| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: IStartPageeing entfernen.....Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.03.2017, 17:23
| #1 |
 |  IStartPageeing entfernen..... Also es geht um den Laptop eines bekannten der 1-2 mal im Jahr mit seinem verseuchten PC zu mir kommt. Unzählige Trojaner, PUP und sonstwas entfernt. Was aber von Anfang noch da ist , ist dieser Browser Hijacker IStartPageeing. Habe natürlich gegoogelt aber nichts hat wirklich geholfen. Was habe ich bisher gemacht: Malwarebytes/Rootkit TDDS Killer Adaware Emisoft ESET In den Chromeeeinstellungen Startseite geändert und istartpageeing aus den Sucheinstellungen gelöscht. Bei der Chrome Browser Verknüpfung auf dem Desktop "istartpageeing" eintrag entfernt. Unter Software habe ich nichts deinstalliert. Vielleicht versteckt er sich ja untern einen nichts ahnenden Namen. Dort sind ein haufen Kinderspiele drauf...... Poste mal noch ein FRST LOGFILE Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Edith Adole (Administrator) auf EDITH (23-03-2017 17:12:37)
Gestartet von C:\Users\Edith Adole\Downloads
Geladene Profile: Edith Adole (Verfügbare Profile: Edith Adole)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2809072 2014-10-21] (Synaptics Incorporated)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-12-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\Run: [EPSON53AF49 (Epson Stylus Office BX620FWD)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGBU.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\RunOnce: [Application Restart #3] => C:\Users\Edith Adole\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web- (Der Dateneintrag hat 595 mehr Zeichen).
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\MountPoints2: {ac346e34-5f6a-11e5-8278-d07e35f1b26e} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-18\...\Run: [EPSON53AF49 (Epson Stylus Office BX620FWD)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGBU.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:54706;https=127.0.0.1:54706
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{375D9BE3-DCEE-4D59-9B34-7D4D0E128E9E}: [DhcpNameServer] 150.206.1.3
Tcpip\..\Interfaces\{7682B663-06A9-4D1B-937D-2897DF760201}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131150628766507258&GUID=0B50AE7A-2ED7-4FF5-87AC-008FF206976D
URLSearchHook: HKU\S-1-5-21-4183854035-1477589906-2272233396-1001 - (Kein Name) - {0740f3dd-e1f0-4ec6-8855-04f999d071fa} - C:\Program Files (x86)\DownSpeedTest_dq\bar\1.bin\dqSrcAs.dll Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4183854035-1477589906-2272233396-1001 -> {A173D964-1480-40EA-8AE1-216F92CA013A} URL =
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Edith Adole\AppData\Roaming\TomTom\HOME\Profiles\4vs5y4zp.default [2016-05-26]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-05-26] [ist nicht signiert]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-4183854035-1477589906-2272233396-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Edith Adole\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.istartpageing.com/?type=hp&ts=1449758639&z=702fb6b54e58e460a9355ccg7z4zbt8m1w4b9qfz7m&from=cvs&uid=ST1000LM024XHN-M101MBB_S30YJ9AG176371"
CHR Profile: C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default [2017-03-23]
CHR Extension: (Google Präsentationen) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-20]
CHR Extension: (Google Docs) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-20]
CHR Extension: (Google Drive) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Google-Suche) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Google Tabellen) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-20]
CHR Extension: (Google Docs Offline) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2017-01-28]
CHR Extension: (Skype) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-12-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R3 LenovoUpdate; C:\WINDOWS\System32\LenovoUpdate.exe [26608 2017-03-22] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-10-21] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [19456 2014-04-14] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (LG Electronics Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [219592 2014-08-13] (Intel Corporation)
S3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-23] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3494680 2014-12-08] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-10-21] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ACPIVPC; \SystemRoot\System32\drivers\AcpiVpc.sys [X]
S3 aswHdsKe; \??\C:\WINDOWS\system32\drivers\aswHdsKe.sys [X]
S3 KMDFVirtualKbd; \SystemRoot\System32\drivers\KMDFVirtualKbd.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-23 17:12 - 2017-03-23 17:13 - 00018949 _____ C:\Users\Edith Adole\Downloads\FRST.txt
2017-03-23 17:12 - 2017-03-23 17:12 - 02424832 _____ (Farbar) C:\Users\Edith Adole\Downloads\FRST64.exe
2017-03-23 17:12 - 2017-03-23 17:12 - 00000000 ____D C:\FRST
2017-03-23 14:17 - 2017-03-23 14:17 - 02870984 _____ (ESET) C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe
2017-03-23 14:17 - 2017-03-23 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-03-22 21:09 - 2017-03-23 16:43 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-22 21:09 - 2017-03-22 21:26 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-22 21:09 - 2017-03-22 21:26 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-22 21:08 - 2017-03-22 21:26 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-22 21:08 - 2017-03-22 21:08 - 00001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-22 21:08 - 2017-03-22 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-22 21:08 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-22 20:28 - 2017-03-22 20:29 - 00234360 _____ C:\TDSSKiller.3.1.0.12_22.03.2017_20.28.56_log.txt
2017-03-22 20:07 - 2017-03-22 20:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Edith Adole\Downloads\HijackThis.exe
2017-03-22 20:06 - 2017-03-22 21:07 - 00000000 ____D C:\ProgramData\Emsisoft
2017-03-22 19:36 - 2017-03-22 20:11 - 00000000 ____D C:\AdwCleaner
2017-03-22 19:34 - 2017-03-22 19:34 - 04031440 _____ C:\Users\Edith Adole\Downloads\AdwCleaner_6.044.exe
2017-03-22 19:32 - 2017-03-22 19:35 - 242325016 _____ (Emsisoft Ltd. ) C:\Users\Edith Adole\Downloads\EmsisoftAntiMalwareSetup.exe
2017-03-22 19:32 - 2017-03-22 19:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-22 19:32 - 2017-03-22 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-22 19:12 - 2017-03-22 19:12 - 00000000 ____D C:\Users\Edith Adole\Desktop\mbar
2017-03-22 19:10 - 2017-03-22 19:10 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-22 19:07 - 2017-03-22 19:08 - 57131432 _____ (Malwarebytes ) C:\Users\Edith Adole\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-04 12:35 - 2017-03-10 14:09 - 00000912 _____ C:\Users\Edith Adole\Desktop\nativelog.txt
2017-03-04 12:34 - 2017-03-10 14:14 - 00000000 ____D C:\Program Files (x86)\Minecraft
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-23 14:14 - 2016-07-09 17:00 - 00020709 _____ C:\IFRToolLog.txt
2017-03-23 14:14 - 2015-05-13 15:01 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4183854035-1477589906-2272233396-1001
2017-03-23 14:09 - 2015-08-05 12:51 - 00000000 ___RD C:\Users\Edith Adole\OneDrive
2017-03-23 14:09 - 2015-05-13 14:54 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-23 14:09 - 2015-05-13 14:54 - 00000000 __SHD C:\Users\Edith Adole\IntelGraphicsProfiles
2017-03-22 21:26 - 2015-02-18 14:51 - 00153336 _____ C:\WINDOWS\system32\wpbbin.exe
2017-03-22 21:26 - 2015-02-18 14:51 - 00111088 _____ (Lenovo (Beijing) Limited) C:\WINDOWS\system32\LenovoCheck.exe
2017-03-22 21:26 - 2015-02-18 14:51 - 00026608 _____ (Lenovo) C:\WINDOWS\system32\LenovoUpdate.exe
2017-03-22 21:26 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-22 20:31 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-22 20:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-22 20:18 - 2015-05-20 14:38 - 00000000 ____D C:\Program Files\AVAST Software
2017-03-22 20:18 - 2015-05-20 13:56 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-22 19:36 - 2015-05-20 14:38 - 00548928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.149020781962509
2017-03-22 19:33 - 2015-05-20 14:38 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.149020781628104
2017-03-22 19:33 - 2015-05-20 14:38 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.149020781731206
2017-03-22 19:32 - 2015-05-20 13:37 - 00000000 ____D C:\ProgramData\Skype
2017-03-22 19:32 - 2015-05-20 13:28 - 00002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-22 19:29 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-22 19:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-03-22 19:13 - 2015-02-18 15:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-22 19:10 - 2015-05-20 13:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-22 19:07 - 2015-05-13 17:13 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2AFA4B7-C37D-4042-B1A7-10A13E7F2F48}
2017-03-22 19:00 - 2015-05-26 13:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-22 18:59 - 2015-05-26 13:57 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-22 17:39 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-03-18 08:25 - 2015-05-13 14:53 - 00000000 ____D C:\Users\Edith Adole
2017-03-10 14:09 - 2015-05-14 16:58 - 00000000 ____D C:\Users\Edith Adole\AppData\Roaming\.minecraft
2017-03-10 05:34 - 2016-09-25 10:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 05:34 - 2016-09-25 10:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-18 15:56 - 2015-02-18 15:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2015-05-20 13:22 - 2014-11-21 16:18 - 0098824 _____ (McAfee Inc.) C:\Users\Edith Adole\AppData\Local\Temp\mccspuninstall.exe
2015-05-20 14:22 - 2015-05-20 14:23 - 50284752 _____ (Microsoft Corporation) C:\Users\Edith Adole\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
2016-02-28 12:22 - 2016-02-28 12:22 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct10E3.tmp.exe
2016-11-27 09:35 - 2016-11-27 09:35 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct1C13.tmp.exe
2016-09-21 10:49 - 2016-09-21 10:49 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct4D58.tmp.exe
2016-04-15 19:38 - 2016-04-15 19:39 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct61A9.tmp.exe
2016-02-09 18:50 - 2016-02-09 18:50 - 63078488 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct622C.tmp.exe
2015-08-05 20:32 - 2015-10-12 17:18 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct7CE6.tmp.exe
2016-03-09 16:15 - 2016-03-09 16:15 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct8D3C.tmp.exe
2016-07-25 13:18 - 2016-07-25 13:18 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct9C47.tmp.exe
2016-07-29 21:52 - 2016-07-29 21:52 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\octEA69.tmp.exe
2015-10-31 10:16 - 2015-10-31 10:16 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\octEE2C.tmp.exe
2016-03-12 15:04 - 2016-03-12 15:04 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\octF17C.tmp.exe
2015-08-06 15:40 - 2015-08-06 15:50 - 250550320 _____ (AMD Inc.) C:\Users\Edith Adole\AppData\Local\Temp\tmp9BA0.exe
2015-05-20 12:12 - 2015-05-20 12:12 - 0061981 _____ () C:\Users\Edith Adole\AppData\Local\Temp\Uninstall.exe
2017-03-22 19:12 - 2017-03-22 19:28 - 14456872 _____ (Microsoft Corporation) C:\Users\Edith Adole\AppData\Local\Temp\vc_redist.x86.exe
2015-10-07 15:03 - 2016-09-06 15:01 - 0653105 _____ () C:\Users\Edith Adole\AppData\Local\Temp\_cdstarterbasic1.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-22 18:57
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Edith Adole (23-03-2017 17:13:38)
Gestartet von C:\Users\Edith Adole\Downloads
Windows 8.1 (Update) (X64) (2015-05-13 13:52:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4183854035-1477589906-2272233396-500 - Administrator - Disabled)
Edith Adole (S-1-5-21-4183854035-1477589906-2272233396-1001 - Administrator - Enabled) => C:\Users\Edith Adole
Gast (S-1-5-21-4183854035-1477589906-2272233396-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4183854035-1477589906-2272233396-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A Dwarf's Story (HKLM-x32\...\BFG-A Dwarf's Story) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E13CC139-F76A-FD1B-7348-7FF200715B65}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Beetle Ju 2 (HKLM-x32\...\Beetle Ju 2) (Version: - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Brickshooter Egypt (HKLM-x32\...\BFG-Brickshooter Egypt) (Version: - )
Bubble Snooker (HKLM-x32\...\Bubble Snooker) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.52 - Conexant)
Cradle of Rome 2 (HKLM-x32\...\BFG-Cradle of Rome 2) (Version: - )
Cursed House 3 (HKLM-x32\...\BFG-Cursed House 3) (Version: - )
Das Rettungsteam 5 (HKLM-x32\...\BFG-Das Rettungsteam 5) (Version: - )
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: - )
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Fishdom (HKLM-x32\...\BFG-Fishdom) (Version: - )
Goldfield (VOLLVERSION) (HKLM-x32\...\Goldfield (VOLLVERSION)) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gummy Drop! (HKLM-x32\...\BFG-Gummy Drop!) (Version: - )
Hühner-Rache (VOLLVERSION) (HKLM-x32\...\Hühner-Rache (VOLLVERSION)) (Version: - )
Imperial Island 3 (HKLM-x32\...\BFG-Imperial Island 3) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5BC2A343-DED5-40E8-8F64-472FD74D80EA}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jumping Jeff (HKLM-x32\...\Jumping Jeff) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10292 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
LG United Mobile Drivers (HKLM-x32\...\{8070D005-E454-4F1E-B85C-81EF31B58C35}) (Version: 3.11.2.0 - LG Electronics)
Luxor Amun Rising (HKLM-x32\...\BFG-Luxor Amun Rising) (Version: - )
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metal Chicken (HKLM-x32\...\Metal Chicken) (Version: - )
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MoorhuhnX (HKLM-x32\...\BFG-MoorhuhnX) (Version: - )
Next Stop 2 (HKLM-x32\...\BFG-Next Stop 2) (Version: - )
OEM Application Profile (HKLM-x32\...\{B7A04A71-5DDD-9FA5-66ED-C3CC33152388}) (Version: 1.00.0000 - Ihr Firmenname)
