Trojaner-Board
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   windows 8.1 mauszeiger springt unkontrolliert (https://www.trojaner-board.de/189951-windows-8-1-mauszeiger-springt-unkontrolliert.html)

marosa 07.05.2018 09:56
hallo cosinus, gestern war dann ummöglich die logs zu erstellen, der mauszeiger lies mir nichts mehr machen...jetzt nach einige versuche und mehrmals neustart, habe ich es geschafft. Aber es wird immer schwieriger mit dem pc etwas zu machen :-(((
Hier die Logs:

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06.05.2018 01
durchgeführt von maro (Administrator) auf IDEA-PC (07-05-2018 10:07:52)
Gestartet von C:\Users\maro\Downloads
Geladene Profile: maro (Verfügbare Profile: maro)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo Group Limited Company) C:\Program Files\Lenovo\Alpha\SpeedWatcherService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft) C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
(Microsoft) C:\Program Files (x86)\Lenovo\GamePortal\Services\IdeaTouch.LocalDataServer.Game.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Limited Company) C:\Program Files\Lenovo\Alpha\AppService.exe
(Lenovo) C:\Program Files\Lenovo\VRSDK\VrService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
() C:\Windows\System32\igfxTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\Real Protect\RealProtect.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Lenovo Group Limited Company) C:\Program Files\Lenovo\Alpha\WatcherService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
(Lenovo) C:\Program Files\Lenovo\LVT\LJYZ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Farbar) C:\Users\maro\Downloads\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13637336 2013-08-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [404376 2015-08-09] ()
HKLM\...\Run: [AlphaShell] => C:\Program Files\Lenovo\Alpha\WatcherService.exe [162576 2014-03-13] (Lenovo Group Limited Company)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-14] (AVAST Software)
HKLM-x32\...\Run: [Lenovo Silver Silk Wireless Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe [1742336 2013-08-14] (Lenovo)
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2012-12-20] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-12-14] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167640 2012-12-14] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\RunLEDS.exe [1752920 2012-09-18] (Lenovo)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [7165184 2018-04-29] (McAfee, Inc.)
HKLM-x32\...\RunOnce: [Kenudedul] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\maro\AppData\Roaming\Kapakefukake"
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] (Atheros Communications)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FamilySafetyGuide.lnk [2014-09-05]
ShortcutTarget: FamilySafetyGuide.lnk -> C:\Program Files\Lenovo\LenovoFamilySecurity\LenovoFamilySecurity.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{261DBBDF-37A0-4CB5-99BB-6259B0C244C1}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-256743273-220607553-549060437-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-256743273-220607553-549060437-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-256743273-220607553-549060437-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {5C96EB96-2718-4DA7-AE50-84966B5703AF} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {5C96EB96-2718-4DA7-AE50-84966B5703AF} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-256743273-220607553-549060437-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-256743273-220607553-549060437-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-256743273-220607553-549060437-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2018-05-01] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-18] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2018-05-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-01] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: q9q18j01.default-1510570972387
FF ProfilePath: C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387 [2018-05-06]
FF user.js: detected! => C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\user.js [2018-04-05]
FF Homepage: Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387 -> hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
FF Extension: (Web Security) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\contact@web-security.com.xpi [2018-04-05]
FF Extension: (Enhancer for YouTube™) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2018-04-29]
FF Extension: (uBlock Origin) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\uBlock0@raymondhill.net.xpi [2018-04-29]
FF Extension: (Avast Online Security) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\wrc@avast.com.xpi [2017-11-11]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2018-03-07]
FF SearchPlugin: C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\searchplugins\yahoo! powered.xml [2018-05-01]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2018-05-01] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2016-12-08] (Nitro PDF)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-256743273-220607553-549060437-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-14] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-14] (AVAST Software)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [150936 2018-02-25] (Byte Technologies LLC)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-04-04] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-04-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-04-23] (Dropbox, Inc.)
R2 HorizonTouchCentreSpeedUp; C:\Program Files\Lenovo\Alpha\SpeedWatcherService.exe [143632 2014-03-13] (Lenovo Group Limited Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [7680 2012-05-17] (Microsoft) [Datei ist nicht signiert]
R2 IdeaTouch.LocalDataServer.Game; C:\Program Files (x86)\Lenovo\GamePortal\Services\IdeaTouch.LocalDataServer.Game.exe [7680 2013-01-17] (Microsoft) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LenovoAppService; C:\Program Files\Lenovo\Alpha\AppService.exe [173328 2014-03-13] (Lenovo Limited Company)
R2 LenovoVRService; C:\Program Files\Lenovo\VRSDK\VrService.exe [121832 2013-05-23] (Lenovo)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
S4 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2016-12-08] (Nitro Software, Inc.)
S4 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2016-12-08] ()
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [297288 2018-05-01] (Byte Technologies LLC.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-31] (Atheros) [Datei ist nicht signiert]
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-04-14] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-07] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-07] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-07] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-07] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [227784 2018-04-14] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-04-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [147224 2018-04-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111352 2018-04-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-04-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-04-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-04-14] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-04-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-04-14] (AVAST Software)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-04-15] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 SensorsServiceDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 VMC412; C:\WINDOWS\System32\Drivers\VMC412.sys [232576 2012-09-24] (Vimicro Corporation)
R2 WBHWDOCT; C:\Program Files\Lenovo\Alpha\WBHWDOCT64.SYS [21656 2013-04-24] (Nuvoton Technology Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R0 WinI2C-DDC; C:\WINDOWS\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-07 10:07 - 2018-05-07 10:07 - 000000000 ____D C:\Users\maro\Downloads\FRST-OlderVersion
2018-05-06 10:58 - 2018-05-06 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2018-05-01 22:15 - 2018-05-01 22:15 - 000188886 _____ C:\Users\maro\Desktop\backup.zip 01.05.zip
2018-05-01 22:11 - 2018-05-01 22:10 - 000098760 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-05-01 22:11 - 2018-05-01 22:02 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2018-05-01 22:09 - 2018-05-01 22:09 - 001881544 _____ (Oracle Corporation) C:\Users\maro\Downloads\jre-8u171-windows-i586-iftw.exe
2018-05-01 22:06 - 2018-05-01 22:06 - 000000000 ____D C:\ProgramData\ByteFence
2018-05-01 22:02 - 2018-05-01 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-01 22:02 - 2018-05-01 22:02 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-05-01 22:02 - 2018-05-01 22:02 - 000018297 _____ C:\Users\maro\AppData\Roaming\Kapakefukake
2018-05-01 22:02 - 2018-05-01 22:02 - 000003924 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered lodid
2018-05-01 22:02 - 2018-05-01 22:02 - 000002612 _____ C:\WINDOWS\System32\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5}
2018-05-01 22:02 - 2018-05-01 22:02 - 000000000 ____D C:\Users\maro\AppData\Local\Ralalehop
2018-05-01 22:02 - 2018-05-01 22:02 - 000000000 ____D C:\Program Files\Java
2018-05-01 22:01 - 2018-05-06 17:29 - 000000000 ____D C:\Program Files\ByteFence
2018-05-01 22:01 - 2018-05-01 22:02 - 000000000 ____D C:\ProgramData\{B2F8779B-38BA-FD5D-BE7C-631F243EE8D1}
2018-05-01 22:01 - 2018-05-01 22:01 - 065365056 _____ (Oracle Corporation) C:\Users\maro\Downloads\jre-8u144-windows-x64.exe
2018-05-01 22:01 - 2018-05-01 22:01 - 000003364 _____ C:\WINDOWS\System32\Tasks\ByteFence
2018-05-01 22:01 - 2018-05-01 22:01 - 000000000 ____D C:\Users\maro\AppData\Local\{DBBAEDE6-FF12-815E-928A-A4B6B6E2582E}
2018-05-01 22:00 - 2018-05-01 22:00 - 002038290 _____ ( ) C:\Users\maro\Downloads\jre-8u144-windows-x64_1306518922.exe
2018-05-01 21:58 - 2018-05-01 21:58 - 007387624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\maro\Downloads\avg_antivirus_free_setup.exe
2018-05-01 21:32 - 2018-05-06 10:59 - 000001061 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-05-01 21:32 - 2018-05-06 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-05-01 21:32 - 2018-05-01 21:32 - 000000000 ____D C:\Program Files\VS Revo Group
2018-05-01 21:31 - 2018-05-01 21:31 - 007197480 _____ (VS Revo Group ) C:\Users\maro\Downloads\revosetup205.exe
2018-05-01 13:07 - 2018-04-29 16:05 - 000001238 _____ C:\Users\maro\Desktop\AdwCleaner[S01].txt
2018-05-01 13:07 - 2018-04-29 16:02 - 000003931 _____ C:\Users\maro\Desktop\AdwCleaner[C00].txt
2018-05-01 13:07 - 2018-04-29 16:01 - 000004460 _____ C:\Users\maro\Desktop\AdwCleaner[S00].txt
2018-05-01 12:55 - 2018-05-01 12:55 - 000001443 _____ C:\Users\maro\Desktop\Malwarebytes bericht.txt
2018-05-01 12:51 - 2018-05-01 12:51 - 000050161 _____ C:\Users\maro\Desktop\Addition.txt
2018-05-01 12:51 - 2018-05-01 12:51 - 000042013 _____ C:\Users\maro\Desktop\FRST.txt
2018-05-01 12:49 - 2018-05-01 12:50 - 000050158 _____ C:\Users\maro\Downloads\Addition.txt
2018-05-01 12:48 - 2018-05-07 10:08 - 000023150 _____ C:\Users\maro\Downloads\FRST.txt
2018-05-01 12:48 - 2018-05-07 10:07 - 000000000 ____D C:\FRST
2018-05-01 12:47 - 2018-05-07 10:07 - 002406912 _____ (Farbar) C:\Users\maro\Downloads\FRST64(1).exe
2018-04-29 16:08 - 2018-04-29 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-04-29 16:00 - 2018-04-29 16:00 - 007256272 _____ (Malwarebytes) C:\Users\maro\Downloads\adwcleaner_7.1.0.0.exe
2018-04-29 15:49 - 2018-04-29 15:49 - 000000112 ___RH C:\Users\maro\Downloads\Stinger.opt
2018-04-29 15:45 - 2018-04-29 15:49 - 000000000 ____D C:\Program Files (x86)\stinger
2018-04-29 15:45 - 2018-04-29 15:46 - 000000817 _____ C:\Users\maro\Downloads\Stinger_29042018_154533.html
2018-04-29 15:45 - 2018-04-29 15:45 - 016849504 _____ (McAfee Inc) C:\Users\maro\Downloads\stinger32_2737.exe
2018-04-29 15:45 - 2018-04-29 15:45 - 000000000 ____D C:\Program Files\McAfee
2018-04-23 15:49 - 2018-04-23 15:49 - 000003308 _____ C:\Users\maro\Desktop\RE-Nr.370 Herr Zmoos.pdf
2018-04-23 12:15 - 2018-04-23 12:15 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-04-23 12:15 - 2018-04-23 12:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-04-23 12:15 - 2018-04-23 12:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-04-23 12:15 - 2018-04-23 12:15 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-04-22 12:55 - 2018-04-22 12:55 - 000003050 _____ C:\Users\maro\Desktop\RE-Nr. 369 Birte Jans.pdf
2018-04-19 12:51 - 2018-04-19 12:51 - 002272777 _____ C:\Users\maro\Downloads\aktionsflyer_0218.pdf
2018-04-19 10:18 - 2018-04-19 10:18 - 000009452 _____ C:\Users\maro\Documents\cc_20180419_101852.reg
2018-04-18 18:34 - 2018-04-18 18:34 - 000003060 _____ C:\Users\maro\Desktop\RE-Nr. 368 KiTa.pdf
2018-04-16 09:53 - 2018-04-16 09:53 - 000473142 _____ C:\Users\maro\Desktop\FLT_C77X723132_0 Fahrt HH pentegoste.pdf
2018-04-15 19:54 - 2018-03-23 15:50 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-04-15 19:54 - 2018-03-23 01:00 - 025742336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-15 19:54 - 2018-03-22 23:26 - 020287488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-15 19:54 - 2018-03-22 23:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-15 19:54 - 2018-03-22 23:15 - 005780480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-15 19:54 - 2018-03-22 23:06 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-15 19:54 - 2018-03-22 22:52 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-15 19:54 - 2018-03-22 22:42 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-15 19:54 - 2018-03-22 22:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-15 19:54 - 2018-03-22 22:29 - 015282688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-15 19:54 - 2018-03-22 22:29 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-15 19:54 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-15 19:54 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-15 19:54 - 2018-03-22 22:27 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-15 19:54 - 2018-03-22 22:21 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-15 19:54 - 2018-03-22 22:20 - 013680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-15 19:54 - 2018-03-22 22:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-15 19:54 - 2018-03-22 22:15 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-15 19:54 - 2018-03-22 22:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-15 19:54 - 2018-03-22 22:15 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-15 19:54 - 2018-03-22 22:14 - 002059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-15 19:54 - 2018-03-22 22:04 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-15 19:54 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-15 19:54 - 2018-03-22 21:53 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-15 19:54 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-15 19:54 - 2018-03-22 21:51 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-15 19:54 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-15 19:54 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-15 19:54 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-15 19:54 - 2018-03-09 23:20 - 007405392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-15 19:54 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-15 19:54 - 2018-03-09 23:20 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-15 19:54 - 2018-03-09 23:20 - 001536112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-15 19:54 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-15 19:54 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-15 19:54 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-15 19:54 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-15 19:54 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-15 19:54 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-15 19:54 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-15 19:54 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-15 19:54 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2018-04-15 19:54 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2018-04-15 19:54 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-15 19:54 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-15 19:54 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-15 19:54 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-15 19:54 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-15 19:54 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-15 19:54 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-15 19:54 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-15 19:54 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-15 19:54 - 2018-02-09 19:44 - 000276304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-15 19:54 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-15 19:54 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-15 19:54 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-15 19:54 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-04-15 19:54 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-04-15 19:54 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-15 19:54 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-15 19:54 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-15 19:54 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-15 19:54 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-15 19:54 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-15 19:54 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-04-15 19:54 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-15 19:54 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-15 19:54 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-04-15 19:54 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-04-15 19:41 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-15 19:41 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-15 19:41 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-15 18:14 - 2018-04-15 18:14 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-04-15 18:14 - 2018-04-15 18:14 - 000001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-15 18:14 - 2018-04-15 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-15 18:14 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-04-15 18:13 - 2018-04-15 18:13 - 071942408 _____ (Malwarebytes ) C:\Users\maro\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4514.exe
2018-04-15 18:13 - 2018-04-15 18:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-14 15:40 - 2018-04-14 15:40 - 000016195 _____ C:\Users\maro\Documents\Anleitung Giacomino.odt
2018-04-14 13:18 - 2018-04-14 13:18 - 000027002 _____ C:\Users\maro\Documents\cc_20180414_131842.reg
2018-04-14 12:13 - 2018-04-14 12:13 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-04-09 16:04 - 2018-04-09 16:11 - 000000000 ____D C:\Users\maro\AppData\Local\Thunderbird
2018-04-09 16:04 - 2018-04-09 16:04 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-04-09 16:04 - 2018-04-09 16:04 - 000001216 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2018-04-09 16:04 - 2018-04-09 16:04 - 000000000 ____D C:\Users\maro\AppData\Roaming\Thunderbird
2018-04-09 16:04 - 2018-04-09 16:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-04-09 16:03 - 2018-04-09 16:03 - 040377696 _____ (Mozilla) C:\Users\maro\Downloads\Thunderbird Setup 52.7.0.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-07 10:07 - 2018-04-04 20:01 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-07 10:07 - 2017-03-25 13:07 - 000000000 ___RD C:\Users\maro\OneDrive
2018-05-07 10:07 - 2016-05-24 19:33 - 000000000 __SHD C:\Users\maro\IntelGraphicsProfiles
2018-05-06 17:32 - 2016-05-19 19:06 - 000003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-256743273-220607553-549060437-1001
2018-05-06 17:26 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-06 17:26 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-05-06 17:20 - 2016-11-19 18:03 - 000000000 ____D C:\Users\maro\AppData\LocalLow\Mozilla
2018-05-06 17:17 - 2017-06-07 10:05 - 000004168 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-06 11:07 - 2016-07-13 18:47 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-06 11:06 - 2018-04-04 20:01 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-06 11:03 - 2018-04-05 14:43 - 000000274 _____ C:\WINDOWS\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5}.job
2018-05-06 10:56 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-01 22:10 - 2016-06-16 16:53 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-01 22:03 - 2016-05-21 18:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-01 22:01 - 2018-04-05 14:43 - 000001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2018-05-01 21:53 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-01 21:51 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-01 21:42 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-05-01 21:32 - 2016-09-07 22:02 - 001485824 ___SH C:\Users\maro\Downloads\Thumbs.db
2018-05-01 13:16 - 2016-07-09 13:31 - 000300032 ___SH C:\Users\maro\Desktop\Thumbs.db
2018-05-01 13:10 - 2016-08-28 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-01 13:10 - 2016-05-21 18:36 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-04-29 16:08 - 2018-04-04 20:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-04-29 16:02 - 2017-09-05 15:54 - 000000000 ____D C:\Users\maro\AppData\Local\Downloaded Installations
2018-04-29 16:01 - 2017-11-13 14:05 - 000000000 ____D C:\AdwCleaner
2018-04-29 15:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-26 19:09 - 2017-05-28 15:23 - 000288256 ___SH C:\Users\maro\Documents\Thumbs.db
2018-04-25 22:53 - 2016-06-16 16:50 - 000000000 ____D C:\JEMAKO
2018-04-23 17:57 - 2016-05-21 21:24 - 000002179 _____ C:\Users\maro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2018-04-18 21:22 - 2018-03-22 19:20 - 000000000 ____D C:\Users\maro\AppData\Roaming\audacity
2018-04-17 20:28 - 2017-11-08 19:14 - 000000000 ____D C:\Users\maro\AppData\Roaming\Nitro
2018-04-16 17:40 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-04-16 10:13 - 2013-08-22 16:44 - 000430624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-16 10:06 - 2016-05-25 16:29 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-16 10:06 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-04-16 10:06 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-16 09:36 - 2014-11-21 05:35 - 001778202 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-16 09:36 - 2014-11-21 04:45 - 000762030 _____ C:\WINDOWS\system32\perfh007.dat
2018-04-16 09:36 - 2014-11-21 04:45 - 000158018 _____ C:\WINDOWS\system32\perfc007.dat
2018-04-15 21:09 - 2016-05-21 17:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-15 21:06 - 2017-10-12 21:49 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-15 21:06 - 2016-05-21 17:44 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-15 18:24 - 2018-04-04 20:01 - 000000000 ____D C:\Users\maro\AppData\Local\Dropbox
2018-04-15 18:20 - 2018-04-05 14:43 - 000000000 ____D C:\Users\maro\AppData\Local\Donod
2018-04-14 13:15 - 2016-08-31 11:47 - 000000000 ____D C:\Users\maro\AppData\Roaming\TeamViewer
2018-04-14 12:15 - 2017-06-07 10:05 - 000147224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-04-14 12:13 - 2017-12-29 14:54 - 000227784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-04-14 12:13 - 2017-11-11 13:35 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000111352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-04-13 15:14 - 2018-04-05 14:42 - 000000000 ____D C:\Users\maro\AppData\Roaming\Anvsoft
2018-04-13 15:07 - 2018-04-05 15:18 - 000000069 _____ C:\Users\maro\AppData\Roaming\WB.CFG

