5FAC44047D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {E4A78127-F751-4FF4-AB6B-571DBF95DF7D} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2014-09-13] (Lenovo)
Task: {E77B672F-2903-4145-A996-55ADE928A447} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3260024445-841682204-2698663456-1001Core => C:\Users\Robert *****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {E9A01095-9B7D-4067-9806-9AE75FB31F7E} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2010-08-11] ()
Task: {F3EA340B-087E-46A8-9D53-0E7C7C063C38} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {FBF0915A-195E-42F2-81C5-CB82427C945C} - System32\Tasks\HP AR Program Upload - b193352d1995469c85bd48adbe5f384723b39599a1fa4b2c90bd2dc35c0817d3 => C:\Program Files\HP\HP OfficeJet 7510 series\bin\HPRewards.exe
Task: {FC114D39-4FA2-4A20-97A4-494AB77B5E98} - System32\Tasks\HP Deskjet 3520 series.exe_{C15FEB99-81B8-4757-9CF9-AEC26C6A0346} => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HP Deskjet 3520 series.exe [2012-10-17] (Hewlett-Packard Co.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3260024445-841682204-2698663456-1001Core.job => C:\Users\Robert *****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3260024445-841682204-2698663456-1001UA.job => C:\Users\Robert *****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdrcui.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-02 00:36 - 2016-04-14 06:08 - 00119808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-12-19 00:50 - 2010-12-19 00:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-05-02 12:35 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2015-11-17 12:15 - 2015-02-27 15:38 - 00721263 _____ () C:\Windows\SysWOW64\ISCM64.dll
2014-08-02 00:34 - 2010-10-26 10:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-08-02 00:35 - 2016-03-02 01:52 - 00102904 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-06-10 17:22 - 2016-06-10 17:22 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-12-19 00:50 - 2010-12-19 00:50 - 00171296 _____ () C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
2016-05-04 18:35 - 2016-05-04 18:35 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-04 18:35 - 2016-05-04 18:35 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-26 10:25 - 2016-06-26 10:25 - 02948608 _____ () C:\Program Files\AVAST Software\Avast\defs\16062600\algo.dll
2016-05-04 18:35 - 2016-05-04 18:35 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-04 18:35 - 2016-05-04 18:35 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-19 21:19 - 2016-02-19 21:19 - 00065704 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll
2014-08-02 00:34 - 2011-05-26 17:17 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2014-08-01 17:12 - 2011-06-29 18:09 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-08-01 17:12 - 2011-06-29 18:09 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-11-17 12:16 - 2014-10-31 17:40 - 01498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2015-11-17 12:16 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2016-02-28 19:21 - 2016-02-28 19:21 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-04-26 14:55 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-04-26 14:55 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-04-26 14:55 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-04-26 14:55 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-04-26 14:55 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Robert *****\Desktop\006 Payment Procedures Caclulation v. 1531 20150225.xlsx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Robert *****\Desktop\***** Press Pic.JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\Robert *****\Desktop\Robert bei Barbara.JPG:com.dropbox.attributes [424]
AlternateDataStreams: C:\Users\Robert *****\Desktop\~WRL0005.tmp:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-01-16 23:56 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3260024445-841682204-2698663456-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{10D838C3-6E32-4587-B560-3C34F45CE5A6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{039E0909-A545-41DF-B729-F3BE9B09C93C}] => (Allow) LPort=2869
FirewallRules: [{6775BB3B-61D9-4530-85E8-256C8A953FB0}] => (Allow) LPort=1900
FirewallRules: [{7933D93E-598F-4D89-A73D-1995803CE254}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{67F6C482-2E2E-4C3E-85F7-50D92B17C1B5}] => (Allow) LPort=4481
FirewallRules: [{FD8E9DBD-18BD-4872-BE05-907C564A1DBE}] => (Allow) LPort=4481
FirewallRules: [{1EB1BDD6-6D13-4A0A-952D-FDA387EE8400}] => (Allow) LPort=4482
FirewallRules: [{32194CC6-1E11-4469-BD5F-5EFAB5DC2D8D}] => (Allow) LPort=4482
FirewallRules: [{B2D756A7-774D-4E40-90E0-8C537E574E8A}] => (Allow) C:\Users\Robert *****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{28584A7F-811B-41BB-8840-55ED4289FAD5}] => (Allow) C:\Users\Robert *****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{332ED54A-37CF-4BB9-9C7A-976A453932FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{39B9B351-AFD5-4B09-BF57-19F09BC42D4A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{AE54283B-21C0-4A63-90AE-63F78CBE34E1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{0AEF52B2-E6F0-4627-B8E1-CAB638FAD33B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{757969D6-C36C-4E1F-8049-0E41F9360C77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{0F226EFD-15BC-4A2A-86C4-BA13970BE0FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{E2E8BB93-96D9-4100-83BA-BB492A602DC3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{3F84297E-B1EA-44BD-9120-EDFCA7B5EFF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F2270613-11D0-4098-BF7A-D75FB53A0F0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{48EFAFB8-2FA1-403D-96A1-BF041BFEA3B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{A05DBADA-8718-486B-BF09-ACE68272CCF2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8BFDC03C-7932-4395-9403-DEDDD0171A3E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{01873D4B-EC04-4B5C-9E30-CA77D6E194AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{EA751928-9402-45A9-8190-D6FE8F66D912}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{EF6C19CD-4323-459D-9CC2-93F5A89112AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{323A3EE4-4D50-42AF-88B5-10315FC1B472}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6C0C9071-25E0-460C-9C43-33D62FAFBE84}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D4CA4082-A47D-412E-8951-EC91A5FC5D1F}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{F31F65B8-4704-44F7-BC20-D18372732BAE}C:\users\robert *****\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\robert *****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C5757DCF-F6CE-4D37-A54E-482C9F91BF6E}C:\users\robert *****\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\robert *****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0EF1193F-8C58-453E-AF51-E6452D92344E}C:\users\robert *****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robert *****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1C9183A6-53DC-4F91-AFA5-3691695D0E25}C:\users\robert *****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\robert *****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C69682AA-A255-4D76-BF36-BA9FE9947154}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{1AF91880-03B6-40C9-B736-D12AA753885E}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{73BA7C9D-65C6-45D3-AAB9-AEC20E8D0C19}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [{7843A405-D987-4F57-A92F-13BFAF1F1259}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{1ADCF21A-596C-4DB2-8686-E0D48DC5BC3D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6EB5A4F5-D40E-4300-B32A-35B2F03BDEA6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1904A345-9D73-4504-828A-CAF19403BBAC}] => (Allow) C:\Program Files (x86)\MSI\ArcSoft TotalMedia\TotalMedia.exe
FirewallRules: [{11CA62D7-ABC5-4D42-9FF5-020C31A1C2BE}] => (Allow) C:\Program Files (x86)\MSI\ArcSoft TotalMedia\TotalMedia.exe
FirewallRules: [{489773F1-0042-46F4-BE75-37C211AA1615}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}\setup\hpznui40.exe
FirewallRules: [{74ED5923-B011-49F6-BB52-EC109CFD8E1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E436047A-BD55-4EBE-B1A5-20C9334206E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6F3F911F-F6A6-4899-929E-6DF1DF318E41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C63BF9C-5BAA-4A95-83EB-E0BBCB6C00FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{274A3984-54C3-4FBA-891A-DC2B5C23096D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{48D3AB47-E932-49CC-BA28-90A6ADE7DDF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E23F64B5-862C-479F-82D5-E1309883802D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6FEFDA4D-2C0B-4B07-BBA6-A9606CB5DDD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8F256132-1916-4CD3-9F54-3A0810A7B3F8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D8380204-FB9A-4AE2-B921-F6D53D5F9A2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{280123D6-168B-4ED1-A8AD-DDA030951712}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{36E3E354-641C-4B6E-80F2-A1145BD617AB}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A840DA9A-E5CC-4EB7-A0A7-3E73083DDCEC}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{26FDF9E5-9B35-4C31-B1C3-189DECFBCB4E}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EF5B3DB7-DC5E-42C0-A600-6FC79DD52EDE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C5692C29-76CC-4792-BB3E-18EFB72C62AA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{39D46F72-6889-4955-BCA7-31ACB30EADE8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{BB3F7A93-DC83-44DC-972F-531C73BE57D0}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
25-06-2016 09:57:53 Ende der Bereinigung
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #3
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 6700
Description: Officejet 6700
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Officejet 6700
Description: Officejet 6700
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Officejet 6700
Description: Officejet 6700
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/26/2016 10:27:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:26:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:26:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:19:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:19:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:19:47 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:19:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:19:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 10:19:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (06/26/2016 09:45:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Systemfehler:
=============
Error: (06/26/2016 02:00:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
epp
Error: (06/26/2016 02:00:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/26/2016 01:59:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/26/2016 01:59:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.