Planet Zet (VOLLVERSION) (HKLM-x32\...\Planet Zet (VOLLVERSION)) (Version: - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Shadowplay: Die Inkarnation des Bösen Sammleredition (HKLM-x32\...\BFG-Shadowplay - Die Inkarnation des Bösen Sammleredition) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.132 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Travel Riddles: Trip to India (HKLM-x32\...\BFG-Travel Riddles - Trip to India) (Version: - )
Unity Web Player (HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Whispered Secrets: Ewiges Feuer Sammleredition (HKLM-x32\...\BFG-Whispered Secrets - Ewiges Feuer Sammleredition) (Version: - )
World of Tanks (HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {112A1A05-23DB-4918-867E-B9EFF243FA18} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {317EAEBE-7AA5-4331-969D-327B452B35A2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {420B9A6A-E36F-4C7B-AC7E-F6E43C559EB9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {4239A3AF-1AA2-4909-9B52-2AC644FEA490} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {545492C9-DE14-420E-8CF3-E8CEFD2F55F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {5AD630C4-181B-438A-B3D9-C284957F8B7D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {7EA742F9-D9B9-4EC1-A349-8A394986842F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {93A5E216-699C-43B0-A4CC-FD32DE9DA4CC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {93BF74A8-CF14-4D90-B154-3FC813FE1451} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {984C9EFC-975F-49A7-A790-FBF33ACBE989} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {ACC1CEFA-CAAC-4ECF-BF4F-0261393DA134} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CA260D2F-4D66-4311-B620-F6A4F8F8CC77} - System32\Tasks\{FB43510D-0E15-42AA-8AF0-050513636E88} => pcalua.exe -a "C:\Program Files (x86)\Lenovo\VisualDiscovery\uninstall.exe"
Task: {CF3C311A-5D97-4ADD-9E4A-A8CB61121FC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {D1522440-7CDF-4846-92A7-C4C14D6FD1D5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E132739B-D60A-4ED7-9D3D-D5BA273D9C5A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {E62EE9E0-1336-44D6-A3FE-0303B5A00FDC} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Edith Adole\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-03-22 19:10 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-22 19:10 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-02-18 16:45 - 2014-10-22 10:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-02-18 07:36 - 2016-12-06 23:22 - 00401904 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-02-18 16:45 - 2014-10-22 10:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2014-09-03 11:03 - 2014-09-03 11:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-10 19:34 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-10 19:34 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:036B81D9 [193]
AlternateDataStreams: C:\ProgramData\Temp:0778CBF2 [102]
AlternateDataStreams: C:\ProgramData\Temp:160ADF0B [284]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:39D79675 [133]
AlternateDataStreams: C:\ProgramData\Temp:473A733D [144]
AlternateDataStreams: C:\ProgramData\Temp:4B4D7EF3 [147]
AlternateDataStreams: C:\ProgramData\Temp:73781C4C [124]
AlternateDataStreams: C:\ProgramData\Temp:797D4F54 [290]
AlternateDataStreams: C:\ProgramData\Temp:8277EEB5 [110]
AlternateDataStreams: C:\ProgramData\Temp:9B711F92 [149]
AlternateDataStreams: C:\ProgramData\Temp:CB3F19A5 [146]
AlternateDataStreams: C:\ProgramData\Temp:D8936165 [146]
AlternateDataStreams: C:\ProgramData\Temp:F1175E1D [147]
AlternateDataStreams: C:\ProgramData\Temp:F3029A65 [124]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "DownSpeedTest AppIntegrator 64-bit"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\StartupFolder: => "hqghumeaylnlf.lnk"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "EPSON53AF49 (Epson Stylus Office BX620FWD)"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C8471C9-F54E-411F-B088-8B09B00A4D70}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4B199FC5-BBED-42C8-A97D-ABB0BFFE5026}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{1843ABD5-A9EE-4423-90E0-EFCFC4C64147}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{D3E149EE-6B04-421C-81A8-93F2B7D49118}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{3B29D421-3D48-4BD8-BC07-3426EB30AB61}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{D9143FE6-D072-4E97-AFE0-60DF3922DC9F}] => (Allow) LPort=55100
FirewallRules: [{0D525D0D-76AA-446A-A8E2-959B3431E62F}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{42D3A887-DAB5-4EA2-8884-E0544263B6C5}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{25A0F24F-9A34-47FB-B960-0786CCD543B2}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{81BF6A79-4F0A-4E1C-BCA1-3D082DA113ED}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1014B9C7-AD91-4CC2-A9D1-A5EF35AC35DE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{51D9A018-8727-45B8-BF67-B97840CB39F1}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{CB7FAC6C-862B-4EBF-8683-81929A0C02E5}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{6E994FC8-A272-43FF-A50C-A710328264AE}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{528037C6-450C-424C-9A7C-6A5BAC1DE462}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{A261D12E-DAB2-4610-9014-23EDC48E8B7E}C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{48E5CAA9-90FB-4342-B1FF-65A1B8564EBA}C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{13AC6F7C-9527-40C4-983D-C74590B12C1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
04-03-2017 12:24:48 Windows Update
10-03-2017 14:03:24 Windows Update
22-03-2017 18:58:52 Windows Update
22-03-2017 19:37:14 Revo Uninstaller's restore point - Avast Free Antivirus
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/23/2017 02:19:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:18:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:14:56 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/23/2017 02:14:56 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/23/2017 02:14:23 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (03/23/2017 02:14:22 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Systemfehler:
=============
Error: (03/23/2017 02:19:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/23/2017 02:19:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDITHA~1\AppData\Local\Temp\ehdrv.sys
Error: (03/23/2017 02:19:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/23/2017 02:19:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDITHA~1\AppData\Local\Temp\ehdrv.sys
Error: (03/23/2017 02:19:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/23/2017 02:19:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDITHA~1\AppData\Local\Temp\ehdrv.sys
Error: (03/22/2017 09:27:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.30
registriert werden. Der Computer mit IP-Adresse 192.168.0.28 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (03/22/2017 09:26:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMChameleon" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/22/2017 09:25:31 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4183854035-1477589906-2272233396-1001-03222017212531188-ntuser.dat
Error: (03/22/2017 09:22:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMChameleon" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity:
===================================
Date: 2016-01-04 16:47:55.746
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:55.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:55.468
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:55.322
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:54.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:54.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:54.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:53.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:53.784
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:53.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8106.45 MB
Verfügbarer physikalischer RAM: 5620.14 MB
Summe virtueller Speicher: 9386.45 MB
Verfügbarer virtueller Speicher: 6854.81 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:889.31 GB) (Free:809.98 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.86 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9FB829DD)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
23.03.2017, 17:26
| #2 |
 | IStartPageeing entfernen..... Bist im Falschen Unterforum gelandet. Musst eine Etage höher.
__________________ Zu log und Analyse oder Plagegeister |
|
23.03.2017, 17:29
| #3 |
| Gesperrt   | IStartPageeing entfernen..... Melde dich mal hier damit: http://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/ Alternative weil der Laptop deines Kumpels wohl ja schon öfters verseucht war: Datensicherung machen, Partitionen löschen, Festplatte formatieren, Partitionen neu erstellen und dan Windows und Programme usw alles komplett neu aufspielen.
__________________ |
|
23.03.2017, 17:46
| #4 |
| | IStartPageeing entfernen..... Mhh kann man/jemand den Beitrag dann irgendwie verschieben`? EDIT: Hat sich erledigt. Habe jetzt einen neuen Eintrag geschrieben.... Geändert von calimero100 (23.03.2017 um 17:53 Uhr) |
|
23.03.2017, 17:55
| #5 | ||
| /// TB-Ausbilder   | IStartPageeing entfernen.....Zitat:
Zitat:
|
|
23.03.2017, 17:56
| #6 |
| /// TB-Ausbilder | IStartPageeing entfernen..... Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
23.03.2017, 18:13
| #7 |
| | IStartPageeing entfernen.....Code:
ATTFilter 20:28:56.0247 0x0264 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
20:28:56.0247 0x0264 UEFI system
20:29:04.0440 0x0264 ============================================================
20:29:04.0440 0x0264 Current date / time: 2017/03/22 20:29:04.0440
20:29:04.0440 0x0264 SystemInfo:
20:29:04.0440 0x0264
20:29:04.0440 0x0264 OS Version: 6.3.9600 ServicePack: 0.0
20:29:04.0440 0x0264 Product type: Workstation
20:29:04.0440 0x0264 ComputerName: EDITH
20:29:04.0441 0x0264 UserName: Edith Adole
20:29:04.0441 0x0264 Windows directory: C:\WINDOWS
20:29:04.0441 0x0264 System windows directory: C:\WINDOWS
20:29:04.0441 0x0264 Running under WOW64
20:29:04.0441 0x0264 Processor architecture: Intel x64
20:29:04.0441 0x0264 Number of processors: 4
20:29:04.0441 0x0264 Page size: 0x1000
20:29:04.0441 0x0264 Boot type: Normal boot
20:29:04.0441 0x0264 CodeIntegrityOptions = 0x00000001
20:29:04.0441 0x0264 ============================================================
20:29:05.0478 0x0264 KLMD registered as C:\WINDOWS\system32\drivers\94225931.sys
20:29:05.0480 0x0264 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
20:29:05.0911 0x0264 System UUID: {5EE2D6B6-88F1-36D1-459F-25986EC74A5F}
20:29:06.0800 0x0264 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:29:06.0806 0x0264 ============================================================
20:29:06.0806 0x0264 \Device\Harddisk0\DR0:
20:29:06.0806 0x0264 GPT partitions:
20:29:06.0807 0x0264 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3501FD90-335A-42D9-8305-35F3082BB291}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:29:06.0807 0x0264 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {92F5837C-02BA-46E8-9715-F0837735FE19}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:29:06.0807 0x0264 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {A2838FBD-0935-4ACD-944D-F43F8E880B42}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:29:06.0807 0x0264 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {497DD7F0-ADAC-4632-ABF1-BE8C0E5E34AB}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:29:06.0807 0x0264 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4B75A246-0D3F-4CFB-A1A0-0E2C50F2A18C}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F29E800
20:29:06.0807 0x0264 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1E5EDA88-08CD-4AE5-BA51-8AE82AC909A4}, Name: Basic data partition, StartLBA 0x6F749000, BlocksNum 0x3200000
20:29:06.0807 0x0264 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2B4A93EB-5221-4856-9936-D48DA5544BAB}, Name: Basic data partition, StartLBA 0x72949000, BlocksNum 0x1DBD800
20:29:06.0807 0x0264 MBR partitions:
20:29:06.0807 0x0264 ============================================================
20:29:06.0830 0x0264 C: <-> \Device\Harddisk0\DR0\Partition5
20:29:06.0884 0x0264 D: <-> \Device\Harddisk0\DR0\Partition6
20:29:06.0884 0x0264 ============================================================
20:29:06.0885 0x0264 Initialize success
20:29:06.0885 0x0264 ============================================================
20:29:08.0956 0x150c ============================================================
20:29:08.0956 0x150c Scan started
20:29:08.0956 0x150c Mode: Manual;
20:29:08.0956 0x150c ============================================================
20:29:08.0956 0x150c KSN ping started
20:29:09.0492 0x150c KSN ping finished: true
20:29:15.0385 0x150c ================ Scan system memory ========================
20:29:15.0385 0x150c System memory - ok
20:29:15.0385 0x150c ================ Scan services =============================
20:29:15.0718 0x150c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
20:29:15.0733 0x150c 1394ohci - ok
20:29:15.0753 0x150c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
20:29:15.0755 0x150c 3ware - ok
20:29:16.0544 0x150c [ 6FC2CF8C3891CC310CCE3FC1AE146667, DB7C728DF4845F3D9E7A1E7B7596829CFB864B300CDEF79F4C4F2283861EBD1B ] a2AntiMalware C:\Program Files\Emsisoft Anti-Malware\a2service.exe
20:29:16.0728 0x150c a2AntiMalware - ok
20:29:16.0782 0x150c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
20:29:16.0798 0x150c ACPI - ok
20:29:16.0814 0x150c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
20:29:16.0816 0x150c acpiex - ok
20:29:16.0829 0x150c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
20:29:16.0830 0x150c acpipagr - ok
20:29:16.0847 0x150c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
20:29:16.0848 0x150c AcpiPmi - ok
20:29:16.0866 0x150c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
20:29:16.0867 0x150c acpitime - ok
20:29:16.0870 0x150c ACPIVPC - ok
20:29:16.0903 0x150c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:29:16.0917 0x150c ADP80XX - ok
20:29:16.0951 0x150c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
20:29:16.0955 0x150c AeLookupSvc - ok