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-05-01 22:02 - 2018-05-01 22:02 - 000018297 _____ () C:\Users\maro\AppData\Roaming\Kapakefukake
2018-04-05 15:18 - 2018-04-13 15:07 - 000000069 _____ () C:\Users\maro\AppData\Roaming\WB.CFG
2018-01-09 13:27 - 2018-01-09 13:27 - 000002096 _____ () C:\Users\maro\AppData\Local\recently-used.xbel
2016-06-30 19:54 - 2016-06-30 19:54 - 000000017 _____ () C:\Users\maro\AppData\Local\resmon.resmoncfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5}.job


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-04-29 16:36

==================== Ende von FRST.txt ============================
--- --- ---


FRST Additions Logfile:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06.05.2018 01
durchgeführt von maro (07-05-2018 10:08:39)
Gestartet von C:\Users\maro\Downloads
Windows 8.1 (Update) (X64) (2016-05-24 17:32:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-256743273-220607553-549060437-500 - Administrator - Disabled)
Gast (S-1-5-21-256743273-220607553-549060437-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-256743273-220607553-549060437-1005 - Limited - Enabled)
maro (S-1-5-21-256743273-220607553-549060437-1001 - Administrator - Enabled) => C:\Users\maro

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)


Any Video Converter 6.2.3 (HKLM-x32\...\Any Video Converter) (Version: 6.2.3 - Anvsoft)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
Aura (HKLM\...\{25B12B46-CD1F-4FF3-9001-CD2EF366D929}) (Version: 1.3.0.0012 - Lenovo)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 3.19.0.0 - Byte Technologies LLC) <==== ACHTUNG
Comparing (HKLM-x32\...\{233EE2F2-EDA8-4C70-ABC3-D656D67D2CD5}) (Version: 1.00.2012.0921 - Tong child Research & Planning Co.,Ltd) Hidden
Comparing (HKLM-x32\...\InstallShield_{233EE2F2-EDA8-4C70-ABC3-D656D67D2CD5}) (Version: 1.00.2012.0921 - Tong child Research & Planning Co.,Ltd)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
DrawRace 2 (HKLM-x32\...\DrawRace2) (Version: 1.0.5 - Ubisoft Entertainment)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Dropbox (HKLM-x32\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EducationPortal (HKLM-x32\...\{65487538-FF20-421B-91DB-F6634B8D264C}) (Version: 5.00.012.0903 - Lenovo)
FamilySafetyGuide (HKLM-x32\...\{9A268503-5AB0-479E-9690-929BDEC55C00}) (Version: 1.00.0711 - lenovo)
Find the Differences (HKLM-x32\...\{EAA04F6D-6E10-4267-B824-C35D3B9E0155}) (Version: 1.00.2012.0920 - Tong child Research & Planning Co.,Ltd) Hidden
Find the Differences (HKLM-x32\...\InstallShield_{EAA04F6D-6E10-4267-B824-C35D3B9E0155}) (Version: 1.00.2012.0920 - Tong child Research & Planning Co.,Ltd)
Finding the Letters (HKLM-x32\...\{535FB733-FFCF-4460-8694-664A2F6C53B4}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
Finding the Letters (HKLM-x32\...\InstallShield_{535FB733-FFCF-4460-8694-664A2F6C53B4}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Fishing Joy (HKLM-x32\...\{A3C599FA-2CDD-43DB-B062-09A52CA9BFC6}) (Version: 1.10.1630 - CHUKONG)
FMW 1 (HKLM\...\{69851B81-35BF-4B1B-AE90-3B1D67DD8857}) (Version: 1.102.4 - AVG Technologies) Hidden
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
Fruits (HKLM-x32\...\{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
Fruits (HKLM-x32\...\InstallShield_{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
GamePortal (HKLM-x32\...\{AD741B21-068E-413B-89C6-C4E03FD3CDE2}) (Version: 5.0.013.0128 - Lenovo)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
King of Opera (HKLM-x32\...\KingOfOpera) (Version: 1.0.6 - Ubisoft Entertainment)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Air Hockey (HKLM-x32\...\Lenovo Air Hockey) (Version: 1.0.1308.292 - Lenovo)
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 41670) (Version: 3.8.0.41670.63 - Lenovo)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.01.53240 - Lenovo)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1511 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1511 - CyberLink Corp.)
Lenovo Roulette (HKLM-x32\...\Lenovo Roulette ) (Version: 1.0.1312.3 - Giantown Ltd.)
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo) Hidden
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\InstallShield_{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo Texas Hold'em (HKLM-x32\...\Lenovo Texas Hold'em) (Version: 1.01.016.0005 - Giantown Ltd.)
Lenovo Tycoon (HKLM-x32\...\Lenovo Tycoon) (Version: 1.0.1011.2644 - Giantown Ltd.)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3614 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3614 - CyberLink Corp.)
LenovoBestGuess (HKLM\...\{AA505B94-CE72-479E-8633-564237B2DAEE}) (Version: 1.0.3.4 - 北京友好互动科技发展有限公司)
LenovoColorCorner1 (HKLM\...\{2AA72727-59CC-4915-AF99-CDF231854FCD}) (Version: 1.0.3.2 - Youhao Interactive)
LenovoColorCorner2 (HKLM\...\{475871E9-59B9-4E8E-8CF5-D1A4219976D7}) (Version: 1.0.3.2 - 北京友好互动科技发展有限公司)
LenovoColorCorner3 (HKLM\...\{1D8267E6-F915-440C-B653-3F100CA1FA82}) (Version: 1.0.3.2 - 北京友好互动科技发展有限公司)
LenovoColorCorner4 (HKLM\...\{4967FFBB-75F1-4E43-9031-40F9748D3546}) (Version: 1.0.3.2 - 北京友好互动科技发展有限公司)
LibreOffice 5.3.6.1 (HKLM-x32\...\{A253D1A0-E992-4275-A420-CD1E84437BDF}) (Version: 5.3.6.1 - The Document Foundation)
Live TV (HKLM-x32\...\CFC101D7-0773-41ED-9CD1-B9EB842F9EC1) (Version: 3.1.3641 - FilmOn.TV Networks)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes Version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Mammals (HKLM-x32\...\{ACA58CEB-2F74-4095-ADB6-4C1BFB170F64}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
Mammals (HKLM-x32\...\InstallShield_{ACA58CEB-2F74-4095-ADB6-4C1BFB170F64}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Matching Roles (HKLM-x32\...\{92736E44-7608-4D80-9333-E40C82B7E8B3}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
Matching Roles (HKLM-x32\...\InstallShield_{92736E44-7608-4D80-9333-E40C82B7E8B3}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Surface 2.0 Runtime (HKLM-x32\...\{69C2B39D-F060-49AD-8877-01C4144A8424}) (Version: 2.0.21114.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.3.6691 - Mozilla)
Mozilla Thunderbird 52.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.7.0 (x86 de)) (Version: 52.7.0 - Mozilla)
Nitro Pro (HKLM\...\{33AD4634-88D7-48E1-9714-A07D02404EE9}) (Version: 11.0.3.134 - Nitro) Hidden
Nitro Pro (HKLM-x32\...\{a0a2828f-0a10-413d-ae15-d7bf0728ef5d}) (Version: 11.0.3.134 - Nitro)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Puzzle (HKLM-x32\...\{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
Puzzle (HKLM-x32\...\InstallShield_{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raiding Company (HKLM-x32\...\RaidingCompany) (Version: 1.0.6 - Ubisoft Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7007 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Snowflake Suite (HKLM-x32\...\{E03B9D73-3806-4466-97B1-75C4486F65DF}) (Version: 1.0 - Natural User Interface Technologies AB)
sudoku (HKLM-x32\...\{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
sudoku (HKLM-x32\...\InstallShield_{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
timer (HKLM-x32\...\{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
timer (HKLM-x32\...\InstallShield_{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
VRSDK (HKLM\...\{975D06C3-DA3D-439E-9628-E05B6EB3CF30}) (Version: 0.0.7.0000 - Lenovo)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24) (HKLM\...\4C8545EEB6143B6AD3858B5D1E0AEE76040B1435) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24) (HKLM\...\6849F67BACD4DA5A5B9D46803E6850D0BE8B3826) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Yahoo! Powered (HKLM-x32\...\{6F2F87EF-3FAF-566F-8E2F-26EF5EAFF56F}) (Version:  - ) <==== ACHTUNG