Error: (06/26/2016 01:58:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Lenovo Platform Service erreicht.
Error: (06/26/2016 01:58:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (06/26/2016 10:27:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (06/26/2016 10:27:32 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\*****\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/26/2016 10:27:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (06/26/2016 10:27:31 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\*****\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2016-05-04 14:50:46.962
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-07-28 06:49:14.045
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:14.039
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:14.034
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:14.028
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:14.013
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:14.008
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:14.003
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:13.998
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 06:49:13.985
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8075.23 MB
Verfügbarer physikalischer RAM: 5090.55 MB
Summe virtueller Speicher: 16148.65 MB
Verfügbarer virtueller Speicher: 12939.34 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:530.39 GB) (Free:113.6 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:27.34 GB) (Free:18.73 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 558.9 GB) (Disk ID: 9331106A)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=530.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=27.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
27.06.2016, 05:53
| #7 | |
| /// TB-Ausbilder | WIN32/Systweak.lZitat:
 |
|
27.06.2016, 11:49
| #8 |
| | WIN32/Systweak.l Sorry :-) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# end=init
# utc_time=2016-06-26 08:20:05
# local_time=2016-06-26 10:20:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29917
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# end=updated
# utc_time=2016-06-26 08:22:47
# local_time=2016-06-26 10:22:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# engine=29917
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-26 08:22:47
# local_time=2016-06-26 10:22:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=788 16777213 83 97 1185592 10252891 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 36698934 218559217 0 0
# scanned=56
# found=0
# cleaned=0
# scan_time=0
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# end=init
# utc_time=2016-06-26 08:27:16
# local_time=2016-06-26 10:27:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 29917
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# end=updated
# utc_time=2016-06-26 08:27:41
# local_time=2016-06-26 10:27:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# engine=29917
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-26 10:13:53
# local_time=2016-06-26 12:13:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=788 16777213 83 97 1192258 10259557 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 36705600 218565883 0 0
# scanned=358884
# found=1
# cleaned=0
# scan_time=6372
sh=E3908B4E41FA8FD51E87FC36E50767B2CED470F7 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\749a8e.msi"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# end=init
# utc_time=2016-06-27 08:26:42
# local_time=2016-06-27 10:26:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29927
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# end=updated