20:29:16.0989 0x150c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
20:29:16.0998 0x150c AFD - ok
20:29:17.0012 0x150c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
20:29:17.0014 0x150c agp440 - ok
20:29:17.0041 0x150c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:29:17.0043 0x150c ahcache - ok
20:29:17.0070 0x150c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
20:29:17.0073 0x150c ALG - ok
20:29:17.0105 0x150c [ A4D0AA2C4560131CF4D1D1D9A2190FED, 49D6B99CC9DE0ED5F284449A5C51B4F515448F20E71066B0B7B4CB20337CD12C ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:29:17.0113 0x150c AMD External Events Utility - ok
20:29:17.0155 0x150c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
20:29:17.0170 0x150c AmdK8 - ok
20:29:17.0827 0x150c [ ED07B84A0B3C5973942C6BCF76E95D21, A11E79459101236F52624DC06AA292E425D0B3601A6B3B5640CE0FB76611E9A4 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
20:29:18.0474 0x150c amdkmdag - ok
20:29:18.0544 0x150c [ E556FEB992C710C279296F4B708A6B74, A56D0A0B44750F4F73384B41519A8933F50440287A4509F008C57825C28D69F5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:29:18.0563 0x150c amdkmdap - ok
20:29:18.0588 0x150c [ 5878E12EE33DC8BF2E79DEE7A802EFCA, 7D7BCC2E4BD33F84F9B8D950094EB3AE016BD16844F2CD8D28F5A4BEEDF6FBDC ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
20:29:18.0590 0x150c amdkmpfd - ok
20:29:18.0609 0x150c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
20:29:18.0613 0x150c AmdPPM - ok
20:29:18.0627 0x150c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
20:29:18.0629 0x150c amdsata - ok
20:29:18.0645 0x150c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
20:29:18.0652 0x150c amdsbs - ok
20:29:18.0672 0x150c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
20:29:18.0674 0x150c amdxata - ok
20:29:18.0692 0x150c [ 1466CB9EFE3E45C22F9A41C9DF810F57, DDE6CE5FCA9419E966FD5B24EC8958EBE9844562EA305F06E862BA282D65B122 ] AndnetBus C:\WINDOWS\System32\drivers\lgandnetbus64.sys
20:29:18.0693 0x150c AndnetBus - ok
20:29:18.0719 0x150c [ 05883FB887B8237E384ADDBA0EE4BEFE, 082095000FB76CB12C1B7DB217C9959E6083CA3BB2ACE7DB5A538E9E2FBC5FF0 ] AndNetDiag C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys
20:29:18.0720 0x150c AndNetDiag - ok
20:29:18.0739 0x150c [ 984BC484E1B86A0327D1C0400F5D95FA, 7906471A62C45E718EAEEE05761CE09FD09A677B9EBD6DA2BB6B32DAD6808E1C ] ANDNetModem C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys
20:29:18.0740 0x150c ANDNetModem - ok
20:29:18.0772 0x150c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
20:29:18.0775 0x150c AppID - ok
20:29:18.0830 0x150c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
20:29:18.0834 0x150c AppIDSvc - ok
20:29:18.0881 0x150c [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\WINDOWS\System32\appinfo.dll
20:29:18.0889 0x150c Appinfo - ok
20:29:18.0934 0x150c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
20:29:18.0950 0x150c AppReadiness - ok
20:29:19.0025 0x150c [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
20:29:19.0062 0x150c AppXSvc - ok
20:29:19.0083 0x150c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
20:29:19.0086 0x150c arcsas - ok
20:29:19.0090 0x150c aswHdsKe - ok
20:29:19.0102 0x150c [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:29:19.0104 0x150c AsyncMac - ok
20:29:19.0117 0x150c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
20:29:19.0118 0x150c atapi - ok
20:29:19.0154 0x150c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:29:19.0162 0x150c AudioEndpointBuilder - ok
20:29:19.0201 0x150c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
20:29:19.0228 0x150c Audiosrv - ok
20:29:19.0262 0x150c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
20:29:19.0265 0x150c AxInstSV - ok
20:29:19.0284 0x150c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
20:29:19.0301 0x150c b06bdrv - ok
20:29:19.0316 0x150c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:29:19.0318 0x150c BasicDisplay - ok
20:29:19.0329 0x150c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
20:29:19.0331 0x150c BasicRender - ok
20:29:19.0359 0x150c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
20:29:19.0360 0x150c bcmfn2 - ok
20:29:19.0399 0x150c [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\WINDOWS\System32\bdesvc.dll
20:29:19.0408 0x150c BDESVC - ok
20:29:19.0425 0x150c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:29:19.0426 0x150c Beep - ok
20:29:19.0471 0x150c [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\WINDOWS\System32\bfe.dll
20:29:19.0493 0x150c BFE - ok
20:29:19.0558 0x150c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
20:29:19.0579 0x150c BITS - ok
20:29:19.0613 0x150c [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
20:29:19.0616 0x150c bowser - ok
20:29:19.0644 0x150c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:29:19.0650 0x150c BrokerInfrastructure - ok
20:29:19.0685 0x150c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
20:29:19.0687 0x150c Browser - ok
20:29:19.0715 0x150c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:29:19.0717 0x150c BthAvrcpTg - ok
20:29:19.0765 0x150c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
20:29:19.0767 0x150c BthEnum - ok
20:29:19.0794 0x150c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
20:29:19.0796 0x150c BthHFEnum - ok
20:29:19.0807 0x150c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
20:29:19.0808 0x150c bthhfhid - ok
20:29:19.0841 0x150c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
20:29:19.0848 0x150c BthHFSrv - ok
20:29:19.0872 0x150c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
20:29:19.0877 0x150c BthLEEnum - ok
20:29:19.0894 0x150c [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
20:29:19.0896 0x150c BTHMODEM - ok
20:29:19.0932 0x150c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
20:29:19.0935 0x150c BthPan - ok
20:29:19.0996 0x150c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
20:29:20.0020 0x150c BTHPORT - ok
20:29:20.0048 0x150c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
20:29:20.0051 0x150c bthserv - ok
20:29:20.0082 0x150c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
20:29:20.0085 0x150c BTHUSB - ok
20:29:20.0183 0x150c [ 01E4118E5850159F988EB4C54069B4CC, 980773022D70440FBEF5D8B747C5D40E6496F1CBCD886DE9F441E171507A48C5 ] CCSDK C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
20:29:20.0194 0x150c CCSDK - ok
20:29:20.0208 0x150c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:29:20.0211 0x150c cdfs - ok
20:29:20.0229 0x150c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
20:29:20.0233 0x150c cdrom - ok
20:29:20.0265 0x150c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
20:29:20.0268 0x150c CertPropSvc - ok
20:29:20.0287 0x150c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
20:29:20.0289 0x150c circlass - ok
20:29:20.0333 0x150c [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
20:29:20.0342 0x150c CLFS - ok
20:29:20.0376 0x150c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
20:29:20.0377 0x150c CmBatt - ok
20:29:20.0398 0x150c [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
20:29:20.0412 0x150c CNG - ok
20:29:20.0537 0x150c [ 38FB50952621B66F64CE8478293D9181, 74C615117404393ED8249196907477CF5954E7CA99DA18844619C9587B721351 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
20:29:20.0567 0x150c CnxtHdAudService - ok
20:29:20.0583 0x150c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
20:29:20.0586 0x150c CompositeBus - ok
20:29:20.0589 0x150c COMSysApp - ok
20:29:20.0606 0x150c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
20:29:20.0608 0x150c condrv - ok
20:29:20.0676 0x150c [ 783B27E61AB4CD2A04025B095DD5FDE1, 85239CC8032B73646609D1730ED451FAB670867772F83D2DD727B6D9236303CD ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:29:20.0684 0x150c cphs - ok
20:29:20.0724 0x150c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
20:29:20.0728 0x150c CryptSvc - ok
20:29:20.0757 0x150c [ 07F3534C07C5110E9A424C04634C4A8D, 39F97C8A8610A4EFB83A41E490BBDC19261A52DC9827645C1331EFC958F2EDF1 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
20:29:20.0762 0x150c CxAudMsg - ok
20:29:20.0768 0x150c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
20:29:20.0770 0x150c dam - ok
20:29:20.0795 0x150c [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
20:29:20.0798 0x150c dc3d - ok
20:29:20.0851 0x150c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:29:20.0872 0x150c DcomLaunch - ok
20:29:20.0906 0x150c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
20:29:20.0924 0x150c defragsvc - ok
20:29:20.0960 0x150c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:29:20.0973 0x150c DeviceAssociationService - ok
20:29:21.0003 0x150c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
20:29:21.0008 0x150c DeviceInstall - ok
20:29:21.0068 0x150c [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
20:29:21.0120 0x150c Dfsc - ok
20:29:21.0176 0x150c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
20:29:21.0190 0x150c Dhcp - ok
20:29:21.0292 0x150c [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
20:29:21.0330 0x150c DiagTrack - ok
20:29:21.0364 0x150c [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\WINDOWS\system32\drivers\disk.sys
20:29:21.0367 0x150c disk - ok
20:29:21.0396 0x150c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
20:29:21.0397 0x150c dmvsc - ok
20:29:21.0424 0x150c [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:29:21.0431 0x150c Dnscache - ok
20:29:21.0461 0x150c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
20:29:21.0469 0x150c dot3svc - ok
20:29:21.0495 0x150c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
20:29:21.0500 0x150c DPS - ok
20:29:21.0519 0x150c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:29:21.0521 0x150c drmkaud - ok
20:29:21.0549 0x150c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
20:29:21.0555 0x150c DsmSvc - ok
20:29:21.0641 0x150c [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:29:21.0678 0x150c DXGKrnl - ok
20:29:21.0710 0x150c [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
20:29:21.0724 0x150c e1iexpress - ok
20:29:21.0756 0x150c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
20:29:21.0762 0x150c Eaphost - ok
20:29:21.0869 0x150c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
20:29:21.0953 0x150c ebdrv - ok
20:29:21.0992 0x150c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
20:29:21.0995 0x150c EFS - ok
20:29:22.0016 0x150c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
20:29:22.0019 0x150c EhStorClass - ok
20:29:22.0041 0x150c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:29:22.0045 0x150c EhStorTcgDrv - ok
20:29:22.0253 0x150c [ 0E840AA66CAB02CBA9730C772BBE305B, 8862583E653D13D1D10A1A4A33704E4F70576E80370943AAFD1EAED6657A0104 ] epp C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys
20:29:22.0256 0x150c epp - ok
20:29:22.0275 0x150c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
20:29:22.0286 0x150c ErrDev - ok
20:29:22.0329 0x150c [ ACB81E9F20882D2D2BEC7FF626E090AE, AC0329CFFD4429303B9484A3BB3E9CAE4FC937B66A62A9194C39CCD5012328F1 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
20:29:22.0331 0x150c ESProtectionDriver - ok
20:29:22.0387 0x150c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
20:29:22.0401 0x150c EventSystem - ok
20:29:22.0522 0x150c [ ADAC76188512444B5D351EDDEB3A392B, 1C8D6B98C6A1361B0E8E55D8C95E1ECAD41E18B8987F9D78AAFCDEDB3B05CDDF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:29:22.0540 0x150c EvtEng - ok
20:29:22.0594 0x150c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
20:29:22.0603 0x150c exfat - ok
20:29:22.0619 0x150c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
20:29:22.0625 0x150c fastfat - ok
20:29:22.0681 0x150c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
20:29:22.0713 0x150c Fax - ok
20:29:22.0732 0x150c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
20:29:22.0734 0x150c fdc - ok
20:29:22.0765 0x150c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
20:29:22.0767 0x150c fdPHost - ok
20:29:22.0779 0x150c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
20:29:22.0781 0x150c FDResPub - ok
20:29:22.0838 0x150c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
20:29:22.0846 0x150c fhsvc - ok
20:29:22.0860 0x150c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
20:29:22.0862 0x150c FileInfo - ok
20:29:22.0869 0x150c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
20:29:22.0871 0x150c Filetrace - ok
20:29:22.0889 0x150c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
20:29:22.0891 0x150c flpydisk - ok
20:29:22.0930 0x150c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:29:22.0939 0x150c FltMgr - ok
20:29:23.0000 0x150c [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\WINDOWS\system32\FntCache.dll
20:29:23.0035 0x150c FontCache - ok
20:29:23.0122 0x150c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:29:23.0123 0x150c FontCache3.0.0.0 - ok
20:29:23.0161 0x150c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
20:29:23.0169 0x150c FsDepends - ok
20:29:23.0193 0x150c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:29:23.0194 0x150c Fs_Rec - ok
20:29:23.0325 0x150c [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:29:23.0342 0x150c fvevol - ok
20:29:23.0362 0x150c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
20:29:23.0363 0x150c FxPPM - ok
20:29:23.0374 0x150c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
20:29:23.0376 0x150c gagp30kx - ok
20:29:23.0397 0x150c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
20:29:23.0399 0x150c gencounter - ok
20:29:23.0424 0x150c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:29:23.0428 0x150c GPIOClx0101 - ok
20:29:23.0494 0x150c [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
20:29:23.0531 0x150c gpsvc - ok
20:29:23.0629 0x150c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:23.0632 0x150c gupdate - ok
20:29:23.0648 0x150c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:23.0652 0x150c gupdatem - ok
20:29:23.0813 0x150c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:29:23.0829 0x150c HdAudAddService - ok
20:29:23.0860 0x150c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
20:29:23.0862 0x150c HDAudBus - ok
20:29:23.0873 0x150c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
20:29:23.0875 0x150c HidBatt - ok