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-256743273-220607553-549060437-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-14] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-05-31] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Keine Datei
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2016-12-08] (Nitro PDF)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Keine Datei
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-05-31] (Qualcomm Atheros Commnucations)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-09] (Intel Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Keine Datei
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06DDCE35-4FDC-475F-867D-BA7767BD8E3D} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2018-02-25] (Byte Technologies LLC) <==== ACHTUNG
Task: {1BDB0BD8-6B4F-481A-A4F7-A2122CEED517} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-04-04] (Dropbox, Inc.)
Task: {3B3331F4-3338-49C4-A889-9D85A4D3AC99} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {43CB630C-44BE-452F-B6C8-170484862F75} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-04-04] (Dropbox, Inc.)
Task: {48C90FED-F876-4A6A-8387-26D0B1E3100C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {4CE0AC6C-242C-45D3-98C5-15CEDE0BE556} - System32\Tasks\Lenovo Alpha AppUtility => C:\Program Files\Lenovo\Alpha\AlphaAppUtility.exe [2014-03-13] (Lenovo Limited Company)
Task: {5779E4AC-6070-40E2-8938-872B881AF242} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {6B71DB34-C7A1-41DF-AD10-EE34C0506CCE} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {71DFD2DB-3448-4B90-996E-E25769AA2802} - System32\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5} => C:\Users\maro\AppData\Local\Ralalehop\sync.exe [2013-04-11] ()
Task: {9F837D74-4E06-48B3-826A-07E2B67D8227} - System32\Tasks\Yahoo! Powered lodid => "wscript.exe" "C:\ProgramData\{B2F8779B-38BA-FD5D-BE7C-631F243EE8D1}\dota.txt" "68747470733a2f2f643277763764656e63316a78397a2e636c6f756466726f6e742e6e6574" "//B" "//E:jscript" "--IsErIk" <==== ACHTUNG
Task: {A6A89A86-8091-41D5-89B3-E3D6E1A79325} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {BC6F37C6-BA47-4D98-8141-49D01D59506B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-12-14] (CyberLink)
Task: {CE38B2BD-C0DE-443C-9DFE-834F4944A639} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {CF8AC94D-8A1D-4716-B1D2-931C41149AE6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-14] (AVAST Software)
Task: {CF8E09DB-4871-41EF-A5EE-7607C4F47642} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-04-14] (AVAST Software)
Task: {D1368C88-40DD-422B-90C2-9B4FFD9C192C} - System32\Tasks\LenovoUserActionCollectionUploadTask => rundll32.exe "C:\Program Files\Lenovo\Alpha\UserActionCollectionNative.dll",RunDll32_RunUACTask
Task: {D81E6F35-181E-4838-A829-EFA06D53155C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {D87D6696-1550-41FC-9DAD-E98DDB47E794} - System32\Tasks\Lenovo\Lenovo-615 => C:\ProgramData\Lenovo-615.vbs [2014-09-05] () <==== ACHTUNG
Task: {D90316FF-97F8-45AC-9CEC-C1E1EE03B875} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {E5D61047-FD25-4072-B294-93FF909DF535} - System32\Tasks\Lenovo Alpha Upgrade Service => C:\ProgramData\Lenovo\Alpha\Upgrade\Upgrade.exe [2014-03-13] (Lenovo Limited Company)
Task: {E6621B5F-D02A-43A1-9F63-031840BA8A52} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {F13AF3FF-6BBA-4DA9-BDC3-3B8FE5C18D96} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5}.job => C:\Users\maro\AppData\Local\RALALE~1\sync.exe <==== ACHTUNG

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-15 18:14 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-08-09 04:50 - 2015-08-09 04:50 - 000404376 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-05-31 01:23 - 2013-05-31 01:23 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-31 01:19 - 2013-05-31 01:19 - 000086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-31 01:53 - 2013-05-31 01:53 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-09-05 22:08 - 2013-03-20 09:47 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-11-03 11:48 - 2011-11-03 11:48 - 000056320 _____ () C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skfunc.dll
2018-04-14 12:13 - 2018-04-14 12:13 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-07 14:38 - 2018-03-07 14:38 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-04-14 12:13 - 2018-04-14 12:13 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-04-14 12:13 - 2018-04-14 12:13 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-14 12:13 - 2018-04-14 12:13 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-256743273-220607553-549060437-1001\...\localhost -> localhost

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2018-05-06 17:26 - 000002103 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-256743273-220607553-549060437-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img7.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NitroDriverReadSpool11 => 2
MSCONFIG\Services: NitroUpdateService => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "FamilySafetyGuide.lnk"
HKLM\...\StartupApproved\Run32: => "AvgUi"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{54B0D4E4-4E66-4A71-BF9C-D589F7AABE7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5675B021-1D58-43DC-9180-5CCCFA4BF7E1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F505EC2E-AD1D-4D51-80AA-D07825735435}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
FirewallRules: [UDP Query User{E3ACF3BC-20EA-49D5-86C7-1BC325347528}C:\program files\lenovo\touch game\poker\bin\poker.exe] => (Allow) C:\program files\lenovo\touch game\poker\bin\poker.exe
FirewallRules: [TCP Query User{72D2FE09-9EA1-4F60-8771-F0C69EAC473B}C:\program files\lenovo\touch game\poker\bin\poker.exe] => (Allow) C:\program files\lenovo\touch game\poker\bin\poker.exe
FirewallRules: [TCP Query User{9B11F36A-2BAB-4196-B78A-3746A6C69583}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{DE9187B8-9FF1-4AFA-9296-9195881F2818}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [TCP Query User{BB3139D3-7168-4CAF-A3CE-95931CDD5DB4}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{6A408340-81E1-4458-A130-76B7692D0E7E}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{51DF4880-E7A2-4E47-8C80-A4615673FE41}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{170E7BFB-DA0F-404D-ACC5-789875AB271F}] => (Allow) LPort=2869
FirewallRules: [{5E3714B3-944B-402F-9551-3F7D18759D9D}] => (Allow) LPort=1900
FirewallRules: [{2678CA84-059D-432C-8848-E8D5040DF36F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4BC87415-A09A-4240-AB06-0789DE02768F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B5AD6FDE-03E6-49BA-910A-97EB4B3349A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DB44D69A-CA8E-4F8D-8B38-A26E64E2D0FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BEA7739C-558F-4708-93C8-B60CCFBBD74C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{30655480-1A6A-454F-A1CA-6F1B88D4E839}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{617BFFE6-AAE3-450D-B946-F1FB351C3F0F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe

==================== Wiederherstellungspunkte =========================

04-04-2018 19:44:43 Geplanter Prüfpunkt
13-04-2018 15:46:46 Geplanter Prüfpunkt
23-04-2018 17:09:14 Geplanter Prüfpunkt
01-05-2018 21:43:11 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
01-05-2018 21:43:50 Removed Adobe Acrobat Reader DC - Deutsch.
01-05-2018 21:46:34 Revo Uninstaller's restore point - Adobe AIR
01-05-2018 21:47:54 Revo Uninstaller's restore point - Adobe AIR
01-05-2018 21:48:42 Revo Uninstaller's restore point - Adobe AIR
01-05-2018 21:49:54 Revo Uninstaller's restore point - CCleaner
01-05-2018 21:51:07 Revo Uninstaller's restore point - Adobe Flash Player 29 NPAPI
01-05-2018 21:54:07 Revo Uninstaller's restore point - Java 8 Update 144
01-05-2018 21:54:21 Removed Java 8 Update 144
06-05-2018 10:59:55 Revo Uninstaller's restore point - Avast Free Antivirus
06-05-2018 11:05:38 Revo Uninstaller's restore point - Avast Secure Browser
06-05-2018 17:28:57 Revo Uninstaller's restore point - Mammals

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Virtueller Microsoft-Adapter für direktes WiFi
Description: Virtueller Microsoft-Adapter für direktes WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/06/2018 05:35:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b3c

Startzeit: 01d3e54ed51decc3

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe

Berichts-ID: 220e8008-5143-11e8-bfe8-3010b3675d33

Vollständiger Name des fehlerhaften Pakets: C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhj

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/06/2018 05:28:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {1bf7e313-8582-4ef9-a4fa-b3b825ecc343}

Error: (05/06/2018 10:59:55 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {0a3ee7a9-9ae0-4699-b865-9ec7a6975cf1}

Error: (05/01/2018 09:43:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {74d6e2de-2d1f-4088-8e85-cb0823e9c2bc}

Error: (05/01/2018 09:34:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 22b0

Startzeit: 01d3e182ac3a5787

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 9fc36073-4d76-11e8-bfe5-3010b3675d33

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/01/2018 05:22:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2334

Startzeit: 01d3e15f727dc7cc

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 660ff52a-4d53-11e8-bfe5-3010b3675d33

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/01/2018 01:08:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2618

Startzeit: 01d3e13c07724024

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: fb2ed7bd-4d2f-11e8-bfe5-3010b3675d33

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/01/2018 12:53:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17e4

Startzeit: 01d3e139ef005cbd

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: e2b63e6c-4d2d-11e8-bfe5-3010b3675d33

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


Systemfehler:
=============
Error: (05/06/2018 05:28:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "%1!s! Update-Dienst (avast)" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (05/06/2018 05:26:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/06/2018 05:26:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVG Service erreicht.

Error: (05/06/2018 11:11:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "%1!s! Update-Dienst (avast)" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (05/06/2018 11:09:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/06/2018 11:09:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVG Service erreicht.

Error: (05/01/2018 10:04:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/01/2018 10:04:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVG Service erreicht.


Windows Defender:
===================================
Date: 2017-06-07 09:59:04.517
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 116.12.0.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: Netzwerkinspektionssystem
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 2.1.12706.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.

Date: 2017-06-07 09:59:04.517
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.225.1391.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.12902.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.

Date: 2017-06-07 09:59:04.517
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.225.1391.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.12902.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.

Date: 2017-06-07 09:59:04.470
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.225.1391.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.12902.0
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

Date: 2017-06-07 09:57:02.006
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 116.12.0.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: Netzwerkinspektionssystem
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 2.1.12706.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.

CodeIntegrity:
===================================

Date: 2018-02-18 11:30:26.022
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-18 11:30:25.272
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-18 11:30:24.512
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-18 11:30:23.747
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-18 11:30:23.044
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-18 11:30:22.286
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-18 11:30:21.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-18 11:30:20.739
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 4007.55 MB
Verfügbarer physikalischer RAM: 2035.48 MB
Summe virtueller Speicher: 4903.55 MB
Verfügbarer virtueller Speicher: 2986.59 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:437.74 GB) (Free:388.37 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

\\?\Volume{919be26f-42b3-4176-a154-cd1d3603578e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{e4d63edc-bf6b-4842-9f1d-99da2bfd955a}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS
\\?\Volume{8da0c8f3-a764-4238-aeef-07446855d720}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS
\\?\Volume{d24c2a92-a3df-4232-bdb7-7d16c98f8f70}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS
\\?\Volume{cf4f27af-e4d0-4ee2-80c3-2c972228b148}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS
\\?\Volume{94cb1483-0032-40f8-94ff-fa8f699597c8}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:5.17 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 81B71BEE)

Partition: GPT.

==================== Ende von Addition.txt ============================
--- --- ---