# utc_time=2016-06-27 08:28:23
# local_time=2016-06-27 10:28:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ec82beef5c474243946b34a8f2b34eb6
# engine=29927
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-27 10:22:47
# local_time=2016-06-27 12:22:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=788 16777213 83 97 1279192 10346491 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 36792534 218652817 0 0
# scanned=362461
# found=1
# cleaned=0
# scan_time=6863
sh=E3908B4E41FA8FD51E87FC36E50767B2CED470F7 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\749a8e.msi"
|
|
27.06.2016, 13:21
| #9 | |
| /// TB-Ausbilder | WIN32/Systweak.l Servus, wie ich sehe, hast du AdwCleaner bereits ausgeführt. Bitte davon die Logdatei posten, zu finden unter C:\AdwCleaner\ Wieso erwähnst du das nicht gleich? Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
|
|
27.06.2016, 14:07
| #10 |
| | WIN32/Systweak.l Danke Dir, Matthias Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 27/06/2016 um 14:48:03
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-26.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ***** - *****-THINK
# Gestartet von : C:\Users\*****\Desktop\AdwCleaner_5.200.exe
# Option : Suchlauf
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [854 Bytes] - [25/06/2016 11:20:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [927 Bytes] - [25/06/2016 14:29:27]
C:\AdwCleaner\AdwCleaner[S3].txt - [997 Bytes] - [25/06/2016 23:01:27]
C:\AdwCleaner\AdwCleaner[S4].txt - [1067 Bytes] - [26/06/2016 09:50:15]
C:\AdwCleaner\AdwCleaner[S5].txt - [993 Bytes] - [27/06/2016 14:48:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1065 Bytes] ##########
ich mache das noch mal als USER eingeloggt da als ADMIN die Datei nicht zu finden ist. Ich führe die Scans aber als ADMIN aus. Danke für Deine Geduld Schöne Grüße Robert |
|
27.06.2016, 16:42
| #11 | |
| /// TB-Ausbilder | WIN32/Systweak.lZitat:
|
|
27.06.2016, 16:46
| #12 |
| | WIN32/Systweak.l Hallo Matthias, konnte die betreffende Datei zuerst nicht finden bis mir einfiel dass diese in einem Systemordner ist und ich den Systemordner erst zugängig machen muss. Anscheinend gehört diese Datei zu WINZIP 15.x. Danke Dir Schöne Grüße Adwcleaner: Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 27/06/2016 um 15:18:13
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-26.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ***** - *****-THINK
# Gestartet von : C:\Users\Robert *****\Desktop\adwcleaner_5.200.exe
# Option : Suchlauf
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
\AdwCleaner\AdwCleaner[S1].txt - [854 Bytes] - [25/06/2016 11:20:20]
\AdwCleaner\AdwCleaner[S2].txt - [927 Bytes] - [25/06/2016 14:29:27]
\AdwCleaner\AdwCleaner[S3].txt - [997 Bytes] - [25/06/2016 23:01:27]
\AdwCleaner\AdwCleaner[S4].txt - [1067 Bytes] - [26/06/2016 09:50:15]
\AdwCleaner\AdwCleaner[S5].txt - [1144 Bytes] - [27/06/2016 14:48:03]
\AdwCleaner\AdwCleaner[S6].txt - [1063 Bytes] - [27/06/2016 15:18:13]
########## EOF - \AdwCleaner\AdwCleaner[S6].txt - [1134 Bytes] ##########
https://www.virustotal.com/de/file/8581a8535cca990d9c4e9a3324adc1dcbeb1f784c1f2b5502932780d67fd8ba5/analysis/1467041729/ Code:
ATTFilter https://www.virustotal.com/de/file/8581a8535cca990d9c4e9a3324adc1dcbeb1f784c1f2b5502932780d67fd8ba5/analysis/1467041729/
|
|
27.06.2016, 16:47
| #13 | ||||||||||
| /// TB-Ausbilder | WIN32/Systweak.l Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
27.06.2016, 17:05
| #14 |
| | WIN32/Systweak.l Hallo Matthias, danke Dir vielmals. Alles erledigt. Super-Job. Alles Gute |
|
27.06.2016, 17:06
| #15 |
| /// TB-Ausbilder | WIN32/Systweak.l Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu WIN32/Systweak.l |
| bedrohung, entferne, entfernen, ergebnis, installer, installier, laptop, laufe, laufen, namens, nichts, win, win7 |
Linear-Darstellung