20:29:23.0906 0x150c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
20:29:23.0909 0x150c HidBth - ok
20:29:23.0918 0x150c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
20:29:23.0920 0x150c hidi2c - ok
20:29:23.0925 0x150c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
20:29:23.0927 0x150c HidIr - ok
20:29:23.0950 0x150c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
20:29:23.0952 0x150c hidserv - ok
20:29:23.0988 0x150c [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
20:29:23.0989 0x150c HidUsb - ok
20:29:24.0017 0x150c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
20:29:24.0021 0x150c hkmsvc - ok
20:29:24.0056 0x150c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:29:24.0063 0x150c HomeGroupListener - ok
20:29:24.0110 0x150c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:29:24.0132 0x150c HomeGroupProvider - ok
20:29:24.0165 0x150c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
20:29:24.0170 0x150c HpSAMD - ok
20:29:24.0245 0x150c [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
20:29:24.0274 0x150c HTTP - ok
20:29:24.0290 0x150c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
20:29:24.0291 0x150c hwpolicy - ok
20:29:24.0305 0x150c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
20:29:24.0321 0x150c hyperkbd - ok
20:29:24.0340 0x150c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:29:24.0341 0x150c HyperVideo - ok
20:29:24.0375 0x150c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
20:29:24.0378 0x150c i8042prt - ok
20:29:24.0384 0x150c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:29:24.0386 0x150c iaLPSSi_GPIO - ok
20:29:24.0392 0x150c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:29:24.0395 0x150c iaLPSSi_I2C - ok
20:29:24.0460 0x150c [ BA2C068FC92EF7232527FC66566F08FB, C25644A7F286F724181363C21D006A02D651D2B819086F7490B7F4B7869D1DF3 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
20:29:24.0493 0x150c iaStorA - ok
20:29:24.0561 0x150c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
20:29:24.0583 0x150c iaStorAV - ok
20:29:24.0620 0x150c [ 6C99DF5B6A6EB1D8D6F3FD60A0C614D6, 66147DE733FDAEF14660663764E90313E7A2CE3C6467ABAB99F71D00B96C4EB3 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:29:24.0621 0x150c IAStorDataMgrSvc - ok
20:29:24.0742 0x150c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
20:29:24.0766 0x150c iaStorV - ok
20:29:24.0849 0x150c [ 351282A1CA1D8921028C3F653746FA20, F0C256880C6B638AF8F0EBC5D281C432090FC1DCA98E0A8F908C98EF446EF627 ] ibtsiva.exe C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
20:29:24.0851 0x150c ibtsiva.exe - ok
20:29:24.0922 0x150c [ 9C8AB34D88A61878D4A72FD55ED65674, CC109CDA60A0CE5E31509B02D4BB8F8906C405089D84D4A8570C42E0D6DC8E49 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
20:29:24.0932 0x150c ibtusb - ok
20:29:24.0963 0x150c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:29:24.0969 0x150c ICCS - ok
20:29:24.0975 0x150c IEEtwCollectorService - ok
20:29:25.0712 0x150c [ 03731DE00221D9983EBEFEDFB50778B5, 7D54969E1712F921A6C14A4795CB0F511E2979E206689EFF35C504C961E678D2 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:29:25.0905 0x150c igfx - ok
20:29:26.0000 0x150c [ D732F09C7B11AE0BB744171B48CEEE9C, 2D002758D2CA17FC19440EE0515513538589FD66E8941E60E4587A7DE5A2AFBF ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
20:29:26.0007 0x150c igfxCUIService2.0.0.0 - ok
20:29:26.0162 0x150c [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\WINDOWS\System32\ikeext.dll
20:29:26.0203 0x150c IKEEXT - ok
20:29:26.0239 0x150c [ AFA7F1696B431C07729E9BF2565D6045, 77966485A23581C079A480BEC13982AB926F5C62686F48A44F8C562B3C67745B ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
20:29:26.0241 0x150c intaud_WaveExtensible - ok
20:29:26.0276 0x150c [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:29:26.0285 0x150c IntcDAud - ok
20:29:26.0338 0x150c [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:29:26.0357 0x150c Intel(R) Capability Licensing Service TCP IP Interface - ok
20:29:26.0383 0x150c [ 1438FAF5C809BD7DB517CC9785018B3E, 093918B88CFCB72DED5F3D6DB968EAFA21EEC5A4E0F396BEE9C1D093CA9FCCAB ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
20:29:26.0386 0x150c Intel(R) ME Service - ok
20:29:26.0404 0x150c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
20:29:26.0417 0x150c intelide - ok
20:29:26.0444 0x150c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
20:29:26.0446 0x150c intelpep - ok
20:29:26.0456 0x150c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
20:29:26.0459 0x150c intelppm - ok
20:29:26.0478 0x150c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:29:26.0480 0x150c IpFilterDriver - ok
20:29:26.0525 0x150c [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
20:29:26.0542 0x150c iphlpsvc - ok
20:29:26.0570 0x150c [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:29:26.0611 0x150c IPMIDRV - ok
20:29:26.0638 0x150c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
20:29:26.0647 0x150c IPNAT - ok
20:29:26.0681 0x150c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
20:29:26.0683 0x150c IRENUM - ok
20:29:26.0703 0x150c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
20:29:26.0706 0x150c isapnp - ok
20:29:26.0957 0x150c [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
20:29:26.0974 0x150c iScsiPrt - ok
20:29:27.0034 0x150c [ EC62720A72C1ACD6AB638C0D7D10F431, CB1DC7A7E2247C11D4F40041F889786CD20E0C5CF6EEDFC320F8E9646E974C07 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
20:29:27.0037 0x150c iumsvc - ok
20:29:27.0080 0x150c [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
20:29:27.0092 0x150c iwdbus - ok
20:29:27.0173 0x150c [ 9BF27BE5D9F87E556BF4269025703E4D, A4BF5514BD6FFA9FEA5AF4DCCCB92DEB93261731A4B5814177D2680883D0C09A ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:29:27.0176 0x150c jhi_service - ok
20:29:27.0202 0x150c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
20:29:27.0213 0x150c kbdclass - ok
20:29:27.0218 0x150c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
20:29:27.0219 0x150c kbdhid - ok
20:29:27.0223 0x150c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:29:27.0224 0x150c kdnic - ok
20:29:27.0239 0x150c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
20:29:27.0241 0x150c KeyIso - ok
20:29:27.0244 0x150c KMDFVirtualKbd - ok
20:29:27.0272 0x150c [ 23E3E79A244E63F416A89640359C78B3, 721EBE47CF5617762DA16E0450B5B2DA857F9B04EA3D167770E2A8CA9D31C77C ] KMDFVirtualMouse C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys
20:29:27.0289 0x150c KMDFVirtualMouse - ok
20:29:27.0320 0x150c [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
20:29:27.0323 0x150c KSecDD - ok
20:29:27.0359 0x150c [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:29:27.0363 0x150c KSecPkg - ok
20:29:27.0381 0x150c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
20:29:27.0382 0x150c ksthunk - ok
20:29:27.0412 0x150c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
20:29:27.0419 0x150c KtmRm - ok
20:29:27.0466 0x150c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
20:29:27.0475 0x150c LanmanServer - ok
20:29:27.0511 0x150c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:29:27.0521 0x150c LanmanWorkstation - ok
20:29:27.0541 0x150c [ 181B70F7007918ACAD0CC96F261C9B77, 1A4206A8CDDA4FCCB9CC9429CCF2236AD2439C10F7B9B0A6162127968443AC84 ] LenovoUpdate C:\WINDOWS\system32\LenovoUpdate.exe
20:29:27.0543 0x150c LenovoUpdate - ok
20:29:27.0641 0x150c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
20:29:27.0667 0x150c lfsvc - ok
20:29:27.0695 0x150c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:29:27.0706 0x150c lltdio - ok
20:29:27.0742 0x150c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
20:29:27.0749 0x150c lltdsvc - ok
20:29:27.0781 0x150c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
20:29:27.0783 0x150c lmhosts - ok
20:29:27.0841 0x150c [ E4267604E975EF4BBB1A39A1B4F5B3CB, 4FC4D213A209F96893819EC7971BEA9651BAF4BF999304FB20556ACF98ADBB9C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:29:27.0849 0x150c LMS - ok
20:29:27.0869 0x150c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
20:29:27.0881 0x150c LSI_SAS - ok
20:29:27.0895 0x150c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:29:27.0897 0x150c LSI_SAS2 - ok
20:29:27.0918 0x150c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:29:27.0920 0x150c LSI_SAS3 - ok
20:29:27.0925 0x150c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
20:29:27.0927 0x150c LSI_SSS - ok
20:29:27.0972 0x150c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
20:29:28.0001 0x150c LSM - ok
20:29:28.0022 0x150c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
20:29:28.0024 0x150c luafv - ok
20:29:28.0082 0x150c [ 835E1D6B5835EF70FC3BDF93ED42243A, 0025D232ED0FF9A572F8004094CFE21F62070DB832398345425554334E036DA6 ] MBAMChameleon C:\WINDOWS\system32\drivers\MBAMChameleon.sys
20:29:28.0086 0x150c MBAMChameleon - ok
20:29:28.0144 0x150c [ E8E0D53AA910D8BC60A403E77DBA9B8C, D86EE7F845DB20230A036C26383A6F4314F80489A1D15C2A969A0C3C63706B7D ] MBAMFarflt C:\WINDOWS\system32\drivers\farflt.sys
20:29:28.0146 0x150c MBAMFarflt - ok
20:29:28.0171 0x150c [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection C:\WINDOWS\system32\drivers\mbam.sys
20:29:28.0173 0x150c MBAMProtection - ok
20:29:28.0686 0x150c [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
20:29:28.0758 0x150c MBAMService - ok
20:29:28.0844 0x150c [ F8E8B0977741F114407494174522B71A, 6A3FE40D4649D89ABED007FFF13C38F021284265EC692C6190FF0EF8BDECF99C ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:29:28.0847 0x150c MBAMSwissArmy - ok
20:29:28.0891 0x150c [ 71C365620D484750948664AA4A579AB3, A60DBF3BD252ABC63BAD3571F3DF88BAD45FB76336FC52B88FAE0665C3D40D44 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
20:29:28.0893 0x150c MBAMWebProtection - ok
20:29:28.0905 0x150c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
20:29:28.0907 0x150c megasas - ok
20:29:28.0937 0x150c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
20:29:28.0948 0x150c megasr - ok
20:29:28.0974 0x150c [ A37A2ED3321A7A7BC85FA05221051A7F, 32E75126F3480DC59C480D821A717E5AC2639912D515693557EBF999B7DB0B10 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
20:29:28.0976 0x150c MEIx64 - ok
20:29:29.0004 0x150c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
20:29:29.0006 0x150c MMCSS - ok
20:29:29.0010 0x150c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
20:29:29.0012 0x150c Modem - ok
20:29:29.0024 0x150c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
20:29:29.0025 0x150c monitor - ok
20:29:29.0065 0x150c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
20:29:29.0067 0x150c mouclass - ok
20:29:29.0093 0x150c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
20:29:29.0094 0x150c mouhid - ok
20:29:29.0123 0x150c [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
20:29:29.0125 0x150c mountmgr - ok
20:29:29.0145 0x150c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
20:29:29.0147 0x150c mpsdrv - ok
20:29:29.0202 0x150c [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
20:29:29.0228 0x150c MpsSvc - ok
20:29:29.0250 0x150c [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
20:29:29.0253 0x150c MRxDAV - ok
20:29:29.0298 0x150c [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:29:29.0305 0x150c mrxsmb - ok
20:29:29.0346 0x150c [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:29:29.0351 0x150c mrxsmb10 - ok
20:29:29.0396 0x150c [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:29:29.0400 0x150c mrxsmb20 - ok
20:29:29.0435 0x150c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
20:29:29.0453 0x150c MsBridge - ok
20:29:29.0493 0x150c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:29:29.0513 0x150c MSDTC - ok
20:29:29.0550 0x150c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:29:29.0553 0x150c Msfs - ok
20:29:29.0566 0x150c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:29:29.0569 0x150c msgpiowin32 - ok
20:29:29.0580 0x150c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:29:29.0581 0x150c mshidkmdf - ok
20:29:29.0593 0x150c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
20:29:29.0594 0x150c mshidumdf - ok
20:29:29.0608 0x150c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
20:29:29.0609 0x150c msisadrv - ok
20:29:29.0640 0x150c [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
20:29:29.0645 0x150c MSiSCSI - ok
20:29:29.0648 0x150c msiserver - ok
20:29:29.0662 0x150c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:29:29.0663 0x150c MSKSSRV - ok
20:29:29.0694 0x150c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:29:29.0696 0x150c MsLldp - ok
20:29:29.0713 0x150c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:29:29.0714 0x150c MSPCLOCK - ok
20:29:29.0717 0x150c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:29:29.0719 0x150c MSPQM - ok
20:29:29.0737 0x150c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
20:29:29.0744 0x150c MsRPC - ok
20:29:29.0760 0x150c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
20:29:29.0761 0x150c mssmbios - ok
20:29:29.0772 0x150c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:29:29.0773 0x150c MSTEE - ok
20:29:29.0788 0x150c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
20:29:29.0790 0x150c MTConfig - ok
20:29:29.0818 0x150c [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\WINDOWS\system32\Drivers\mup.sys
20:29:29.0821 0x150c Mup - ok
20:29:29.0837 0x150c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
20:29:29.0839 0x150c mvumis - ok
20:29:29.0868 0x150c [ EBD7D5781E446C5F367F97944014BC7F, 86BAF4C4B0933CD9E26FEA98844A46FC3FE932A978F358B0CDB01ED87217EFB9 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:29:29.0875 0x150c MyWiFiDHCPDNS - ok
20:29:29.0917 0x150c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
20:29:29.0929 0x150c napagent - ok
20:29:29.0967 0x150c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:29:29.0976 0x150c NativeWifiP - ok
20:29:30.0008 0x150c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
20:29:30.0014 0x150c NcaSvc - ok
20:29:30.0025 0x150c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
20:29:30.0029 0x150c NcbService - ok
20:29:30.0063 0x150c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
20:29:30.0066 0x150c NcdAutoSetup - ok
20:29:30.0137 0x150c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
20:29:30.0162 0x150c NDIS - ok