marosa 07.05.2018 10:05

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06.05.2018 01
durchgeführt von maro (Administrator) auf IDEA-PC (07-05-2018 10:07:52)
Gestartet von C:\Users\maro\Downloads
Geladene Profile: maro (Verfügbare Profile: maro)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo Group Limited Company) C:\Program Files\Lenovo\Alpha\SpeedWatcherService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft) C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
(Microsoft) C:\Program Files (x86)\Lenovo\GamePortal\Services\IdeaTouch.LocalDataServer.Game.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Limited Company) C:\Program Files\Lenovo\Alpha\AppService.exe
(Lenovo) C:\Program Files\Lenovo\VRSDK\VrService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
() C:\Windows\System32\igfxTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\Real Protect\RealProtect.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Lenovo Group Limited Company) C:\Program Files\Lenovo\Alpha\WatcherService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
(Lenovo) C:\Program Files\Lenovo\LVT\LJYZ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Farbar) C:\Users\maro\Downloads\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13637336 2013-08-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [404376 2015-08-09] ()
HKLM\...\Run: [AlphaShell] => C:\Program Files\Lenovo\Alpha\WatcherService.exe [162576 2014-03-13] (Lenovo Group Limited Company)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-14] (AVAST Software)
HKLM-x32\...\Run: [Lenovo Silver Silk Wireless Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe [1742336 2013-08-14] (Lenovo)
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2012-12-20] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-12-14] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167640 2012-12-14] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\RunLEDS.exe [1752920 2012-09-18] (Lenovo)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\...\RunOnce: [RealProtect] => C:\Program Files\McAfee\Real Protect\RealProtect.exe [7165184 2018-04-29] (McAfee, Inc.)
HKLM-x32\...\RunOnce: [Kenudedul] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\maro\AppData\Roaming\Kapakefukake"
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] (Atheros Communications)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FamilySafetyGuide.lnk [2014-09-05]
ShortcutTarget: FamilySafetyGuide.lnk -> C:\Program Files\Lenovo\LenovoFamilySecurity\LenovoFamilySecurity.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{261DBBDF-37A0-4CB5-99BB-6259B0C244C1}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-256743273-220607553-549060437-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-256743273-220607553-549060437-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-256743273-220607553-549060437-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {5C96EB96-2718-4DA7-AE50-84966B5703AF} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {5C96EB96-2718-4DA7-AE50-84966B5703AF} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-256743273-220607553-549060437-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-256743273-220607553-549060437-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-256743273-220607553-549060437-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2018-05-01] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-18] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2018-05-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-01] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: q9q18j01.default-1510570972387
FF ProfilePath: C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387 [2018-05-06]
FF user.js: detected! => C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\user.js [2018-04-05]
FF Homepage: Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387 -> hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_filhrs_18_18_19&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutAtDtCtD0BtAyCyByD0DtAtAzzyDtCtDtN0D0Tzu0StBtAtCtBtN1L2XzuyEtFtByEtFtDtFyBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StD0ByD0FyE0D0FyBtGtDtByEtBtGyB0EyBzztGyEzy0C0EtGtByCzy0FyBtC0FtCyEtCtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzz1PtB1TyC1StDtG1QtD1R1OtGyEtA1P1PtGzzzztBzztG1Ozz1OyDyEyE1PtByD1SyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtByDtBtDyEzytDyB%26cr%3D1870154215%26a%3Dwbf_filhrs_18_18_19%26os_ver%3D6.3%26os%3DWindows%2B8.1
FF Extension: (Web Security) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\contact@web-security.com.xpi [2018-04-05]
FF Extension: (Enhancer for YouTube™) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2018-04-29]
FF Extension: (uBlock Origin) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\uBlock0@raymondhill.net.xpi [2018-04-29]
FF Extension: (Avast Online Security) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\wrc@avast.com.xpi [2017-11-11]
FF Extension: (Simple YouTube MP3 Button) - C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2018-03-07]
FF SearchPlugin: C:\Users\maro\AppData\Roaming\Mozilla\Firefox\Profiles\q9q18j01.default-1510570972387\searchplugins\yahoo! powered.xml [2018-05-01]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2018-05-01] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2016-12-08] (Nitro PDF)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-256743273-220607553-549060437-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-14] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-14] (AVAST Software)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [150936 2018-02-25] (Byte Technologies LLC)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-04-04] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-04-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-04-23] (Dropbox, Inc.)
R2 HorizonTouchCentreSpeedUp; C:\Program Files\Lenovo\Alpha\SpeedWatcherService.exe [143632 2014-03-13] (Lenovo Group Limited Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [7680 2012-05-17] (Microsoft) [Datei ist nicht signiert]
R2 IdeaTouch.LocalDataServer.Game; C:\Program Files (x86)\Lenovo\GamePortal\Services\IdeaTouch.LocalDataServer.Game.exe [7680 2013-01-17] (Microsoft) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LenovoAppService; C:\Program Files\Lenovo\Alpha\AppService.exe [173328 2014-03-13] (Lenovo Limited Company)
R2 LenovoVRService; C:\Program Files\Lenovo\VRSDK\VrService.exe [121832 2013-05-23] (Lenovo)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
S4 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2016-12-08] (Nitro Software, Inc.)
S4 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2016-12-08] ()
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [297288 2018-05-01] (Byte Technologies LLC.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-31] (Atheros) [Datei ist nicht signiert]
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-04-14] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-07] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-07] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-07] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-07] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [227784 2018-04-14] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-04-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [147224 2018-04-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111352 2018-04-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-04-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-04-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-04-14] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-04-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-04-14] (AVAST Software)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-04-15] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 SensorsServiceDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 VMC412; C:\WINDOWS\System32\Drivers\VMC412.sys [232576 2012-09-24] (Vimicro Corporation)
R2 WBHWDOCT; C:\Program Files\Lenovo\Alpha\WBHWDOCT64.SYS [21656 2013-04-24] (Nuvoton Technology Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R0 WinI2C-DDC; C:\WINDOWS\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-07 10:07 - 2018-05-07 10:07 - 000000000 ____D C:\Users\maro\Downloads\FRST-OlderVersion
2018-05-06 10:58 - 2018-05-06 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2018-05-01 22:15 - 2018-05-01 22:15 - 000188886 _____ C:\Users\maro\Desktop\backup.zip 01.05.zip
2018-05-01 22:11 - 2018-05-01 22:10 - 000098760 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-05-01 22:11 - 2018-05-01 22:02 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2018-05-01 22:09 - 2018-05-01 22:09 - 001881544 _____ (Oracle Corporation) C:\Users\maro\Downloads\jre-8u171-windows-i586-iftw.exe
2018-05-01 22:06 - 2018-05-01 22:06 - 000000000 ____D C:\ProgramData\ByteFence
2018-05-01 22:02 - 2018-05-01 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-01 22:02 - 2018-05-01 22:02 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-05-01 22:02 - 2018-05-01 22:02 - 000018297 _____ C:\Users\maro\AppData\Roaming\Kapakefukake
2018-05-01 22:02 - 2018-05-01 22:02 - 000003924 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered lodid
2018-05-01 22:02 - 2018-05-01 22:02 - 000002612 _____ C:\WINDOWS\System32\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5}
2018-05-01 22:02 - 2018-05-01 22:02 - 000000000 ____D C:\Users\maro\AppData\Local\Ralalehop
2018-05-01 22:02 - 2018-05-01 22:02 - 000000000 ____D C:\Program Files\Java
2018-05-01 22:01 - 2018-05-06 17:29 - 000000000 ____D C:\Program Files\ByteFence
2018-05-01 22:01 - 2018-05-01 22:02 - 000000000 ____D C:\ProgramData\{B2F8779B-38BA-FD5D-BE7C-631F243EE8D1}
2018-05-01 22:01 - 2018-05-01 22:01 - 065365056 _____ (Oracle Corporation) C:\Users\maro\Downloads\jre-8u144-windows-x64.exe
2018-05-01 22:01 - 2018-05-01 22:01 - 000003364 _____ C:\WINDOWS\System32\Tasks\ByteFence
2018-05-01 22:01 - 2018-05-01 22:01 - 000000000 ____D C:\Users\maro\AppData\Local\{DBBAEDE6-FF12-815E-928A-A4B6B6E2582E}
2018-05-01 22:00 - 2018-05-01 22:00 - 002038290 _____ ( ) C:\Users\maro\Downloads\jre-8u144-windows-x64_1306518922.exe
2018-05-01 21:58 - 2018-05-01 21:58 - 007387624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\maro\Downloads\avg_antivirus_free_setup.exe
2018-05-01 21:32 - 2018-05-06 10:59 - 000001061 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-05-01 21:32 - 2018-05-06 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-05-01 21:32 - 2018-05-01 21:32 - 000000000 ____D C:\Program Files\VS Revo Group
2018-05-01 21:31 - 2018-05-01 21:31 - 007197480 _____ (VS Revo Group ) C:\Users\maro\Downloads\revosetup205.exe
2018-05-01 13:07 - 2018-04-29 16:05 - 000001238 _____ C:\Users\maro\Desktop\AdwCleaner[S01].txt
2018-05-01 13:07 - 2018-04-29 16:02 - 000003931 _____ C:\Users\maro\Desktop\AdwCleaner[C00].txt
2018-05-01 13:07 - 2018-04-29 16:01 - 000004460 _____ C:\Users\maro\Desktop\AdwCleaner[S00].txt
2018-05-01 12:55 - 2018-05-01 12:55 - 000001443 _____ C:\Users\maro\Desktop\Malwarebytes bericht.txt
2018-05-01 12:51 - 2018-05-01 12:51 - 000050161 _____ C:\Users\maro\Desktop\Addition.txt
2018-05-01 12:51 - 2018-05-01 12:51 - 000042013 _____ C:\Users\maro\Desktop\FRST.txt
2018-05-01 12:49 - 2018-05-01 12:50 - 000050158 _____ C:\Users\maro\Downloads\Addition.txt
2018-05-01 12:48 - 2018-05-07 10:08 - 000023150 _____ C:\Users\maro\Downloads\FRST.txt
2018-05-01 12:48 - 2018-05-07 10:07 - 000000000 ____D C:\FRST
2018-05-01 12:47 - 2018-05-07 10:07 - 002406912 _____ (Farbar) C:\Users\maro\Downloads\FRST64(1).exe
2018-04-29 16:08 - 2018-04-29 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-04-29 16:00 - 2018-04-29 16:00 - 007256272 _____ (Malwarebytes) C:\Users\maro\Downloads\adwcleaner_7.1.0.0.exe
2018-04-29 15:49 - 2018-04-29 15:49 - 000000112 ___RH C:\Users\maro\Downloads\Stinger.opt
2018-04-29 15:45 - 2018-04-29 15:49 - 000000000 ____D C:\Program Files (x86)\stinger
2018-04-29 15:45 - 2018-04-29 15:46 - 000000817 _____ C:\Users\maro\Downloads\Stinger_29042018_154533.html
2018-04-29 15:45 - 2018-04-29 15:45 - 016849504 _____ (McAfee Inc) C:\Users\maro\Downloads\stinger32_2737.exe
2018-04-29 15:45 - 2018-04-29 15:45 - 000000000 ____D C:\Program Files\McAfee
2018-04-23 15:49 - 2018-04-23 15:49 - 000003308 _____ C:\Users\maro\Desktop\RE-Nr.370 Herr Zmoos.pdf
2018-04-23 12:15 - 2018-04-23 12:15 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-04-23 12:15 - 2018-04-23 12:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-04-23 12:15 - 2018-04-23 12:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-04-23 12:15 - 2018-04-23 12:15 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-04-22 12:55 - 2018-04-22 12:55 - 000003050 _____ C:\Users\maro\Desktop\RE-Nr. 369 Birte Jans.pdf
2018-04-19 12:51 - 2018-04-19 12:51 - 002272777 _____ C:\Users\maro\Downloads\aktionsflyer_0218.pdf
2018-04-19 10:18 - 2018-04-19 10:18 - 000009452 _____ C:\Users\maro\Documents\cc_20180419_101852.reg
2018-04-18 18:34 - 2018-04-18 18:34 - 000003060 _____ C:\Users\maro\Desktop\RE-Nr. 368 KiTa.pdf
2018-04-16 09:53 - 2018-04-16 09:53 - 000473142 _____ C:\Users\maro\Desktop\FLT_C77X723132_0 Fahrt HH pentegoste.pdf
2018-04-15 19:54 - 2018-03-23 15:50 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-04-15 19:54 - 2018-03-23 01:00 - 025742336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-15 19:54 - 2018-03-22 23:26 - 020287488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-15 19:54 - 2018-03-22 23:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-15 19:54 - 2018-03-22 23:15 - 005780480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-15 19:54 - 2018-03-22 23:06 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-15 19:54 - 2018-03-22 22:52 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-15 19:54 - 2018-03-22 22:42 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-15 19:54 - 2018-03-22 22:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-15 19:54 - 2018-03-22 22:29 - 015282688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-15 19:54 - 2018-03-22 22:29 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-15 19:54 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-15 19:54 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-15 19:54 - 2018-03-22 22:27 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-15 19:54 - 2018-03-22 22:21 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-15 19:54 - 2018-03-22 22:20 - 013680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-15 19:54 - 2018-03-22 22:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-15 19:54 - 2018-03-22 22:15 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-15 19:54 - 2018-03-22 22:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-15 19:54 - 2018-03-22 22:15 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-15 19:54 - 2018-03-22 22:14 - 002059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-15 19:54 - 2018-03-22 22:04 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-15 19:54 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-15 19:54 - 2018-03-22 21:53 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-15 19:54 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-15 19:54 - 2018-03-22 21:51 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-15 19:54 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-15 19:54 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-15 19:54 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-15 19:54 - 2018-03-09 23:20 - 007405392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-15 19:54 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-15 19:54 - 2018-03-09 23:20 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-15 19:54 - 2018-03-09 23:20 - 001536112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-15 19:54 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-15 19:54 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-15 19:54 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-15 19:54 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-15 19:54 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-15 19:54 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-15 19:54 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-15 19:54 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-15 19:54 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2018-04-15 19:54 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2018-04-15 19:54 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-15 19:54 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-15 19:54 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-15 19:54 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-15 19:54 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-15 19:54 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-15 19:54 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-15 19:54 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-15 19:54 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-15 19:54 - 2018-02-09 19:44 - 000276304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-15 19:54 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-15 19:54 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-15 19:54 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-15 19:54 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-04-15 19:54 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-04-15 19:54 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-15 19:54 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-15 19:54 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-15 19:54 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-15 19:54 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-15 19:54 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-15 19:54 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-04-15 19:54 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-15 19:54 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-15 19:54 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-04-15 19:54 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-04-15 19:41 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-15 19:41 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-15 19:41 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-15 19:41 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-15 18:14 - 2018-04-15 18:14 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-04-15 18:14 - 2018-04-15 18:14 - 000001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-15 18:14 - 2018-04-15 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-15 18:14 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-04-15 18:13 - 2018-04-15 18:13 - 071942408 _____ (Malwarebytes ) C:\Users\maro\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4514.exe
2018-04-15 18:13 - 2018-04-15 18:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-14 15:40 - 2018-04-14 15:40 - 000016195 _____ C:\Users\maro\Documents\Anleitung Giacomino.odt
2018-04-14 13:18 - 2018-04-14 13:18 - 000027002 _____ C:\Users\maro\Documents\cc_20180414_131842.reg
2018-04-14 12:13 - 2018-04-14 12:13 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-04-09 16:04 - 2018-04-09 16:11 - 000000000 ____D C:\Users\maro\AppData\Local\Thunderbird
2018-04-09 16:04 - 2018-04-09 16:04 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-04-09 16:04 - 2018-04-09 16:04 - 000001216 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2018-04-09 16:04 - 2018-04-09 16:04 - 000000000 ____D C:\Users\maro\AppData\Roaming\Thunderbird
2018-04-09 16:04 - 2018-04-09 16:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-04-09 16:03 - 2018-04-09 16:03 - 040377696 _____ (Mozilla) C:\Users\maro\Downloads\Thunderbird Setup 52.7.0.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-07 10:07 - 2018-04-04 20:01 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-07 10:07 - 2017-03-25 13:07 - 000000000 ___RD C:\Users\maro\OneDrive
2018-05-07 10:07 - 2016-05-24 19:33 - 000000000 __SHD C:\Users\maro\IntelGraphicsProfiles
2018-05-06 17:32 - 2016-05-19 19:06 - 000003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-256743273-220607553-549060437-1001
2018-05-06 17:26 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-06 17:26 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-05-06 17:20 - 2016-11-19 18:03 - 000000000 ____D C:\Users\maro\AppData\LocalLow\Mozilla
2018-05-06 17:17 - 2017-06-07 10:05 - 000004168 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-06 11:07 - 2016-07-13 18:47 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-06 11:06 - 2018-04-04 20:01 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-06 11:03 - 2018-04-05 14:43 - 000000274 _____ C:\WINDOWS\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5}.job
2018-05-06 10:56 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-01 22:10 - 2016-06-16 16:53 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-01 22:03 - 2016-05-21 18:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-01 22:01 - 2018-04-05 14:43 - 000001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2018-05-01 21:53 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-01 21:51 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-01 21:42 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-05-01 21:32 - 2016-09-07 22:02 - 001485824 ___SH C:\Users\maro\Downloads\Thumbs.db
2018-05-01 13:16 - 2016-07-09 13:31 - 000300032 ___SH C:\Users\maro\Desktop\Thumbs.db
2018-05-01 13:10 - 2016-08-28 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-01 13:10 - 2016-05-21 18:36 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-04-29 16:08 - 2018-04-04 20:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-04-29 16:02 - 2017-09-05 15:54 - 000000000 ____D C:\Users\maro\AppData\Local\Downloaded Installations
2018-04-29 16:01 - 2017-11-13 14:05 - 000000000 ____D C:\AdwCleaner
2018-04-29 15:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-26 19:09 - 2017-05-28 15:23 - 000288256 ___SH C:\Users\maro\Documents\Thumbs.db
2018-04-25 22:53 - 2016-06-16 16:50 - 000000000 ____D C:\JEMAKO
2018-04-23 17:57 - 2016-05-21 21:24 - 000002179 _____ C:\Users\maro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
2018-04-18 21:22 - 2018-03-22 19:20 - 000000000 ____D C:\Users\maro\AppData\Roaming\audacity
2018-04-17 20:28 - 2017-11-08 19:14 - 000000000 ____D C:\Users\maro\AppData\Roaming\Nitro
2018-04-16 17:40 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-04-16 10:13 - 2013-08-22 16:44 - 000430624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-16 10:06 - 2016-05-25 16:29 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-16 10:06 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-04-16 10:06 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-16 09:36 - 2014-11-21 05:35 - 001778202 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-16 09:36 - 2014-11-21 04:45 - 000762030 _____ C:\WINDOWS\system32\perfh007.dat
2018-04-16 09:36 - 2014-11-21 04:45 - 000158018 _____ C:\WINDOWS\system32\perfc007.dat
2018-04-15 21:09 - 2016-05-21 17:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-15 21:06 - 2017-10-12 21:49 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-15 21:06 - 2016-05-21 17:44 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-15 18:24 - 2018-04-04 20:01 - 000000000 ____D C:\Users\maro\AppData\Local\Dropbox
2018-04-15 18:20 - 2018-04-05 14:43 - 000000000 ____D C:\Users\maro\AppData\Local\Donod
2018-04-14 13:15 - 2016-08-31 11:47 - 000000000 ____D C:\Users\maro\AppData\Roaming\TeamViewer
2018-04-14 12:15 - 2017-06-07 10:05 - 000147224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-04-14 12:13 - 2017-12-29 14:54 - 000227784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-04-14 12:13 - 2017-11-11 13:35 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000111352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-04-14 12:13 - 2017-06-07 10:05 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-04-13 15:14 - 2018-04-05 14:42 - 000000000 ____D C:\Users\maro\AppData\Roaming\Anvsoft
2018-04-13 15:07 - 2018-04-05 15:18 - 000000069 _____ C:\Users\maro\AppData\Roaming\WB.CFG