20:29:30.0189 0x150c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:29:30.0191 0x150c NdisCap - ok
20:29:30.0213 0x150c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:29:30.0216 0x150c NdisImPlatform - ok
20:29:30.0235 0x150c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:29:30.0237 0x150c NdisTapi - ok
20:29:30.0265 0x150c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:29:30.0267 0x150c Ndisuio - ok
20:29:30.0277 0x150c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:29:30.0278 0x150c NdisVirtualBus - ok
20:29:30.0314 0x150c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:29:30.0320 0x150c NdisWan - ok
20:29:30.0328 0x150c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:29:30.0333 0x150c NdisWanLegacy - ok
20:29:30.0371 0x150c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:29:30.0382 0x150c NDProxy - ok
20:29:30.0403 0x150c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
20:29:30.0406 0x150c Ndu - ok
20:29:30.0435 0x150c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:29:30.0437 0x150c NetBIOS - ok
20:29:30.0475 0x150c [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:29:30.0482 0x150c NetBT - ok
20:29:30.0502 0x150c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
20:29:30.0506 0x150c Netlogon - ok
20:29:30.0530 0x150c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
20:29:30.0550 0x150c Netman - ok
20:29:30.0618 0x150c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
20:29:30.0646 0x150c netprofm - ok
20:29:30.0690 0x150c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:30.0695 0x150c NetTcpPortSharing - ok
20:29:30.0733 0x150c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
20:29:30.0735 0x150c netvsc - ok
20:29:30.0861 0x150c [ B6BCFDDE16B379D63BE83C324E764A5D, 3AEA0777FA673D894EA85556F7A40B804CF08BA9F058B45676E27E386BCC2441 ] NETwNb64 C:\WINDOWS\system32\DRIVERS\Netwbw02.sys
20:29:30.0976 0x150c NETwNb64 - ok
20:29:31.0149 0x150c [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew02.sys
20:29:31.0290 0x150c NETwNe64 - ok
20:29:31.0336 0x150c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
20:29:31.0347 0x150c NlaSvc - ok
20:29:31.0375 0x150c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:29:31.0377 0x150c Npfs - ok
20:29:31.0390 0x150c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
20:29:31.0391 0x150c npsvctrig - ok
20:29:31.0414 0x150c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
20:29:31.0416 0x150c nsi - ok
20:29:31.0445 0x150c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
20:29:31.0447 0x150c nsiproxy - ok
20:29:31.0536 0x150c [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:29:31.0590 0x150c Ntfs - ok
20:29:31.0611 0x150c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
20:29:31.0612 0x150c Null - ok
20:29:31.0639 0x150c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
20:29:31.0644 0x150c nvraid - ok
20:29:31.0653 0x150c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
20:29:31.0659 0x150c nvstor - ok
20:29:31.0667 0x150c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
20:29:31.0672 0x150c nv_agp - ok
20:29:31.0686 0x150c OKOControlSvc - ok
20:29:31.0926 0x150c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
20:29:31.0942 0x150c p2pimsvc - ok
20:29:31.0974 0x150c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
20:29:31.0986 0x150c p2psvc - ok
20:29:32.0010 0x150c [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\WINDOWS\System32\drivers\parport.sys
20:29:32.0015 0x150c Parport - ok
20:29:32.0046 0x150c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
20:29:32.0050 0x150c partmgr - ok
20:29:32.0093 0x150c [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
20:29:32.0109 0x150c PcaSvc - ok
20:29:32.0143 0x150c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
20:29:32.0151 0x150c pci - ok
20:29:32.0174 0x150c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
20:29:32.0175 0x150c pciide - ok
20:29:32.0190 0x150c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
20:29:32.0194 0x150c pcmcia - ok
20:29:32.0207 0x150c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
20:29:32.0209 0x150c pcw - ok
20:29:32.0233 0x150c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
20:29:32.0236 0x150c pdc - ok
20:29:32.0267 0x150c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
20:29:32.0283 0x150c PEAUTH - ok
20:29:32.0376 0x150c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
20:29:32.0378 0x150c PerfHost - ok
20:29:32.0474 0x150c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
20:29:32.0507 0x150c pla - ok
20:29:32.0553 0x150c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
20:29:32.0557 0x150c PlugPlay - ok
20:29:32.0588 0x150c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
20:29:32.0590 0x150c PNRPAutoReg - ok
20:29:32.0610 0x150c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
20:29:32.0618 0x150c PNRPsvc - ok
20:29:32.0644 0x150c [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\WINDOWS\System32\drivers\point64.sys
20:29:32.0646 0x150c Point64 - ok
20:29:32.0687 0x150c [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
20:29:32.0696 0x150c PolicyAgent - ok
20:29:32.0725 0x150c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
20:29:32.0728 0x150c Power - ok
20:29:32.0753 0x150c [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:29:32.0756 0x150c PptpMiniport - ok
20:29:32.0905 0x150c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:29:32.0968 0x150c PrintNotify - ok
20:29:32.0992 0x150c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
20:29:32.0995 0x150c Processor - ok
20:29:33.0049 0x150c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
20:29:33.0056 0x150c ProfSvc - ok
20:29:33.0085 0x150c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
20:29:33.0089 0x150c Psched - ok
20:29:33.0119 0x150c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
20:29:33.0127 0x150c QWAVE - ok
20:29:33.0159 0x150c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
20:29:33.0161 0x150c QWAVEdrv - ok
20:29:33.0187 0x150c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:29:33.0189 0x150c RasAcd - ok
20:29:33.0210 0x150c [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
20:29:33.0213 0x150c RasAgileVpn - ok
20:29:33.0247 0x150c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:29:33.0251 0x150c RasAuto - ok
20:29:33.0289 0x150c [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:29:33.0292 0x150c Rasl2tp - ok
20:29:33.0325 0x150c [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:29:33.0338 0x150c RasMan - ok
20:29:33.0351 0x150c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:29:33.0354 0x150c RasPppoe - ok
20:29:33.0387 0x150c [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
20:29:33.0390 0x150c RasSstp - ok
20:29:33.0425 0x150c [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:29:33.0436 0x150c rdbss - ok
20:29:33.0461 0x150c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
20:29:33.0463 0x150c rdpbus - ok
20:29:33.0477 0x150c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
20:29:33.0482 0x150c RDPDR - ok
20:29:33.0553 0x150c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:29:33.0554 0x150c RdpVideoMiniport - ok
20:29:33.0563 0x150c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
20:29:33.0568 0x150c rdyboost - ok
20:29:33.0622 0x150c [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
20:29:33.0642 0x150c ReFS - ok
20:29:33.0719 0x150c [ 6656FBF14F378A272682A4F91CBDCDAD, A31B9D61F91DEBA8FB622148A60106115BE4CAE06CE1FE1FA729C45BAD0C5294 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:29:33.0722 0x150c RegSrvc - ok
20:29:33.0765 0x150c [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:29:33.0771 0x150c RemoteAccess - ok
20:29:33.0795 0x150c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:29:33.0802 0x150c RemoteRegistry - ok
20:29:33.0851 0x150c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
20:29:33.0857 0x150c RFCOMM - ok
20:29:33.0878 0x150c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
20:29:33.0882 0x150c RpcEptMapper - ok
20:29:33.0911 0x150c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
20:29:33.0912 0x150c RpcLocator - ok
20:29:33.0971 0x150c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:29:33.0989 0x150c RpcSs - ok
20:29:34.0019 0x150c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:29:34.0022 0x150c rspndr - ok
20:29:34.0074 0x150c [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
20:29:34.0082 0x150c RSUSBVSTOR - ok
20:29:34.0127 0x150c [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
20:29:34.0147 0x150c RTL8168 - ok
20:29:34.0262 0x150c [ 87FDEC0D11D1256DF81DB12E62AED84D, C311687454C291B03A6B9FDE58E818809109D91A84F76484EDA2BEE289262C74 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
20:29:34.0335 0x150c rtsuvc - ok
20:29:34.0378 0x150c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
20:29:34.0380 0x150c s3cap - ok
20:29:34.0407 0x150c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
20:29:34.0410 0x150c SamSs - ok
20:29:34.0415 0x150c SAService - ok
20:29:34.0436 0x150c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
20:29:34.0441 0x150c sbp2port - ok
20:29:34.0465 0x150c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
20:29:34.0473 0x150c SCardSvr - ok
20:29:34.0510 0x150c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
20:29:34.0517 0x150c ScDeviceEnum - ok
20:29:34.0540 0x150c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:29:34.0542 0x150c scfilter - ok
20:29:34.0612 0x150c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:29:34.0647 0x150c Schedule - ok
20:29:34.0666 0x150c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
20:29:34.0671 0x150c SCPolicySvc - ok
20:29:34.0742 0x150c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
20:29:34.0752 0x150c sdbus - ok
20:29:34.0779 0x150c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
20:29:34.0783 0x150c sdstor - ok
20:29:34.0796 0x150c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
20:29:34.0798 0x150c secdrv - ok
20:29:34.0832 0x150c [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll
20:29:34.0835 0x150c seclogon - ok
20:29:34.0871 0x150c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
20:29:34.0875 0x150c SENS - ok
20:29:34.0907 0x150c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
20:29:34.0917 0x150c SensrSvc - ok
20:29:34.0930 0x150c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
20:29:34.0933 0x150c SerCx - ok
20:29:34.0952 0x150c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
20:29:34.0957 0x150c SerCx2 - ok
20:29:34.0983 0x150c [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
20:29:34.0985 0x150c Serenum - ok
20:29:35.0020 0x150c [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\WINDOWS\System32\drivers\serial.sys
20:29:35.0024 0x150c Serial - ok
20:29:35.0048 0x150c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
20:29:35.0050 0x150c sermouse - ok
20:29:35.0097 0x150c [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
20:29:35.0115 0x150c SessionEnv - ok
20:29:35.0129 0x150c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
20:29:35.0131 0x150c sfloppy - ok
20:29:35.0165 0x150c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:29:35.0179 0x150c SharedAccess - ok
20:29:35.0223 0x150c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:29:35.0243 0x150c ShellHWDetection - ok
20:29:35.0270 0x150c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:29:35.0273 0x150c SiSRaid2 - ok
20:29:35.0296 0x150c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
20:29:35.0300 0x150c SiSRaid4 - ok
20:29:35.0370 0x150c [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:29:35.0380 0x150c SkypeUpdate - ok
20:29:35.0765 0x150c [ BCC3AD6657BAC2E6113E5CFF63E99558, A934848C87596C29AABFF45F96BEDC22A6F748542CE3D3A0B2754EE2DC69CF0F ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
20:29:35.0768 0x150c SmbDrvI - ok
20:29:35.0809 0x150c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
20:29:35.0812 0x150c smphost - ok
20:29:35.0851 0x150c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
20:29:35.0855 0x150c SNMPTRAP - ok
20:29:35.0906 0x150c [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
20:29:35.0920 0x150c spaceport - ok
20:29:35.0927 0x150c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
20:29:35.0931 0x150c SpbCx - ok
20:29:35.0979 0x150c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
20:29:35.0999 0x150c Spooler - ok
20:29:36.0317 0x150c [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
20:29:36.0456 0x150c sppsvc - ok
20:29:36.0729 0x150c [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:29:36.0746 0x150c srv - ok
20:29:36.0810 0x150c [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
20:29:36.0837 0x150c srv2 - ok
20:29:36.0870 0x150c [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:29:36.0879 0x150c srvnet - ok
20:29:36.0917 0x150c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:29:36.0929 0x150c SSDPSRV - ok
20:29:36.0966 0x150c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
20:29:36.0975 0x150c SstpSvc - ok
20:29:37.0001 0x150c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
20:29:37.0004 0x150c stexstor - ok
20:29:37.0057 0x150c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
20:29:37.0077 0x150c stisvc - ok
20:29:37.0116 0x150c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
20:29:37.0119 0x150c storahci - ok
20:29:37.0151 0x150c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
20:29:37.0153 0x150c storflt - ok
20:29:37.0180 0x150c [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
20:29:37.0182 0x150c stornvme - ok
20:29:37.0202 0x150c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
20:29:37.0205 0x150c StorSvc - ok
20:29:37.0222 0x150c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
20:29:37.0224 0x150c storvsc - ok
20:29:37.0248 0x150c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
20:29:37.0252 0x150c svsvc - ok
20:29:37.0274 0x150c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
20:29:37.0276 0x150c swenum - ok
20:29:37.0326 0x150c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
20:29:37.0352 0x150c swprv - ok
20:29:37.0661 0x150c [ F55B7A4FB85EA07462E353E6ECABB03F, B71B88CD9E45B9A3609E685281754D30946AA30D82DC1F5531C530DB70401635 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:29:37.0736 0x150c SynTP - ok
20:29:37.0779 0x150c [ E104A2C308E0BED251A9C168643997FE, 54E9B3164D5BD1DEB85902EC1C6E7F2BEDC793FB47E5AF558C6D3CBE4D609010 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
20:29:37.0783 0x150c SynTPEnhService - ok
20:29:37.0853 0x150c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
20:29:37.0880 0x150c SysMain - ok
20:29:37.0912 0x150c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:29:37.0921 0x150c SystemEventsBroker - ok
20:29:37.0955 0x150c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:29:37.0960 0x150c TabletInputService - ok
20:29:38.0003 0x150c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:29:38.0013 0x150c TapiSrv - ok
20:29:38.0110 0x150c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
20:29:38.0176 0x150c Tcpip - ok
20:29:38.0238 0x150c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:29:38.0284 0x150c TCPIP6 - ok
20:29:38.0317 0x150c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
20:29:38.0331 0x150c tcpipreg - ok
20:29:38.0373 0x1504 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
20:29:38.0378 0x150c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
20:29:38.0396 0x150c tdx - ok
20:29:38.0413 0x150c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
20:29:38.0416 0x150c terminpt - ok
20:29:38.0489 0x150c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
20:29:38.0524 0x150c TermService - ok
20:29:38.0552 0x150c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
20:29:38.0557 0x150c Themes - ok
20:29:38.0579 0x150c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
20:29:38.0582 0x150c THREADORDER - ok
20:29:38.0612 0x150c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
20:29:38.0623 0x150c TimeBroker - ok
20:29:38.0671 0x150c [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:29:38.0674 0x150c TomTomHOMEService - ok
20:29:38.0717 0x150c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
20:29:38.0721 0x150c TPM - ok
20:29:38.0754 0x150c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
20:29:38.0757 0x150c TrkWks - ok
20:29:38.0801 0x150c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:29:38.0804 0x150c TrustedInstaller - ok
20:29:38.0828 0x150c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
20:29:38.0830 0x150c TsUsbFlt - ok
20:29:38.0860 0x150c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:29:38.0862 0x150c TsUsbGD - ok
20:29:38.0878 0x150c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:29:38.0883 0x150c tunnel - ok
20:29:38.0906 0x150c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
20:29:38.0909 0x150c uagp35 - ok
20:29:38.0914 0x1504 Object send P2P result: true
20:29:38.0930 0x150c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
20:29:38.0935 0x150c UASPStor - ok
20:29:38.0984 0x150c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
20:29:38.0989 0x150c UCX01000 - ok
20:29:39.0131 0x150c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
20:29:39.0139 0x150c udfs - ok
20:29:39.0153 0x150c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
20:29:39.0155 0x150c UEFI - ok
20:29:39.0191 0x150c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
20:29:39.0195 0x150c UI0Detect - ok
20:29:39.0217 0x150c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
20:29:39.0220 0x150c uliagpkx - ok
20:29:39.0233 0x150c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
20:29:39.0235 0x150c umbus - ok
20:29:39.0245 0x150c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
20:29:39.0246 0x150c UmPass - ok
20:29:39.0283 0x150c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
20:29:39.0291 0x150c UmRdpService - ok
20:29:39.0316 0x150c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:29:39.0332 0x150c upnphost - ok
20:29:39.0368 0x150c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
20:29:39.0373 0x150c usbccgp - ok
20:29:39.0403 0x150c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
20:29:39.0407 0x150c usbcir - ok
20:29:39.0437 0x150c [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
20:29:39.0439 0x150c usbehci - ok
20:29:39.0475 0x150c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
20:29:39.0485 0x150c usbhub - ok
20:29:39.0526 0x150c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
20:29:39.0537 0x150c USBHUB3 - ok
20:29:39.0570 0x150c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
20:29:39.0572 0x150c usbohci - ok
20:29:39.0595 0x150c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
20:29:39.0597 0x150c usbprint - ok
20:29:39.0624 0x150c [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:29:39.0628 0x150c USBSTOR - ok
20:29:39.0649 0x150c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
20:29:39.0650 0x150c usbuhci - ok
20:29:39.0683 0x150c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
20:29:39.0690 0x150c usbvideo - ok
20:29:39.0732 0x150c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:29:39.0744 0x150c USBXHCI - ok
20:29:39.0766 0x150c [ B73B55A194BEAF71985211279585A316, A40B0E362ABF4F33818696150086C4FBCA38F6E306838C825C73F57F55A49347 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
20:29:39.0768 0x150c usb_rndisx - ok
20:29:39.0787 0x150c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
20:29:39.0790 0x150c VaultSvc - ok
20:29:39.0809 0x150c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
20:29:39.0811 0x150c vdrvroot - ok
20:29:39.0860 0x150c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
20:29:39.0884 0x150c vds - ok
20:29:39.0915 0x150c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
20:29:39.0919 0x150c VerifierExt - ok
20:29:39.0958 0x150c [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
20:29:39.0968 0x150c vhdmp - ok
20:29:39.0988 0x150c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
20:29:39.0989 0x150c viaide - ok
20:29:40.0012 0x150c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
20:29:40.0026 0x150c vmbus - ok
20:29:40.0044 0x150c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
20:29:40.0045 0x150c VMBusHID - ok
20:29:40.0077 0x150c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:29:40.0089 0x150c vmicguestinterface - ok
20:29:40.0100 0x150c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
20:29:40.0113 0x150c vmicheartbeat - ok
20:29:40.0125 0x150c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:29:40.0133 0x150c vmickvpexchange - ok
20:29:40.0182 0x150c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
20:29:40.0190 0x150c vmicrdv - ok
20:29:40.0231 0x150c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
20:29:40.0243 0x150c vmicshutdown - ok
20:29:40.0272 0x150c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
20:29:40.0281 0x150c vmictimesync - ok
20:29:40.0307 0x150c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
20:29:40.0316 0x150c vmicvss - ok
20:29:40.0351 0x150c [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
20:29:40.0353 0x150c volmgr - ok
20:29:40.0384 0x150c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
20:29:40.0392 0x150c volmgrx - ok
20:29:40.0433 0x150c [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
20:29:40.0440 0x150c volsnap - ok
20:29:40.0483 0x150c [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
20:29:40.0485 0x150c vpci - ok
20:29:40.0498 0x150c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
20:29:40.0503 0x150c vsmraid - ok
20:29:40.0561 0x150c [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\WINDOWS\system32\vssvc.exe
20:29:40.0606 0x150c VSS - ok
20:29:40.0616 0x150c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
20:29:40.0622 0x150c VSTXRAID - ok
20:29:40.0668 0x150c [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
20:29:40.0669 0x150c vwifibus - ok
20:29:40.0703 0x150c [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:29:40.0705 0x150c vwififlt - ok
20:29:40.0740 0x150c [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:29:40.0741 0x150c vwifimp - ok
20:29:40.0878 0x150c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
20:29:40.0899 0x150c W32Time - ok
20:29:40.0917 0x150c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
20:29:40.0920 0x150c WacomPen - ok
20:29:40.0948 0x150c [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:29:40.0953 0x150c Wanarp - ok
20:29:40.0960 0x150c [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:29:40.0965 0x150c Wanarpv6 - ok
20:29:41.0299 0x150c [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\WINDOWS\system32\wbengine.exe
20:29:41.0336 0x150c wbengine - ok
20:29:41.0368 0x150c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
20:29:41.0391 0x150c WbioSrvc - ok
20:29:41.0456 0x150c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
20:29:41.0477 0x150c Wcmsvc - ok
20:29:41.0517 0x150c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
20:29:41.0536 0x150c wcncsvc - ok
20:29:41.0563 0x150c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:29:41.0565 0x150c WcsPlugInService - ok
20:29:41.0600 0x150c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
20:29:41.0602 0x150c WdBoot - ok
20:29:41.0647 0x150c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
20:29:41.0663 0x150c Wdf01000 - ok
20:29:41.0690 0x150c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
20:29:41.0695 0x150c WdFilter - ok
20:29:41.0720 0x150c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
20:29:41.0723 0x150c WdiServiceHost - ok
20:29:41.0727 0x150c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
20:29:41.0730 0x150c WdiSystemHost - ok
20:29:41.0749 0x150c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:29:41.0752 0x150c WdNisDrv - ok
20:29:41.0783 0x150c WdNisSvc - ok
20:29:41.0836 0x150c [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\WINDOWS\System32\webclnt.dll
20:29:41.0844 0x150c WebClient - ok
20:29:41.0871 0x150c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
20:29:41.0877 0x150c Wecsvc - ok
20:29:41.0908 0x150c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
20:29:41.0910 0x150c WEPHOSTSVC - ok
20:29:41.0916 0x150c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
20:29:41.0919 0x150c wercplsupport - ok
20:29:41.0941 0x150c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
20:29:41.0945 0x150c WerSvc - ok
20:29:41.0978 0x150c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:29:41.0981 0x150c WFPLWFS - ok
20:29:42.0008 0x150c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
20:29:42.0011 0x150c WiaRpc - ok
20:29:42.0036 0x150c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
20:29:42.0037 0x150c WIMMount - ok
20:29:42.0040 0x150c WinDefend - ok
20:29:42.0090 0x150c [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:29:42.0119 0x150c WinHttpAutoProxySvc - ok
20:29:42.0192 0x150c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:29:42.0209 0x150c Winmgmt - ok
20:29:42.0291 0x150c [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:29:42.0344 0x150c WinRM - ok
20:29:42.0392 0x150c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
20:29:42.0394 0x150c WinUsb - ok
20:29:42.0452 0x150c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
20:29:42.0480 0x150c WlanSvc - ok
20:29:42.0563 0x150c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
20:29:42.0598 0x150c wlidsvc - ok
20:29:42.0641 0x150c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
20:29:42.0642 0x150c WmiAcpi - ok
20:29:42.0717 0x150c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:29:42.0730 0x150c wmiApSrv - ok
20:29:42.0775 0x150c WMPNetworkSvc - ok
20:29:42.0792 0x150c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
20:29:42.0797 0x150c Wof - ok
20:29:42.0880 0x150c [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
20:29:42.0916 0x150c workfolderssvc - ok
20:29:42.0938 0x150c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:29:42.0940 0x150c wpcfltr - ok
20:29:42.0966 0x150c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
20:29:42.0968 0x150c WPCSvc - ok
20:29:42.0999 0x150c [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
20:29:43.0002 0x150c WPDBusEnum - ok
20:29:43.0018 0x150c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:29:43.0019 0x150c WpdUpFltr - ok
20:29:43.0044 0x150c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:29:43.0045 0x150c ws2ifsl - ok
20:29:43.0083 0x150c [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
20:29:43.0128 0x150c wscsvc - ok
20:29:43.0160 0x150c [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
20:29:43.0161 0x150c WSDPrintDevice - ok
20:29:43.0187 0x150c [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
20:29:43.0196 0x150c WSDScan - ok
20:29:43.0200 0x150c WSearch - ok
20:29:43.0501 0x150c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
20:29:43.0585 0x150c WSService - ok
20:29:43.0801 0x150c [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
20:29:43.0861 0x150c wuauserv - ok
20:29:43.0938 0x150c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
20:29:43.0954 0x150c WudfPf - ok
20:29:43.0996 0x150c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
20:29:44.0000 0x150c WUDFRd - ok
20:29:44.0010 0x150c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:29:44.0015 0x150c WUDFSensorLP - ok
20:29:44.0050 0x150c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
20:29:44.0062 0x150c wudfsvc - ok
20:29:44.0070 0x150c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
20:29:44.0075 0x150c WUDFWpdFs - ok
20:29:44.0084 0x150c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:29:44.0088 0x150c WUDFWpdMtp - ok
20:29:44.0208 0x150c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
20:29:44.0244 0x150c WwanSvc - ok
20:29:44.0275 0x150c [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
20:29:44.0283 0x150c xusb22 - ok
20:29:44.0568 0x150c [ 3E7427F3D0AAF5E114BFFE86C9FBAAD2, 5226BE5E7B1873AD0ADC397139160F9A57D8F62C59E12A245EBF28B925DC8A6F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:29:44.0621 0x150c ZeroConfigService - ok
20:29:44.0638 0x150c ================ Scan global ===============================
20:29:44.0688 0x150c [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
20:29:44.0722 0x150c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
20:29:44.0749 0x150c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
20:29:44.0789 0x150c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
20:29:44.0799 0x150c [ Global ] - ok
20:29:44.0799 0x150c ================ Scan MBR ==================================