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-05-01 22:02 - 2018-05-01 22:02 - 000018297 _____ () C:\Users\maro\AppData\Roaming\Kapakefukake
2018-04-05 15:18 - 2018-04-13 15:07 - 000000069 _____ () C:\Users\maro\AppData\Roaming\WB.CFG
2018-01-09 13:27 - 2018-01-09 13:27 - 000002096 _____ () C:\Users\maro\AppData\Local\recently-used.xbel
2016-06-30 19:54 - 2016-06-30 19:54 - 000000017 _____ () C:\Users\maro\AppData\Local\resmon.resmoncfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{3C3D66FA-C43F-21DD-F509-137C9DE02BB5}.job


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-04-29 16:36

==================== Ende von FRST.txt ============================
--- --- ---

cosinus 07.05.2018 11:06
Geh mal mit avastclear rüber --> https://support.avast.com/de-de/article/10

Sollte das auch nicht gehen, sollte man mal eine Neuinstallation in Betracht ziehen. Dann hast du Avast richtig weg und wärst auch gleich auf Windows 10.

marosa 07.05.2018 13:14
ok, ich habe es erledigt:
Avast ist weg! Endlich! DANKE
Dann kam noch unten in der Taskleiste das hervor: ByteFence. Habe ich auch mit Revo deninstalliert
Als ich Mozilla aufgemacht habe ging Yahoo auf. Also habe ich es auch mit Revo deninstalliert.
Wie geht es weiter?

cosinus 07.05.2018 13:15
Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

marosa 07.05.2018 13:50
okay, mache ich jetzt sofort! wenn der mauszeiger nicht zu doll springt komme ich bestimmt durch, da ich heute frei habe und mich voll und ganz darum kümmern kann. DANKE