20:29:44.0821 0x150c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:29:44.0841 0x150c \Device\Harddisk0\DR0 - ok
20:29:44.0841 0x150c ================ Scan VBR ==================================
20:29:44.0850 0x150c [ 5F886381907A41EB93C4D1164DD75271 ] \Device\Harddisk0\DR0\Partition1
20:29:44.0852 0x150c \Device\Harddisk0\DR0\Partition1 - ok
20:29:44.0860 0x150c [ F48454D685E4DACCFAF71EA4254FEDF0 ] \Device\Harddisk0\DR0\Partition2
20:29:44.0861 0x150c \Device\Harddisk0\DR0\Partition2 - ok
20:29:44.0878 0x150c [ 5CD57B59D1CC6320559F9625C5519EE4 ] \Device\Harddisk0\DR0\Partition3
20:29:44.0879 0x150c \Device\Harddisk0\DR0\Partition3 - ok
20:29:44.0889 0x150c [ 3651983058284EDE4107CDAB91383DB7 ] \Device\Harddisk0\DR0\Partition4
20:29:44.0896 0x150c \Device\Harddisk0\DR0\Partition4 - ok
20:29:44.0920 0x150c [ F4F1B657C0D5F7A44E73B1DE244A1A38 ] \Device\Harddisk0\DR0\Partition5
20:29:44.0921 0x150c \Device\Harddisk0\DR0\Partition5 - ok
20:29:44.0946 0x150c [ B9DA9E7A44178B8B7D5D002B8BA140D7 ] \Device\Harddisk0\DR0\Partition6
20:29:44.0947 0x150c \Device\Harddisk0\DR0\Partition6 - ok
20:29:44.0964 0x150c [ 96FF1FA24890410AC0ED645A71C55A4F ] \Device\Harddisk0\DR0\Partition7
20:29:44.0965 0x150c \Device\Harddisk0\DR0\Partition7 - ok
20:29:44.0965 0x150c ================ Scan generic autorun ======================
20:29:45.0036 0x150c [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
20:29:45.0042 0x150c ForteConfig - ok
20:29:45.0102 0x150c [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
20:29:45.0126 0x150c SmartAudio - ok
20:29:45.0187 0x150c [ B58355B1B1C91433B4B119083C7F28B3, CE8272FB392C519D3F1921CE11AF12E0CEE3F96141DCCBF5C40110DA3F9B92BD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
20:29:45.0200 0x150c cAudioFilterAgent - ok
20:29:45.0201 0x150c SynTPEnh - ok
20:29:45.0682 0x150c [ 026AA22764DF14C4E1E89F5037FBEF28, 9095488F1B6ED4279D80D4A00298909486AB4606502BD3B099AA05E0647E9286 ] C:\WINDOWS\RTFTrack.exe
20:29:45.0737 0x150c RtsFT - ok
20:29:46.0302 0x150c MRT - ok
20:29:46.0566 0x150c [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
20:29:46.0621 0x150c Malwarebytes TrayApp - ok
20:29:46.0967 0x150c [ E2134E81AEFE21E8BF0E45996951B161, 69DC7CDB4B9ECD92C6D747152083714BD368066CEFEC9D5AB120E2F3CF2A7BD0 ] c:\program files\emsisoft anti-malware\a2guard.exe
20:29:47.0099 0x150c emsisoft anti-malware - ok
20:29:47.0168 0x150c [ 09774D410A9DF3357E2223B154344C37, F07786F0677665F60BD21D0BDC76C4911FBA40DFF6D10CBF1289F794515DAA6E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:29:47.0179 0x150c StartCCC - ok
20:29:47.0395 0x150c [ F80FFD4517C0B8025ECC54FBB30F88C4, 6CA7A9E037568D4F32C78A67A5D85A05A4CA858FA3D295ACB6ED508D44782264 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
20:29:47.0411 0x150c FUFAXSTM - ok
20:29:47.0470 0x150c [ 1568FF282E268082C67CF0C3EBCC9179, B328A9B6B1B3D5FC618F4777F9F59C8C2A9882A13B27352F8B84AC3118E7FB07 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
20:29:47.0493 0x150c EEventManager - ok
20:29:47.0558 0x150c [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:29:47.0572 0x150c SunJavaUpdateSched - ok
20:29:47.0635 0x150c [ 6D9C544ECF1D56AFDA3C03C19E75FE8B, 8FD676300ED596EDCB33F334709245424613CAB30868A2866785A47CBF689199 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGBU.EXE
20:29:47.0640 0x150c EPSON53AF49 (Epson Stylus Office BX620FWD) - ok
20:29:47.0913 0x150c [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
20:29:48.0087 0x150c CCleaner Monitoring - ok
20:29:48.0181 0x150c [ 706A181D11D8589B0A9E2625E72423CF, BC0624B3BF5312DF5B54D6B23ADD7C6E94708968E4ACC3340BE23A3E87A8D2E0 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
20:29:48.0186 0x150c TomTomHOME.exe - ok
20:29:48.0187 0x150c Waiting for KSN requests completion. In queue: 137
20:29:49.0241 0x150c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
20:29:49.0242 0x150c AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2start.exe ( 2017.2.1.7260 ), 0x41000 ( enabled : updated )
20:29:49.0243 0x150c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.138 ), 0x61000 ( enabled : updated )
20:29:49.0249 0x150c Win FW state via NFP2: enabled ( trusted )
20:29:52.0760 0x150c ============================================================
20:29:52.0760 0x150c Scan finished
20:29:52.0760 0x150c ============================================================
20:29:52.0765 0x151c Detected object count: 0
20:29:52.0765 0x151c Actual detected object count: 0
20:29:56.0434 0x1144 Deinitialize success
|
|
23.03.2017, 18:14
| #8 |
| | IStartPageeing entfernen.....Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Edith Adole (Administrator) auf EDITH (23-03-2017 18:03:43)
Gestartet von C:\Users\Edith Adole\Desktop
Geladene Profile: Edith Adole (Verfügbare Profile: Edith Adole)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(AO Kaspersky Lab) C:\Users\Edith Adole\Downloads\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\Edith Adole\AppData\Local\Temp\{23189F8C-F386-484C-B2CE-31B6B1C353B0}\{58202A85-2B19-4171-8375-14D4694290F9}.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2809072 2014-10-21] (Synaptics Incorporated)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-12-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\Run: [EPSON53AF49 (Epson Stylus Office BX620FWD)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGBU.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\RunOnce: [Application Restart #3] => C:\Users\Edith Adole\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web- (Der Dateneintrag hat 595 mehr Zeichen).
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\MountPoints2: {ac346e34-5f6a-11e5-8278-d07e35f1b26e} - "F:\LG_PC_Programs.exe"
HKU\S-1-5-18\...\Run: [EPSON53AF49 (Epson Stylus Office BX620FWD)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGBU.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:54706;https=127.0.0.1:54706
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{375D9BE3-DCEE-4D59-9B34-7D4D0E128E9E}: [DhcpNameServer] 150.206.1.3
Tcpip\..\Interfaces\{7682B663-06A9-4D1B-937D-2897DF760201}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131150628766507258&GUID=0B50AE7A-2ED7-4FF5-87AC-008FF206976D
URLSearchHook: HKU\S-1-5-21-4183854035-1477589906-2272233396-1001 - (Kein Name) - {0740f3dd-e1f0-4ec6-8855-04f999d071fa} - C:\Program Files (x86)\DownSpeedTest_dq\bar\1.bin\dqSrcAs.dll Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4183854035-1477589906-2272233396-1001 -> {A173D964-1480-40EA-8AE1-216F92CA013A} URL =
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Edith Adole\AppData\Roaming\TomTom\HOME\Profiles\4vs5y4zp.default [2016-05-26]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-05-26] [ist nicht signiert]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-4183854035-1477589906-2272233396-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Edith Adole\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.istartpageing.com/?type=hp&ts=1449758639&z=702fb6b54e58e460a9355ccg7z4zbt8m1w4b9qfz7m&from=cvs&uid=ST1000LM024XHN-M101MBB_S30YJ9AG176371"
CHR Profile: C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default [2017-03-23]
CHR Extension: (Google Präsentationen) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-20]
CHR Extension: (Google Docs) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-20]
CHR Extension: (Google Drive) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Google-Suche) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Google Tabellen) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-20]
CHR Extension: (Google Docs Offline) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2017-01-28]
CHR Extension: (Skype) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Google Mail) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\Edith Adole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-12-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R3 LenovoUpdate; C:\WINDOWS\System32\LenovoUpdate.exe [26608 2017-03-22] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-10-21] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U3 06998072; kein ImagePath
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [19456 2014-04-14] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-03-28] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-03-28] (LG Electronics Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [219592 2014-08-13] (Intel Corporation)
S3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-23] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3494680 2014-12-08] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-10-21] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ACPIVPC; \SystemRoot\System32\drivers\AcpiVpc.sys [X]
S3 aswHdsKe; \??\C:\WINDOWS\system32\drivers\aswHdsKe.sys [X]
S3 KMDFVirtualKbd; \SystemRoot\System32\drivers\KMDFVirtualKbd.sys [X]
S2 MBAMChameleon; \SystemRoot\system32\drivers\MBAMChameleon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-23 18:03 - 2017-03-23 18:03 - 00019108 _____ C:\Users\Edith Adole\Desktop\FRST.txt
2017-03-23 18:01 - 2017-03-23 18:03 - 00232364 _____ C:\TDSSKiller.3.1.0.12_23.03.2017_18.01.26_log.txt
2017-03-23 18:01 - 2017-03-23 18:01 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Edith Adole\Downloads\tdsskiller.exe
2017-03-23 17:13 - 2017-03-23 17:14 - 00033807 _____ C:\Users\Edith Adole\Downloads\Addition.txt
2017-03-23 17:12 - 2017-03-23 18:03 - 00000000 ____D C:\FRST
2017-03-23 17:12 - 2017-03-23 17:14 - 00028310 _____ C:\Users\Edith Adole\Downloads\FRST.txt
2017-03-23 17:12 - 2017-03-23 17:12 - 02424832 _____ (Farbar) C:\Users\Edith Adole\Desktop\FRST64.exe
2017-03-23 14:17 - 2017-03-23 14:17 - 02870984 _____ (ESET) C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe
2017-03-23 14:17 - 2017-03-23 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-03-22 21:09 - 2017-03-23 16:43 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-22 21:09 - 2017-03-22 21:26 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-22 21:09 - 2017-03-22 21:26 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-22 21:08 - 2017-03-22 21:26 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-22 21:08 - 2017-03-22 21:08 - 00001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-22 21:08 - 2017-03-22 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-22 21:08 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-22 20:28 - 2017-03-22 20:29 - 00234360 _____ C:\TDSSKiller.3.1.0.12_22.03.2017_20.28.56_log.txt
2017-03-22 20:07 - 2017-03-22 20:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Edith Adole\Downloads\HijackThis.exe
2017-03-22 20:06 - 2017-03-22 21:07 - 00000000 ____D C:\ProgramData\Emsisoft
2017-03-22 19:36 - 2017-03-22 20:11 - 00000000 ____D C:\AdwCleaner
2017-03-22 19:34 - 2017-03-22 19:34 - 04031440 _____ C:\Users\Edith Adole\Downloads\AdwCleaner_6.044.exe
2017-03-22 19:32 - 2017-03-22 19:35 - 242325016 _____ (Emsisoft Ltd. ) C:\Users\Edith Adole\Downloads\EmsisoftAntiMalwareSetup.exe
2017-03-22 19:32 - 2017-03-22 19:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-22 19:32 - 2017-03-22 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-22 19:12 - 2017-03-22 19:12 - 00000000 ____D C:\Users\Edith Adole\Desktop\mbar
2017-03-22 19:10 - 2017-03-22 19:10 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-22 19:07 - 2017-03-22 19:08 - 57131432 _____ (Malwarebytes ) C:\Users\Edith Adole\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-04 12:35 - 2017-03-10 14:09 - 00000912 _____ C:\Users\Edith Adole\Desktop\nativelog.txt
2017-03-04 12:34 - 2017-03-10 14:14 - 00000000 ____D C:\Program Files (x86)\Minecraft
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-23 17:28 - 2015-05-13 15:01 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4183854035-1477589906-2272233396-1001
2017-03-23 14:14 - 2016-07-09 17:00 - 00020709 _____ C:\IFRToolLog.txt
2017-03-23 14:09 - 2015-08-05 12:51 - 00000000 ____D C:\Users\Edith Adole\OneDrive
2017-03-23 14:09 - 2015-05-13 14:54 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-23 14:09 - 2015-05-13 14:54 - 00000000 __SHD C:\Users\Edith Adole\IntelGraphicsProfiles
2017-03-22 21:26 - 2015-02-18 14:51 - 00153336 _____ C:\WINDOWS\system32\wpbbin.exe
2017-03-22 21:26 - 2015-02-18 14:51 - 00111088 _____ (Lenovo (Beijing) Limited) C:\WINDOWS\system32\LenovoCheck.exe
2017-03-22 21:26 - 2015-02-18 14:51 - 00026608 _____ (Lenovo) C:\WINDOWS\system32\LenovoUpdate.exe
2017-03-22 21:26 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-22 20:31 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-22 20:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-22 20:18 - 2015-05-20 14:38 - 00000000 ____D C:\Program Files\AVAST Software
2017-03-22 20:18 - 2015-05-20 13:56 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-22 19:36 - 2015-05-20 14:38 - 00548928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.149020781962509
2017-03-22 19:33 - 2015-05-20 14:38 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.149020781628104
2017-03-22 19:33 - 2015-05-20 14:38 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.149020781731206
2017-03-22 19:32 - 2015-05-20 13:37 - 00000000 ____D C:\ProgramData\Skype
2017-03-22 19:32 - 2015-05-20 13:28 - 00002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-22 19:29 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-22 19:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-03-22 19:13 - 2015-02-18 15:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-22 19:10 - 2015-05-20 13:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-22 19:07 - 2015-05-13 17:13 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2AFA4B7-C37D-4042-B1A7-10A13E7F2F48}
2017-03-22 19:00 - 2015-05-26 13:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-22 18:59 - 2015-05-26 13:57 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-22 17:39 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-03-18 08:25 - 2015-05-13 14:53 - 00000000 ____D C:\Users\Edith Adole
2017-03-10 14:09 - 2015-05-14 16:58 - 00000000 ____D C:\Users\Edith Adole\AppData\Roaming\.minecraft
2017-03-10 05:34 - 2016-09-25 10:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 05:34 - 2016-09-25 10:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-18 15:56 - 2015-02-18 15:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2015-05-20 13:22 - 2014-11-21 16:18 - 0098824 _____ (McAfee Inc.) C:\Users\Edith Adole\AppData\Local\Temp\mccspuninstall.exe
2015-05-20 14:22 - 2015-05-20 14:23 - 50284752 _____ (Microsoft Corporation) C:\Users\Edith Adole\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
2016-02-28 12:22 - 2016-02-28 12:22 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct10E3.tmp.exe
2016-11-27 09:35 - 2016-11-27 09:35 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct1C13.tmp.exe
2016-09-21 10:49 - 2016-09-21 10:49 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct4D58.tmp.exe
2016-04-15 19:38 - 2016-04-15 19:39 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct61A9.tmp.exe
2016-02-09 18:50 - 2016-02-09 18:50 - 63078488 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct622C.tmp.exe
2015-08-05 20:32 - 2015-10-12 17:18 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct7CE6.tmp.exe
2016-03-09 16:15 - 2016-03-09 16:15 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct8D3C.tmp.exe
2016-07-25 13:18 - 2016-07-25 13:18 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\oct9C47.tmp.exe
2016-07-29 21:52 - 2016-07-29 21:52 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\octEA69.tmp.exe
2015-10-31 10:16 - 2015-10-31 10:16 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\octEE2C.tmp.exe
2016-03-12 15:04 - 2016-03-12 15:04 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Edith Adole\AppData\Local\Temp\octF17C.tmp.exe
2015-08-06 15:40 - 2015-08-06 15:50 - 250550320 _____ (AMD Inc.) C:\Users\Edith Adole\AppData\Local\Temp\tmp9BA0.exe
2015-05-20 12:12 - 2015-05-20 12:12 - 0061981 _____ () C:\Users\Edith Adole\AppData\Local\Temp\Uninstall.exe
2017-03-22 19:12 - 2017-03-22 19:28 - 14456872 _____ (Microsoft Corporation) C:\Users\Edith Adole\AppData\Local\Temp\vc_redist.x86.exe
2015-10-07 15:03 - 2016-09-06 15:01 - 0653105 _____ () C:\Users\Edith Adole\AppData\Local\Temp\_cdstarterbasic1.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-22 18:57
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Edith Adole (23-03-2017 18:04:22)
Gestartet von C:\Users\Edith Adole\Desktop
Windows 8.1 (Update) (X64) (2015-05-13 13:52:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4183854035-1477589906-2272233396-500 - Administrator - Disabled)
Edith Adole (S-1-5-21-4183854035-1477589906-2272233396-1001 - Administrator - Enabled) => C:\Users\Edith Adole
Gast (S-1-5-21-4183854035-1477589906-2272233396-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4183854035-1477589906-2272233396-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A Dwarf's Story (HKLM-x32\...\BFG-A Dwarf's Story) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E13CC139-F76A-FD1B-7348-7FF200715B65}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Beetle Ju 2 (HKLM-x32\...\Beetle Ju 2) (Version: - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Brickshooter Egypt (HKLM-x32\...\BFG-Brickshooter Egypt) (Version: - )
Bubble Snooker (HKLM-x32\...\Bubble Snooker) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.52 - Conexant)
Cradle of Rome 2 (HKLM-x32\...\BFG-Cradle of Rome 2) (Version: - )
Cursed House 3 (HKLM-x32\...\BFG-Cursed House 3) (Version: - )
Das Rettungsteam 5 (HKLM-x32\...\BFG-Das Rettungsteam 5) (Version: - )
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: - )
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Fishdom (HKLM-x32\...\BFG-Fishdom) (Version: - )
Goldfield (VOLLVERSION) (HKLM-x32\...\Goldfield (VOLLVERSION)) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gummy Drop! (HKLM-x32\...\BFG-Gummy Drop!) (Version: - )
Hühner-Rache (VOLLVERSION) (HKLM-x32\...\Hühner-Rache (VOLLVERSION)) (Version: - )
Imperial Island 3 (HKLM-x32\...\BFG-Imperial Island 3) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5BC2A343-DED5-40E8-8F64-472FD74D80EA}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jumping Jeff (HKLM-x32\...\Jumping Jeff) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10292 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
LG United Mobile Drivers (HKLM-x32\...\{8070D005-E454-4F1E-B85C-81EF31B58C35}) (Version: 3.11.2.0 - LG Electronics)
Luxor Amun Rising (HKLM-x32\...\BFG-Luxor Amun Rising) (Version: - )
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metal Chicken (HKLM-x32\...\Metal Chicken) (Version: - )
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MoorhuhnX (HKLM-x32\...\BFG-MoorhuhnX) (Version: - )
Next Stop 2 (HKLM-x32\...\BFG-Next Stop 2) (Version: - )
OEM Application Profile (HKLM-x32\...\{B7A04A71-5DDD-9FA5-66ED-C3CC33152388}) (Version: 1.00.0000 - Ihr Firmenname)
Planet Zet (VOLLVERSION) (HKLM-x32\...\Planet Zet (VOLLVERSION)) (Version: - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Shadowplay: Die Inkarnation des Bösen Sammleredition (HKLM-x32\...\BFG-Shadowplay - Die Inkarnation des Bösen Sammleredition) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.132 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Travel Riddles: Trip to India (HKLM-x32\...\BFG-Travel Riddles - Trip to India) (Version: - )
Unity Web Player (HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Whispered Secrets: Ewiges Feuer Sammleredition (HKLM-x32\...\BFG-Whispered Secrets - Ewiges Feuer Sammleredition) (Version: - )
World of Tanks (HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {112A1A05-23DB-4918-867E-B9EFF243FA18} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {317EAEBE-7AA5-4331-969D-327B452B35A2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {420B9A6A-E36F-4C7B-AC7E-F6E43C559EB9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {4239A3AF-1AA2-4909-9B52-2AC644FEA490} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {545492C9-DE14-420E-8CF3-E8CEFD2F55F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {5AD630C4-181B-438A-B3D9-C284957F8B7D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {7EA742F9-D9B9-4EC1-A349-8A394986842F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {93A5E216-699C-43B0-A4CC-FD32DE9DA4CC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {93BF74A8-CF14-4D90-B154-3FC813FE1451} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {984C9EFC-975F-49A7-A790-FBF33ACBE989} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {ACC1CEFA-CAAC-4ECF-BF4F-0261393DA134} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CA260D2F-4D66-4311-B620-F6A4F8F8CC77} - System32\Tasks\{FB43510D-0E15-42AA-8AF0-050513636E88} => pcalua.exe -a "C:\Program Files (x86)\Lenovo\VisualDiscovery\uninstall.exe"
Task: {CF3C311A-5D97-4ADD-9E4A-A8CB61121FC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.)
Task: {D1522440-7CDF-4846-92A7-C4C14D6FD1D5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E132739B-D60A-4ED7-9D3D-D5BA273D9C5A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {E62EE9E0-1336-44D6-A3FE-0303B5A00FDC} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Edith Adole\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-03-22 19:10 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-22 19:10 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-02-18 16:45 - 2014-10-22 10:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-02-18 07:36 - 2016-12-06 23:22 - 00401904 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-02-18 16:45 - 2014-10-22 10:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2014-09-03 11:03 - 2014-09-03 11:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-10 19:34 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-10 19:34 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:036B81D9 [193]
AlternateDataStreams: C:\ProgramData\Temp:0778CBF2 [102]
AlternateDataStreams: C:\ProgramData\Temp:160ADF0B [284]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:39D79675 [133]
AlternateDataStreams: C:\ProgramData\Temp:473A733D [144]
AlternateDataStreams: C:\ProgramData\Temp:4B4D7EF3 [147]
AlternateDataStreams: C:\ProgramData\Temp:73781C4C [124]
AlternateDataStreams: C:\ProgramData\Temp:797D4F54 [290]
AlternateDataStreams: C:\ProgramData\Temp:8277EEB5 [110]
AlternateDataStreams: C:\ProgramData\Temp:9B711F92 [149]
AlternateDataStreams: C:\ProgramData\Temp:CB3F19A5 [146]
AlternateDataStreams: C:\ProgramData\Temp:D8936165 [146]
AlternateDataStreams: C:\ProgramData\Temp:F1175E1D [147]
AlternateDataStreams: C:\ProgramData\Temp:F3029A65 [124]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "DownSpeedTest AppIntegrator 64-bit"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\StartupFolder: => "hqghumeaylnlf.lnk"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "EPSON53AF49 (Epson Stylus Office BX620FWD)"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4183854035-1477589906-2272233396-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C8471C9-F54E-411F-B088-8B09B00A4D70}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4B199FC5-BBED-42C8-A97D-ABB0BFFE5026}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{1843ABD5-A9EE-4423-90E0-EFCFC4C64147}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{D3E149EE-6B04-421C-81A8-93F2B7D49118}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{3B29D421-3D48-4BD8-BC07-3426EB30AB61}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{D9143FE6-D072-4E97-AFE0-60DF3922DC9F}] => (Allow) LPort=55100
FirewallRules: [{0D525D0D-76AA-446A-A8E2-959B3431E62F}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{42D3A887-DAB5-4EA2-8884-E0544263B6C5}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [{25A0F24F-9A34-47FB-B960-0786CCD543B2}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
FirewallRules: [TCP Query User{81BF6A79-4F0A-4E1C-BCA1-3D082DA113ED}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{1014B9C7-AD91-4CC2-A9D1-A5EF35AC35DE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{51D9A018-8727-45B8-BF67-B97840CB39F1}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{CB7FAC6C-862B-4EBF-8683-81929A0C02E5}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{6E994FC8-A272-43FF-A50C-A710328264AE}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{528037C6-450C-424C-9A7C-6A5BAC1DE462}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{A261D12E-DAB2-4610-9014-23EDC48E8B7E}C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{48E5CAA9-90FB-4342-B1FF-65A1B8564EBA}C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\edith adole\appdata\local\temp\dlg\exe\c265d2eabf1113a914152a17bd14d702\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{13AC6F7C-9527-40C4-983D-C74590B12C1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
04-03-2017 12:24:48 Windows Update
10-03-2017 14:03:24 Windows Update
22-03-2017 18:58:52 Windows Update
22-03-2017 19:37:14 Revo Uninstaller's restore point - Avast Free Antivirus
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/23/2017 06:02:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:19:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:18:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:17:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Edith Adole\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/23/2017 02:14:56 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/23/2017 02:14:56 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/23/2017 02:14:23 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Systemfehler:
=============
Error: (03/23/2017 02:19:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/23/2017 02:19:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDITHA~1\AppData\Local\Temp\ehdrv.sys
Error: (03/23/2017 02:19:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/23/2017 02:19:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDITHA~1\AppData\Local\Temp\ehdrv.sys
Error: (03/23/2017 02:19:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/23/2017 02:19:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\EDITHA~1\AppData\Local\Temp\ehdrv.sys
Error: (03/22/2017 09:27:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.30
registriert werden. Der Computer mit IP-Adresse 192.168.0.28 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (03/22/2017 09:26:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMChameleon" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/22/2017 09:25:31 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-4183854035-1477589906-2272233396-1001-03222017212531188-ntuser.dat
Error: (03/22/2017 09:22:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMChameleon" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity:
===================================
Date: 2016-01-04 16:47:55.746
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:55.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:55.468
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:55.322
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:54.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:54.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:54.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:53.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:53.784
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-04 16:47:53.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8106.45 MB
Verfügbarer physikalischer RAM: 5378.46 MB
Summe virtueller Speicher: 9386.45 MB
Verfügbarer virtueller Speicher: 6615.6 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:889.31 GB) (Free:808.67 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.86 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9FB829DD)
Partition: GPT.
==================== Ende von Addition.txt ============================
EDIT: Sehe gerade, dass ich TDDS Killer nicht mit den richtigen Parameter gestartet habe. Neuer Durchlauf mit den richtigen Paramter -> no threats found.... Geändert von calimero100 (23.03.2017 um 18:20 Uhr) |
|
24.03.2017, 20:16
| #9 |
| | IStartPageeing entfernen..... Hat sich erledigt. Mein Freund musste den Laptop wieder mitnehmen. Hab aber dieses Startup Eintrag von Istartpageeing noch irgendwie wegbekommen. Mit Zemana hats letztendlich geklappt. Trotzdem Danke für die Mühe |
|
24.03.2017, 21:18
| #10 |
| /// TB-Ausbilder | IStartPageeing entfernen..... Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu IStartPageeing entfernen..... |
| adobe, antivirus, avast, browser, cpu, defender, desktop, device driver, explorer, google, home, homepage, iexplore.exe, launch, popup, prozesse, realtek, registry, revo uninstaller, scan, services.exe, software, svchost.exe, system, trojaner, udp, usb, windows |
Linear-Darstellung