erledigt, der Report: No threats found
Code:
14:39:18.0473 0x15d0  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
14:39:18.0473 0x15d0  UEFI system
14:39:26.0980 0x15d0  ============================================================
14:39:26.0980 0x15d0  Current date / time: 2018/05/07 14:39:26.0980
14:39:26.0980 0x15d0  SystemInfo:
14:39:26.0980 0x15d0 
14:39:26.0980 0x15d0  OS Version: 6.3.9600 ServicePack: 0.0
14:39:26.0980 0x15d0  Product type: Workstation
14:39:26.0980 0x15d0  ComputerName: IDEA-PC
14:39:26.0980 0x15d0  UserName: maro
14:39:26.0980 0x15d0  Windows directory: C:\WINDOWS
14:39:26.0980 0x15d0  System windows directory: C:\WINDOWS
14:39:26.0980 0x15d0  Running under WOW64
14:39:26.0980 0x15d0  Processor architecture: Intel x64
14:39:26.0980 0x15d0  Number of processors: 4
14:39:26.0980 0x15d0  Page size: 0x1000
14:39:26.0980 0x15d0  Boot type: Normal boot
14:39:26.0980 0x15d0  CodeIntegrityOptions = 0x00000001
14:39:26.0980 0x15d0  ============================================================
14:39:27.0199 0x15d0  KLMD registered as C:\WINDOWS\system32\drivers\92288798.sys
14:39:27.0199 0x15d0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18969, osProperties = 0x19
14:39:27.0646 0x15d0  System UUID: {22A70ECE-5888-1DE3-478A-44AFCA0097FD}
14:39:28.0037 0x15d0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:39:28.0037 0x15d0  ============================================================
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0:
14:39:28.0037 0x15d0  GPT partitions:
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {919BE26F-42B3-4176-A154-CD1D3603578E}, Name: , StartLBA 0x800, BlocksNum 0x1F4000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {32F698B3-F212-4F1A-86EC-E46ACB1B0DD0}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {EEA594D9-CCFC-498C-9C01-9EC28164281D}, Name: , StartLBA 0x276800, BlocksNum 0xFA000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0C54FE38-6F6F-4423-BB05-6953B89BABA5}, Name: Microsoft reserved partition, StartLBA 0x370800, BlocksNum 0x40000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5E33A0B8-5719-42BC-997B-A5C7663918FE}, Name: Basic data partition, StartLBA 0x3B0800, BlocksNum 0x36B79800
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E4D63EDC-BF6B-4842-9F1D-99DA2BFD955A}, Name: , StartLBA 0x36F2A000, BlocksNum 0xE2000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8DA0C8F3-A764-4238-AEEF-07446855D720}, Name: , StartLBA 0x3700C000, BlocksNum 0xE2000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D24C2A92-A3DF-4232-BDB7-7D16C98F8F70}, Name: , StartLBA 0x370EE000, BlocksNum 0xE2000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition9: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CF4F27AF-E4D0-4EE2-80C3-2C972228B148}, Name: , StartLBA 0x371D0000, BlocksNum 0xE2000
14:39:28.0037 0x15d0  \Device\Harddisk0\DR0\Partition10: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {94CB1483-0032-40F8-94FF-FA8F699597C8}, Name: , StartLBA 0x372B2000, BlocksNum 0x30D4000
14:39:28.0037 0x15d0  MBR partitions:
14:39:28.0037 0x15d0  ============================================================
14:39:28.0037 0x15d0  C: <-> \Device\Harddisk0\DR0\Partition5
14:39:28.0037 0x15d0  ============================================================
14:39:28.0037 0x15d0  Initialize success
14:39:28.0037 0x15d0  ============================================================
14:41:06.0678 0x16e4  ============================================================
14:41:06.0678 0x16e4  Scan started
14:41:06.0678 0x16e4  Mode: Manual; SigCheck; TDLFS;
14:41:06.0678 0x16e4  ============================================================
14:41:06.0678 0x16e4  KSN ping started
14:41:06.0757 0x16e4  KSN ping finished: true
14:41:08.0569 0x16e4  ================ Scan system memory ========================
14:41:08.0569 0x16e4  System memory - ok
14:41:08.0569 0x16e4  ================ Scan services =============================
14:41:08.0944 0x16e4  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:41:09.0006 0x16e4  1394ohci - ok
14:41:09.0038 0x16e4  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
14:41:09.0038 0x16e4  3ware - ok
14:41:09.0085 0x16e4  [ 508526EB2308D259DB8542FF50E9112C, DBF657F5D8890E2F58D3EE47B5F5A98DFB838CDD2871CE580B3FC1BDDC2A590E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:41:09.0116 0x16e4  ACPI - ok
14:41:09.0132 0x16e4  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:41:09.0147 0x16e4  acpiex - ok
14:41:09.0163 0x16e4  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:41:09.0178 0x16e4  acpipagr - ok
14:41:09.0194 0x16e4  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
14:41:09.0210 0x16e4  AcpiPmi - ok
14:41:09.0225 0x16e4  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:41:09.0241 0x16e4  acpitime - ok
14:41:09.0288 0x16e4  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:41:09.0319 0x16e4  ADP80XX - ok
14:41:09.0335 0x16e4  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc    C:\WINDOWS\System32\aelupsvc.dll
14:41:09.0366 0x16e4  AeLookupSvc - ok
14:41:09.0382 0x16e4  [ B246BEE99740A2A357E21D863A18774D, CE000059C157101D6C429594E76A69C4E863A9E752015D542E4F308E8D515386 ] AFD            C:\WINDOWS\system32\drivers\afd.sys
14:41:09.0444 0x16e4  AFD - ok
14:41:09.0444 0x16e4  [ 20FFFCA6E9870E358DBE402F7DBD3E6C, 8F964219C777C86ECC572E8B340C814CA09A0B88E4F1CF3DE4D5F1FD115D73ED ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
14:41:09.0475 0x16e4  agp440 - ok
14:41:09.0491 0x16e4  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:41:09.0538 0x16e4  ahcache - ok
14:41:09.0553 0x16e4  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG            C:\WINDOWS\System32\alg.exe
14:41:09.0600 0x16e4  ALG - ok
14:41:09.0616 0x16e4  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
14:41:09.0647 0x16e4  AmdK8 - ok
14:41:09.0678 0x16e4  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:41:09.0710 0x16e4  AmdPPM - ok
14:41:09.0725 0x16e4  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
14:41:09.0741 0x16e4  amdsata - ok
14:41:09.0757 0x16e4  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:41:09.0788 0x16e4  amdsbs - ok
14:41:09.0788 0x16e4  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
14:41:09.0803 0x16e4  amdxata - ok
14:41:09.0819 0x16e4  [ 29A3E5D36112A738B354E4DF2691CE41, 135028B4ECB9C31B57CEA68B898B265EC379FF738FF924B6F412D7E5EB61C2A6 ] AppID          C:\WINDOWS\system32\drivers\appid.sys
14:41:09.0897 0x16e4  AppID - ok
14:41:09.0913 0x16e4  [ 942C8297400FCFB13CEE3F3CD89C5CE5, AFD9EC35F6C44D86DD5943A2AB0B99B0C1B1783D70FD966F6467F97F0831403F ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:41:09.0960 0x16e4  AppIDSvc - ok
14:41:09.0975 0x16e4  [ 54ACF58A59A5FD3AD29EABBECA5B5BA4, B3B7572E93ACFF3CCB08968F33B796A6FC6DDCF75F48038A0626E46997AAD2D1 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
14:41:09.0991 0x16e4  Appinfo - ok
14:41:10.0038 0x16e4  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:41:10.0100 0x16e4  AppReadiness - ok
14:41:10.0147 0x16e4  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
14:41:10.0225 0x16e4  AppXSvc - ok
14:41:10.0257 0x16e4  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:41:10.0257 0x16e4  arcsas - ok
14:41:10.0319 0x16e4  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:41:10.0382 0x16e4  AsyncMac - ok
14:41:10.0397 0x16e4  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
14:41:10.0413 0x16e4  atapi - ok
14:41:10.0444 0x16e4  [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort      C:\WINDOWS\system32\DRIVERS\btath_flt.sys
14:41:10.0460 0x16e4  AthBTPort - ok
14:41:10.0522 0x16e4  [ 2DC097FE207EC7576B8C8BC357558BA0, FDD51224716DC7E5859A82B751DB75E88026F371B19785A57E4426556C9E11F8 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:41:10.0991 0x16e4  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:41:11.0194 0x16e4  Detect skipped due to KSN trusted
14:41:11.0194 0x16e4  AtherosSvc - ok
14:41:11.0380 0x16e4  [ 4883D2A68AA1465A6640ED6744840D3B, 62F032170E6EB0AF84FD370F3A586AEE8094FF95E8A4CE696BE4401FE06A5A1E ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
14:41:11.0627 0x16e4  athr - ok
14:41:11.0658 0x16e4  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:41:11.0705 0x16e4  AudioEndpointBuilder - ok
14:41:11.0737 0x16e4  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:41:11.0815 0x16e4  Audiosrv - ok
14:41:11.0846 0x16e4  avast - ok
14:41:11.0846 0x16e4  avastm - ok
14:41:11.0940 0x16e4  [ A994548B7F442CE9653D1569BB91CD17, 06444973AD436E341A89BD122E1FC7DE2FFCAC4D8553889204772B1880D87D3C ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
14:41:12.0237 0x16e4  avgsvc - ok
14:41:12.0284 0x16e4  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:41:12.0346 0x16e4  AxInstSV - ok
14:41:12.0377 0x16e4  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
14:41:12.0393 0x16e4  b06bdrv - ok
14:41:12.0408 0x16e4  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:41:12.0455 0x16e4  BasicDisplay - ok
14:41:12.0471 0x16e4  [ BF002CF6CA41491665F7D3DCA51B7EFB, 4925B7689B47C583901CD75E7AB9160100838D5E33B829EB3CA4F71F7514958B ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
14:41:12.0565 0x16e4  BasicRender - ok
14:41:12.0580 0x16e4  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:41:12.0580 0x16e4  bcmfn2 - ok
14:41:12.0596 0x16e4  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:41:12.0643 0x16e4  BDESVC - ok
14:41:12.0659 0x16e4  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:41:12.0674 0x16e4  Beep - ok
14:41:12.0737 0x16e4  [ 4BA5C192E77375B62D603B38B9D99128, E1BF8646DA927EF81A9B940D0FAE7E49116A713F335625C5E18224BBB79F165E ] BFE            C:\WINDOWS\System32\bfe.dll
14:41:12.0815 0x16e4  BFE - ok
14:41:12.0846 0x16e4  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
14:41:12.0908 0x16e4  BITS - ok
14:41:12.0924 0x16e4  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:41:13.0080 0x16e4  bowser - ok
14:41:13.0096 0x16e4  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:41:13.0190 0x16e4  BrokerInfrastructure - ok
14:41:13.0205 0x16e4  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser        C:\WINDOWS\System32\browser.dll
14:41:13.0237 0x16e4  Browser - ok
14:41:13.0268 0x16e4  [ BCDB654338FA6C4BEE20A8EA47092171, CE0408F126F23E8C51CE59F3A56B41C78AB8918512FB9866F055077E5428EA37 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
14:41:13.0299 0x16e4  BTATH_A2DP - ok
14:41:13.0299 0x16e4  [ A71E33AEF3289BE2BA6CAD032BF9BFBA, A390F0BAC83143489F7191E4595973D8E1EA6CDF0937B4A441848CF7345C8808 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
14:41:13.0315 0x16e4  btath_avdt - ok
14:41:13.0346 0x16e4  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
14:41:13.0444 0x16e4  BTATH_HCRP - ok
14:41:13.0460 0x16e4  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT    C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
14:41:13.0491 0x16e4  BTATH_LWFLT - ok
14:41:13.0522 0x16e4  [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP      C:\WINDOWS\System32\drivers\btath_rcp.sys
14:41:13.0600 0x16e4  BTATH_RCP - ok
14:41:13.0616 0x16e4  [ 25B35FDD5FE5666DC49CCC0BC6A9AD81, 0F6A9783EF72AF53F20B19E51FE40A17F72FB9CC037670ADB77970AF9CA7E376 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
14:41:13.0647 0x16e4  BtFilter - ok
14:41:13.0663 0x16e4  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:41:13.0710 0x16e4  BthAvrcpTg - ok
14:41:13.0725 0x16e4  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum        C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:41:13.0772 0x16e4  BthEnum - ok
14:41:13.0804 0x16e4  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
14:41:13.0835 0x16e4  BthHFEnum - ok
14:41:13.0850 0x16e4  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:41:13.0866 0x16e4  bthhfhid - ok
14:41:13.0929 0x16e4  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
14:41:13.0991 0x16e4  BthHFSrv - ok
14:41:14.0007 0x16e4  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum      C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
14:41:14.0053 0x16e4  BthLEEnum - ok
14:41:14.0069 0x16e4  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:41:14.0100 0x16e4  BTHMODEM - ok
14:41:14.0100 0x16e4  [ D0AF91AF656E25AD8617EFA5B52EF457, FD723D99A0B8466BD991648DEED1831D32FD3A5995DD0E0837390746B8A7B439 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
14:41:14.0210 0x16e4  BthPan - ok
14:41:14.0272 0x16e4  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT        C:\WINDOWS\System32\Drivers\BTHport.sys
14:41:14.0366 0x16e4  BTHPORT - ok
14:41:14.0382 0x16e4  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv        C:\WINDOWS\system32\bthserv.dll
14:41:14.0397 0x16e4  bthserv - ok
14:41:14.0413 0x16e4  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
14:41:14.0429 0x16e4  BTHUSB - ok
14:41:14.0460 0x16e4  ByteFenceService - ok
14:41:14.0475 0x16e4  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:41:14.0553 0x16e4  cdfs - ok
14:41:14.0569 0x16e4  [ D61EDE3D49B04E703AEC3B111C763F42, A07780B7AAA982B1971C1FE3B597840541BF9FCE9D8322807C9C12300F9D2987 ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
14:41:14.0600 0x16e4  cdrom - ok
14:41:14.0616 0x16e4  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
14:41:14.0679 0x16e4  CertPropSvc - ok
14:41:14.0710 0x16e4  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:41:14.0725 0x16e4  circlass - ok
14:41:14.0757 0x16e4  [ CCAB2A390FF4929F86AFA1F02520A981, 25DB5259F16336BD461757ADBD4856B1778B1413ED60BBA90A4EAA9FF1E779D9 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:41:14.0788 0x16e4  CLFS - ok
14:41:14.0819 0x16e4  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:41:14.0850 0x16e4  CmBatt - ok
14:41:14.0882 0x16e4  [ 136D2C32FA5E49AF93D4B37D8055F230, 87B3479188B4DF68326AD8DEC82731937FA896CC4C54882D872E4723111441C1 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
14:41:14.0929 0x16e4  CNG - ok
14:41:14.0929 0x16e4  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
14:41:14.0960 0x16e4  CompositeBus - ok
14:41:14.0960 0x16e4  COMSysApp - ok
14:41:14.0975 0x16e4  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:41:15.0022 0x16e4  condrv - ok
14:41:15.0116 0x16e4  [ DAC4D7D79C07957F237E1A4F24435E96, F0D5C21A403580D71F1F6B049C5BB043D3257D39FABCDE623E81CD48034610AC ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:41:15.0163 0x16e4  cphs - ok
14:41:15.0179 0x16e4  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:41:15.0257 0x16e4  CryptSvc - ok
14:41:15.0272 0x16e4  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam            C:\WINDOWS\system32\drivers\dam.sys
14:41:15.0335 0x16e4  dam - ok
14:41:15.0382 0x16e4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
14:41:15.0413 0x16e4  dbupdate - ok
14:41:15.0429 0x16e4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem      C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
14:41:15.0429 0x16e4  dbupdatem - ok
14:41:15.0444 0x16e4  [ 111CEADEBAEF0179FB3446EB6A473108, 0FD6276E8395C4C7B822FD86B1D9DE4E05FE0CDEEA894820B7DE9E7A20218C59 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
14:41:15.0460 0x16e4  DbxSvc - ok
14:41:15.0491 0x16e4  [ 2928249E4DD39C2ADD3E74F02427AB8B, E331028A55FFFD753BC09163F25765AA67B1FE55BD0EB2803CC50D841E14BDA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:41:15.0554 0x16e4  DcomLaunch - ok
14:41:15.0616 0x16e4  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
14:41:15.0663 0x16e4  defragsvc - ok
14:41:15.0679 0x16e4  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:41:15.0725 0x16e4  DeviceAssociationService - ok
14:41:15.0741 0x16e4  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
14:41:15.0788 0x16e4  DeviceInstall - ok
14:41:15.0804 0x16e4  [ D1049D4D1311D43F6FCF180CAA5BF78B, E32D3B0FB3CFE2E9C243E7540B9A534B6B5B53759A3883A231EB69F4A8C823C1 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:41:15.0913 0x16e4  Dfsc - ok
14:41:15.0929 0x16e4  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:41:15.0960 0x16e4  Dhcp - ok
14:41:16.0022 0x16e4  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack      C:\WINDOWS\system32\diagtrack.dll
14:41:16.0147 0x16e4  DiagTrack - ok
14:41:16.0194 0x16e4  [ BF6D8575DDF30384939B2D5251F27C1F, 1605530BC61FB726F1095C5B5C8E27B18C06BCE01948550988E9EDCEBBCC0B3D ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:41:16.0210 0x16e4  disk - ok
14:41:16.0225 0x16e4  [ F204A1B043A561407206CAFC4CBE76E9, AE8CED824EFA4CAFF83072FD04E436A6EE5E4B44D530EAB4FAC9DDF3C730EE2A ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
14:41:16.0241 0x16e4  dmvsc - ok
14:41:16.0272 0x16e4  [ D9F407D006C916B7EC167858F88F13EB, 0D0FF69F9C695A2371DF798429EA2AA7B96F1C552EDC70DA4DD61EC8BD5563A3 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:41:16.0335 0x16e4  Dnscache - ok
14:41:16.0366 0x16e4  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
14:41:16.0424 0x16e4  dot3svc - ok
14:41:16.0443 0x16e4  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS            C:\WINDOWS\system32\dps.dll
14:41:16.0460 0x16e4  DPS - ok
14:41:16.0475 0x16e4  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
14:41:16.0491 0x16e4  drmkaud - ok
14:41:16.0507 0x16e4  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:41:16.0522 0x16e4  DsmSvc - ok
14:41:16.0589 0x16e4  [ C8104980940704E2F86A6448C601FD06, 0EBA7901DB97AE6D09A12B7A82FF56587E7BA2772B59BE711CF1F216EAC4D3AE ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:41:16.0674 0x16e4  DXGKrnl - ok
14:41:16.0689 0x16e4  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost        C:\WINDOWS\System32\eapsvc.dll
14:41:16.0742 0x16e4  Eaphost - ok
14:41:16.0864 0x16e4  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
14:41:16.0989 0x16e4  ebdrv - ok
14:41:17.0005 0x16e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS            C:\WINDOWS\System32\lsass.exe
14:41:17.0020 0x16e4  EFS - ok
14:41:17.0036 0x16e4  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
14:41:17.0051 0x16e4  EhStorClass - ok
14:41:17.0067 0x16e4  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:41:17.0083 0x16e4  EhStorTcgDrv - ok
14:41:17.0098 0x16e4  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:41:17.0114 0x16e4  ErrDev - ok
14:41:17.0176 0x16e4  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem    C:\WINDOWS\system32\es.dll
14:41:17.0208 0x16e4  EventSystem - ok
14:41:17.0223 0x16e4  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
14:41:17.0317 0x16e4  exfat - ok
14:41:17.0348 0x16e4  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
14:41:17.0364 0x16e4  fastfat - ok
14:41:17.0394 0x16e4  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax            C:\WINDOWS\system32\fxssvc.exe
14:41:17.0472 0x16e4  Fax - ok
14:41:17.0488 0x16e4  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
14:41:17.0504 0x16e4  fdc - ok
14:41:17.0504 0x16e4  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
14:41:17.0535 0x16e4  fdPHost - ok
14:41:17.0566 0x16e4  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:41:17.0566 0x16e4  FDResPub - ok
14:41:17.0582 0x16e4  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
14:41:17.0629 0x16e4  fhsvc - ok
14:41:17.0644 0x16e4  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:41:17.0644 0x16e4  FileInfo - ok
14:41:17.0676 0x16e4  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
14:41:17.0707 0x16e4  Filetrace - ok
14:41:17.0707 0x16e4  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:41:17.0722 0x16e4  flpydisk - ok
14:41:17.0754 0x16e4  [ E8F02B7A595B9E7F0A38BDB1C40C60A5, 64E64BA029B798739C38E524E24530EE570897E327B72854A8CBCE4FAD7AD1E5 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:41:17.0785 0x16e4  FltMgr - ok
14:41:17.0832 0x16e4  [ 223CD19D2F84B7B42081F4FB530B658F, 4A9D1A6688C3C8F0B866B0FE2715C9FBA62BE66D4ADCC327A8CABF9EA876A664 ] FontCache      C:\WINDOWS\system32\FntCache.dll
14:41:17.0941 0x16e4  FontCache - ok
14:41:17.0988 0x16e4  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:41:18.0004 0x16e4  FontCache3.0.0.0 - ok
14:41:18.0035 0x16e4  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
14:41:18.0051 0x16e4  FsDepends - ok
14:41:18.0066 0x16e4  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:41:18.0082 0x16e4  Fs_Rec - ok
14:41:18.0097 0x16e4  [ B25A3FD917CB8F77CA5A70861D84671A, E0855AFB1B876BC390D2341198702C4728C264F116EA37277D667DB094263B5A ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:41:18.0129 0x16e4  fvevol - ok
14:41:18.0144 0x16e4  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM          C:\WINDOWS\System32\drivers\fxppm.sys
14:41:18.0176 0x16e4  FxPPM - ok
14:41:18.0191 0x16e4  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
14:41:18.0191 0x16e4  gagp30kx - ok
14:41:18.0207 0x16e4  [ 1A0D1B15D3443393D5DADBA366F318A7, EF982A93D1976F43737EC2EA0D5CAEF9558F4CBEE3DAE9397E295E7A3F392460 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:41:18.0254 0x16e4  gencounter - ok
14:41:18.0269 0x16e4  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:41:18.0301 0x16e4  GPIOClx0101 - ok
14:41:18.0347 0x16e4  [ 2DAFF4F76A90E3C523C2FE50338537E9, 625745E538208B50E8F5A9A2C09C6CD03D51E424BB16BC6C5B156CBC25373B6D ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
14:41:18.0410 0x16e4  gpsvc - ok
14:41:18.0410 0x16e4  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:41:18.0441 0x16e4  HDAudBus - ok
14:41:18.0457 0x16e4  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
14:41:18.0488 0x16e4  HidBatt - ok
14:41:18.0504 0x16e4  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
14:41:18.0519 0x16e4  HidBth - ok
14:41:18.0535 0x16e4  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
14:41:18.0551 0x16e4  hidi2c - ok
14:41:18.0566 0x16e4  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
14:41:18.0582 0x16e4  HidIr - ok
14:41:18.0598 0x16e4  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv        C:\WINDOWS\system32\hidserv.dll
14:41:18.0613 0x16e4  hidserv - ok
14:41:18.0629 0x16e4  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:41:18.0707 0x16e4  HidUsb - ok
14:41:18.0738 0x16e4  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
14:41:18.0769 0x16e4  hkmsvc - ok
14:41:18.0801 0x16e4  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:41:18.0863 0x16e4  HomeGroupListener - ok
14:41:18.0894 0x16e4  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:41:18.0926 0x16e4  HomeGroupProvider - ok
14:41:18.0988 0x16e4  [ 3851E040E0CE19C37C4CED8E2BE9855C, CC4C89A0D2E9467ADDBFB213EC6937F7DACE2FCD1E085DFC0A9FB44A9A66F157 ] HorizonTouchCentreSpeedUp C:\Program Files\Lenovo\Alpha\SpeedWatcherService.exe
14:41:19.0097 0x16e4  HorizonTouchCentreSpeedUp - ok
14:41:19.0129 0x16e4  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
14:41:19.0144 0x16e4  HpSAMD - ok
14:41:19.0207 0x16e4  [ E45EB7AE6C890F2C8DE8F160AC641C8A, 3637D1FCE42A5600BD7FCC1F602C926968B327097CB36EE5FAC9140DD99EEC2D ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
14:41:19.0238 0x16e4  HTTP - ok
14:41:19.0254 0x16e4  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
14:41:19.0269 0x16e4  hwpolicy - ok
14:41:19.0285 0x16e4  [ FEBCEE7A6F2F65251DB4799409544D24, 071AE9D474C94890D918AAED4D7ADDF4D9419B93C003FBEF6BFAE1276F38E33E ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
14:41:19.0347 0x16e4  hyperkbd - ok
14:41:19.0363 0x16e4  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
14:41:19.0444 0x16e4  HyperVideo - ok
14:41:19.0460 0x16e4  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
14:41:19.0553 0x16e4  i8042prt - ok
14:41:19.0569 0x16e4  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:41:19.0585 0x16e4  iaLPSSi_GPIO - ok
14:41:19.0600 0x16e4  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:41:19.0616 0x16e4  iaLPSSi_I2C - ok
14:41:19.0632 0x16e4  [ B9E489CC1EA3284FEED33799DC70612D, 0DD714A3A37C391B38F4EEEB3F85C3C3C056F4AAB4A5EFA63835AD967BC25B51 ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
14:41:19.0647 0x16e4  iaStorA - ok
14:41:19.0725 0x16e4  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
14:41:19.0803 0x16e4  iaStorAV - ok
14:41:19.0866 0x16e4  [ 3AEE4C821114AC707699A28988F27ABB, 033A25A19E2A649DA059AE3BCACB8605C00D4F10D356C5E3167B84C01B9359A9 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:41:19.0882 0x16e4  IAStorDataMgrSvc - ok
14:41:19.0928 0x16e4  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
14:41:19.0960 0x16e4  iaStorV - ok
14:41:19.0960 0x16e4  [ 97E5D62965DE167388B9C5D08665FE43, 32608102AC1B40420A8498181B3DA18FB833FC89930DF3C66D85A6B41F692EB6 ] IdeaTouch.LocalDataServer.Education C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
14:41:20.0022 0x16e4  IdeaTouch.LocalDataServer.Education - detected UnsignedFile.Multi.Generic ( 1 )
14:41:20.0132 0x16e4  Detect skipped due to KSN trusted
14:41:20.0132 0x16e4  IdeaTouch.LocalDataServer.Education - ok
14:41:20.0132 0x16e4  [ 700E4785FA822B4094EAB8FE732D46C8, EBFFE72153549132B06DB80B24B965A1C302AF4C800FF7FABA104AEC859A5815 ] IdeaTouch.LocalDataServer.Game C:\Program Files (x86)\Lenovo\GamePortal\Services\IdeaTouch.LocalDataServer.Game.exe
14:41:20.0194 0x16e4  IdeaTouch.LocalDataServer.Game - detected UnsignedFile.Multi.Generic ( 1 )
14:41:20.0288 0x16e4  Detect skipped due to KSN trusted
14:41:20.0288 0x16e4  IdeaTouch.LocalDataServer.Game - ok
14:41:20.0288 0x16e4  IEEtwCollectorService - ok
14:41:20.0553 0x16e4  [ 5863E2DD2E5C2D1B1F70C3826C162A7B, A6A0DBFA91F53D116AFFC1644F636A9D33A20B00A842A190190584F8AE2D1FF0 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:41:20.0835 0x16e4  igfx - ok
14:41:20.0913 0x16e4  [ C5202C7669226FF13A74228BD42AD982, BA843DEF6649DF34F9D0D0A380E77557D7785B8239A61EA33EFF08AEF0C8E6DE ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:41:20.0991 0x16e4  igfxCUIService1.0.0.0 - ok
14:41:21.0022 0x16e4  [ 3B6E74B3BE0CA74525A37B5C8E510084, BEA54067BAA524A13A2F67EB76C6B206546BA06567446725CF8BA0D7F6A30311 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
14:41:21.0069 0x16e4  IKEEXT - ok
14:41:21.0085 0x16e4  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
14:41:21.0116 0x16e4  intaud_WaveExtensible - ok
14:41:21.0210 0x16e4  [ 8F7DBBFB3546A3A6859E4FB47CEA86DE, C9192A5AE4F0BC1B037DD8623ADBC7F8ED69E9B2AE848C323B079361CB004F42 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:41:21.0413 0x16e4  IntcAzAudAddService - ok
14:41:21.0460 0x16e4  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:41:21.0975 0x16e4  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:41:22.0147 0x16e4  Detect skipped due to KSN trusted
14:41:22.0163 0x16e4  Intel(R) Capability Licensing Service Interface - ok
14:41:22.0210 0x16e4  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:41:22.0272 0x16e4  Intel(R) Capability Licensing Service TCP IP Interface - ok
14:41:22.0288 0x16e4  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
14:41:22.0304 0x16e4  intelide - ok
14:41:22.0319 0x16e4  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
14:41:22.0335 0x16e4  intelpep - ok
14:41:22.0335 0x16e4  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
14:41:22.0366 0x16e4  intelppm - ok
14:41:22.0382 0x16e4  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:41:22.0418 0x16e4  IpFilterDriver - ok
14:41:22.0443 0x16e4  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:41:22.0505 0x16e4  iphlpsvc - ok
14:41:22.0536 0x16e4  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:41:22.0595 0x16e4  IPMIDRV - ok
14:41:22.0611 0x16e4  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
14:41:22.0689 0x16e4  IPNAT - ok
14:41:22.0704 0x16e4  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
14:41:22.0743 0x16e4  IRENUM - ok
14:41:22.0755 0x16e4  [ 00AD710037F4A4F00CDDD94CBA7BABEA, 234FD60D659D9338C9FA0A54D176840BFDDEEB358DAF67A8B13F7699D442CAC0 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
14:41:22.0771 0x16e4  isapnp - ok
14:41:22.0787 0x16e4  [ D2F0DA40F88F3941E32B24CCBBF623F2, 957D6AE20773A7CFD1994650FBBF69020BCAFCBBAA0F771ABF3CACA5C821BD8E ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
14:41:22.0818 0x16e4  iScsiPrt - ok
14:41:22.0834 0x16e4  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
14:41:22.0849 0x16e4  iwdbus - ok
14:41:22.0881 0x16e4  [ 1128B38EEC9DAF1B36373B65E87C00A3, 071E9454B9B442C2C3272FBC1AE5E92911A23CDB99F1C718C34067A70B99F910 ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:41:22.0881 0x16e4  jhi_service - ok
14:41:22.0896 0x16e4  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
14:41:22.0927 0x16e4  kbdclass - ok
14:41:22.0927 0x16e4  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
14:41:22.0959 0x16e4  kbdhid - ok
14:41:22.0974 0x16e4  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic          C:\WINDOWS\system32\DRIVERS\kdnic.sys
14:41:23.0037 0x16e4  kdnic - ok
14:41:23.0052 0x16e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
14:41:23.0084 0x16e4  KeyIso - ok
14:41:23.0084 0x16e4  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
14:41:23.0130 0x16e4  KSecDD - ok
14:41:23.0146 0x16e4  [ A9C617281ECE2711C02F3B7C951A1882, AD871D3C2A9EA9F4D1809C93093EC314DFFFF8CBCD176E96941F26AF9DB7AF4E ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:41:23.0162 0x16e4  KSecPkg - ok
14:41:23.0177 0x16e4  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
14:41:23.0193 0x16e4  ksthunk - ok
14:41:23.0224 0x16e4  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
14:41:23.0255 0x16e4  KtmRm - ok
14:41:23.0287 0x16e4  [ B75ADC97905F43C7C946F1465A8697BD, AF50E3F5DBF222DB095B40FD4896650B5F8DD47153CB9A1ADE54D17FCE85C529 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
14:41:23.0349 0x16e4  LanmanServer - ok
14:41:23.0381 0x16e4  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:41:23.0412 0x16e4  LanmanWorkstation - ok
14:41:23.0443 0x16e4  [ 3619E2B790FBE4413DD4F226C61A83E7, 0210D10280A25CCFC6CDFBFC4A4ECC59B6A02CF9B90570242B9D57A0354F109E ] LenovoAppService C:\Program Files\Lenovo\Alpha\AppService.exe
14:41:23.0521 0x16e4  LenovoAppService - ok
14:41:23.0537 0x16e4  [ 16EEC57C9682242A0AB26920B403E997, B8CC9CFC1AC25B5478F4995A900F2F49A639F642D55BF5094820F20F32246403 ] LenovoVRService C:\Program Files\Lenovo\VRSDK\VrService.exe
14:41:23.0646 0x16e4  LenovoVRService - ok
14:41:23.0677 0x16e4  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc          C:\WINDOWS\System32\GeofenceMonitorService.dll
14:41:23.0834 0x16e4  lfsvc - ok
14:41:23.0865 0x16e4  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
14:41:23.0881 0x16e4  lltdio - ok
14:41:24.0021 0x16e4  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
14:41:24.0068 0x16e4  lltdsvc - ok
14:41:24.0084 0x16e4  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
14:41:24.0146 0x16e4  lmhosts - ok
14:41:24.0240 0x16e4  [ 60471C88EB4906DB0C2026B3290EE4B6, D51752E4149A5BA578BF9F8DA83443BFF0719BAA34D91BD938DAC831BC0BA6DC ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:41:24.0256 0x16e4  LMS - ok
14:41:24.0349 0x16e4  [ FD66828B7E8D085FD0F6009444525636, EA9405BA323EF8B1972669713C45DF1F2BF9C4C55310FEE6367FA8C9DE2CC164 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
14:41:24.0365 0x16e4  LSC.Services.SystemService - ok
14:41:24.0381 0x16e4  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
14:41:24.0396 0x16e4  LSI_SAS - ok
14:41:24.0427 0x16e4  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
14:41:24.0443 0x16e4  LSI_SAS2 - ok
14:41:24.0459 0x16e4  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
14:41:24.0474 0x16e4  LSI_SAS3 - ok
14:41:24.0490 0x16e4  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
14:41:24.0506 0x16e4  LSI_SSS - ok
14:41:24.0584 0x16e4  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM            C:\WINDOWS\System32\lsm.dll
14:41:24.0709 0x16e4  LSM - ok
14:41:24.0724 0x16e4  [ B0AF753AF28303BB69C67BD85F06FFC9, 6B6805C17BC39F972BB7FF52BDF798B0B57EC5D5F3CE1C97415E86110235C603 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
14:41:24.0865 0x16e4  luafv - ok
14:41:25.0193 0x16e4  [ 96FA5B38DD94C8D49289CE75150D97C3, 31D2435E026B0425D47B479E7E58CAF7BEF5C2D23F9D164A59FF2BF27D49489F ] MBAMService    C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
14:41:25.0381 0x16e4  MBAMService - ok
14:41:25.0506 0x16e4  [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy  C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
14:41:25.0521 0x16e4  MBAMSwissArmy - ok
14:41:25.0537 0x16e4  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
14:41:25.0552 0x16e4  megasas - ok
14:41:25.0568 0x16e4  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
14:41:25.0599 0x16e4  megasr - ok
14:41:25.0615 0x16e4  [ 6FE7B681F1840366B2E4E8B15BE8E2CB, D60DB52345FB17160C1761AE5BF6C8CF56B350FC626A40C985CA2AE5C88B2F50 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
14:41:25.0646 0x16e4  MEIx64 - ok
14:41:25.0646 0x16e4  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS          C:\WINDOWS\system32\mmcss.dll
14:41:25.0693 0x16e4  MMCSS - ok
14:41:25.0709 0x16e4  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem          C:\WINDOWS\system32\drivers\modem.sys
14:41:25.0724 0x16e4  Modem - ok
14:41:25.0724 0x16e4  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
14:41:25.0756 0x16e4  monitor - ok
14:41:25.0771 0x16e4  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
14:41:25.0802 0x16e4  mouclass - ok
14:41:25.0802 0x16e4  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
14:41:25.0865 0x16e4  mouhid - ok
14:41:25.0881 0x16e4  [ E5E8665272EBCD87A0A632314F0D221D, 37FDC4CEB8E5FC39C10DE875676863D090CFEA708AC3A8415114DCDD94BD7A1D ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
14:41:25.0912 0x16e4  mountmgr - ok
14:41:25.0927 0x16e4  [ 234AE91F162CB9051B64B2894CA5A6E4, 5CBF7A139525E3572BE3DEE2C2C71765D083B474119409A2D4CF9BB9E8B74D7C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:41:25.0959 0x16e4  MozillaMaintenance - ok
14:41:26.0021 0x16e4  [ BF2513029E231BE96D82F7C3ABFF87F4, F6DB64112CC50EEE495E2D7C61B8BDBE757A31B03144B0396615FD38C312824E ] MpKsl49835494  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{30D58176-CCAD-471C-99F1-7A6E2AD161A4}\MpKsl49835494.sys
14:41:26.0037 0x16e4  MpKsl49835494 - ok
14:41:26.0052 0x16e4  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
14:41:26.0084 0x16e4  mpsdrv - ok
14:41:26.0131 0x16e4  [ 4D33C8B6159B61C7F13984ED10EA2A82, 2E6B8C104F34BFED3C521062F0F12B8D9B4A602221256C41791932771EB79B2C ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
14:41:26.0177 0x16e4  MpsSvc - ok
14:41:26.0224 0x16e4  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
14:41:26.0349 0x16e4  MRxDAV - ok
14:41:26.0396 0x16e4  [ CF49856813FFDF2EB251762BB8B675C8, 5976D21C6B0A1FF489B406108DBE6ACDB22D706F437B12F58552A6EAA9D3BFD7 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:41:26.0427 0x16e4  mrxsmb - ok
14:41:26.0459 0x16e4  [ AFE6DC2E57E876175BA074AD2CB5594F, 004873302BA0BF1B1359A90A5399915BE00A9ED800F60E477A5AE4682C70A708 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:41:26.0552 0x16e4  mrxsmb10 - ok
14:41:26.0568 0x16e4  [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:41:26.0677 0x16e4  mrxsmb20 - ok
14:41:26.0677 0x16e4  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
14:41:26.0724 0x16e4  MsBridge - ok
14:41:26.0756 0x16e4  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
14:41:26.0802 0x16e4  MSDTC - ok
14:41:26.0818 0x16e4  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:41:26.0834 0x16e4  Msfs - ok
14:41:26.0834 0x16e4  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:41:26.0849 0x16e4  msgpiowin32 - ok
14:41:26.0849 0x16e4  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:41:26.0896 0x16e4  mshidkmdf - ok
14:41:26.0896 0x16e4  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
14:41:26.0912 0x16e4  mshidumdf - ok
14:41:26.0927 0x16e4  [ 15552CD43BD9DA6C00659167403D19E6, B93BAE0FB5A132FA3F0218B07284117D424175DB0A69C4FB3E3C2E33F122207F ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
14:41:26.0943 0x16e4  msisadrv - ok
14:41:26.0959 0x16e4  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
14:41:27.0021 0x16e4  MSiSCSI - ok
14:41:27.0021 0x16e4  msiserver - ok
14:41:27.0021 0x16e4  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:41:27.0037 0x16e4  MSKSSRV - ok
14:41:27.0068 0x16e4  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
14:41:27.0115 0x16e4  MsLldp - ok
14:41:27.0131 0x16e4  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:41:27.0146 0x16e4  MSPCLOCK - ok
14:41:27.0177 0x16e4  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
14:41:27.0193 0x16e4  MSPQM - ok
14:41:27.0224 0x16e4  [ 493AA78266AA041593DB24155556B8BF, CBAF7FAD5215957D8B8C5956DB423249BB630FCFD03A10B9734E889D594F8EBD ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
14:41:27.0271 0x16e4  MsRPC - ok
14:41:27.0287 0x16e4  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
14:41:27.0287 0x16e4  mssmbios - ok
14:41:27.0302 0x16e4  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE          C:\WINDOWS\system32\drivers\MSTEE.sys
14:41:27.0318 0x16e4  MSTEE - ok
14:41:27.0318 0x16e4  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
14:41:27.0349 0x16e4  MTConfig - ok
14:41:27.0365 0x16e4  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
14:41:27.0381 0x16e4  Mup - ok
14:41:27.0396 0x16e4  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
14:41:27.0396 0x16e4  mvumis - ok
14:41:27.0427 0x16e4  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
14:41:27.0474 0x16e4  napagent - ok
14:41:27.0490 0x16e4  [ F3A70F2C79D91B7C95F78E959DEDAD0E, CB1826614D1EEC1C2E8E6F8D2B8DE486CE7AF628DAC6969655E57EC4BAF70C9D ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:41:27.0552 0x16e4  NativeWifiP - ok
14:41:27.0568 0x16e4  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
14:41:27.0615 0x16e4  NcaSvc - ok
14:41:27.0615 0x16e4  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
14:41:27.0646 0x16e4  NcbService - ok
14:41:27.0662 0x16e4  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
14:41:27.0724 0x16e4  NcdAutoSetup - ok
14:41:27.0787 0x16e4  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
14:41:27.0818 0x16e4  NDIS - ok
14:41:27.0834 0x16e4  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap        C:\WINDOWS\system32\DRIVERS\ndiscap.sys
14:41:27.0849 0x16e4  NdisCap - ok
14:41:27.0849 0x16e4  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
14:41:27.0896 0x16e4  NdisImPlatform - ok
14:41:27.0912 0x16e4  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:41:27.0990 0x16e4  NdisTapi - ok
14:41:28.0021 0x16e4  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:41:28.0037 0x16e4  Ndisuio - ok
14:41:28.0052 0x16e4  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:41:28.0068 0x16e4  NdisVirtualBus - ok
14:41:28.0099 0x16e4  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:41:28.0162 0x16e4  NdisWan - ok
14:41:28.0177 0x16e4  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:41:28.0193 0x16e4  NdisWanLegacy - ok
14:41:28.0193 0x16e4  [ 4F5178EEF4CC259F0A8CF56C2F16ADDB, 1940275E4AB0A863B146736A189F797EE06841DD74376AF6E09033FB1EEB6643 ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
14:41:28.0240 0x16e4  NDProxy - ok
14:41:28.0271 0x16e4  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
14:41:28.0318 0x16e4  Ndu - ok
14:41:28.0334 0x16e4  [ AD6A78E25BBC916354753A500C4E73C8, 52D10B07CA52B90E6934EC8916715B1BA78711A12600980A3A7A16EA5408F99A ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
14:41:28.0396 0x16e4  NetBIOS - ok
14:41:28.0412 0x16e4  [ 0FE750800DEEE91D22399D081371BA79, 7E1E01A5D5BAE68F975070D1676BD830ADF010E42A8046D4074D17B710230CD9 ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
14:41:28.0537 0x16e4  NetBT - ok
14:41:28.0537 0x16e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:41:28.0552 0x16e4  Netlogon - ok
14:41:28.0568 0x16e4  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
14:41:28.0584 0x16e4  Netman - ok
14:41:28.0615 0x16e4  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
14:41:28.0631 0x16e4  netprofm - ok
14:41:28.0693 0x16e4  [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:41:28.0693 0x16e4  NetTcpPortSharing - ok
14:41:28.0709 0x16e4  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
14:41:28.0756 0x16e4  netvsc - ok
14:41:28.0787 0x16e4  [ C01975FEB4B5D4C1420A25D863041F2C, A2A15CF1FA91E706DC2C6766C42C9B454D6787D25A39A5421CC34E7DE27B7ADA ] NitroDriverReadSpool11 C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
14:41:28.0802 0x16e4  NitroDriverReadSpool11 - ok
14:41:28.0849 0x16e4  [ 27D1BC3AF2CD9A854CD326A5C4A5914C, 2D50F2728CFB53C7C17DB848FDEB0E4DE4C8BFEFFFE2477B15E941FACBD988FA ] NitroUpdateService C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
14:41:28.0881 0x16e4  NitroUpdateService - ok
14:41:28.0896 0x16e4  [ A0D7A655BC61C2421CB33F3A1CD97B8A, EF87D3CDB01789195E83FB629B0871ED03211C624BCF814260D86DDA57BD9B33 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
14:41:28.0912 0x16e4  NlaSvc - ok
14:41:29.0146 0x16e4  [ EE449F98EA1873A84C694F1F23FDCC51, 829E8C145FD7ABA0FE9FFE6908B747D2A42896AB094DF198C910D6B9B310942A ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE
14:41:29.0162 0x16e4  nlsX86cc - ok
14:41:29.0162 0x16e4  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:41:29.0193 0x16e4  Npfs - ok
14:41:29.0209 0x16e4  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
14:41:29.0271 0x16e4  npsvctrig - ok
14:41:29.0287 0x16e4  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi            C:\WINDOWS\system32\nsisvc.dll
14:41:29.0334 0x16e4  nsi - ok
14:41:29.0349 0x16e4  [ 018510D88536798852DAE12F9BA6E138, C0D89C36F8737FD139CEA80BED65D1DB4248E667804645FF71C39BA92FEC4109 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
14:41:29.0396 0x16e4  nsiproxy - ok
14:41:29.0459 0x16e4  [ EE9B628D84DE372953A6D30AAB02DBD6, C70095FFDBB3DC5DBAD305D81C7887CE06B5CFEB39A1515DBAF1313A1DB7E9DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:41:29.0568 0x16e4  Ntfs - ok
14:41:29.0615 0x16e4  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:41:29.0662 0x16e4  Null - ok
14:41:29.0693 0x16e4  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
14:41:29.0693 0x16e4  nvraid - ok
14:41:29.0724 0x16e4  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
14:41:29.0740 0x16e4  nvstor - ok
14:41:29.0756 0x16e4  [ 9D1D5F4A66790A6B6B83B49497DB7A9F, CEFB57674BB681A0F446307E6D10D141DC2F5C5650A481FCF4D7FA877F421D0B ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
14:41:29.0834 0x16e4  nv_agp - ok
14:41:29.0849 0x16e4  [ B0D4F47A4D74F6E6A3FF6B2D109D6734, B34F0AF0EAE3A39FCE8BF3871310A7308E2C0BEF3E2F4CAB5852F8D2B2A8B457 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:41:29.0896 0x16e4  p2pimsvc - ok
14:41:29.0912 0x16e4  [ 0B100C336809C1D7DBD108A75DAFFEF5, F8E5B7EBB5F751FD5BBBD0A5CE5CD60F2EE32CC75EFA68DAAD17E2B26B71AF4E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
14:41:29.0943 0x16e4  p2psvc - ok
14:41:29.0959 0x16e4  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport        C:\WINDOWS\System32\drivers\parport.sys
14:41:30.0099 0x16e4  Parport - ok
14:41:30.0115 0x16e4  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
14:41:30.0131 0x16e4  partmgr - ok
14:41:30.0162 0x16e4  [ 10D35971E29936AE422A9C728014E761, 7B1547312663D50D72B76A7C13A01E532F41132A8E108AF5C6C086B456C86ACA ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
14:41:30.0209 0x16e4  PcaSvc - ok
14:41:30.0318 0x16e4  [ 9C1015B033ABDFC59584F480207AECDD, 288011A1F5A6C6D530122210EF3CAD09DF0BDA15E490CD5C52209037B3A0714F ] pci            C:\WINDOWS\system32\drivers\pci.sys
14:41:30.0427 0x16e4  pci - ok
14:41:30.0443 0x16e4  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
14:41:30.0459 0x16e4  pciide - ok
14:41:30.0474 0x16e4  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
14:41:30.0490 0x16e4  pcmcia - ok
14:41:30.0506 0x16e4  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
14:41:30.0521 0x16e4  pcw - ok
14:41:30.0537 0x16e4  [ E6B3ACBA06BAF48594557FCCBFA66FD2, 44A0FAC6169D9130870456DEFBFFE563FCCC4AD7A9754B455D5A1C1A77F0699D ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
14:41:30.0552 0x16e4  pdc - ok
14:41:30.0584 0x16e4  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
14:41:30.0646 0x16e4  PEAUTH - ok
14:41:30.0662 0x16e4  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
14:41:30.0693 0x16e4  PerfHost - ok
14:41:30.0787 0x16e4  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla            C:\WINDOWS\system32\pla.dll
14:41:30.0834 0x16e4  pla - ok
14:41:30.0865 0x16e4  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
14:41:30.0881 0x16e4  PlugPlay - ok
14:41:30.0896 0x16e4  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
14:41:30.0912 0x16e4  PNRPAutoReg - ok
14:41:30.0927 0x16e4  [ B0D4F47A4D74F6E6A3FF6B2D109D6734, B34F0AF0EAE3A39FCE8BF3871310A7308E2C0BEF3E2F4CAB5852F8D2B2A8B457 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:41:30.0943 0x16e4  PNRPsvc - ok
14:41:30.0974 0x16e4  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
14:41:31.0021 0x16e4  PolicyAgent - ok
14:41:31.0021 0x16e4  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power          C:\WINDOWS\system32\umpo.dll
14:41:31.0052 0x16e4  Power - ok
14:41:31.0068 0x16e4  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:41:31.0084 0x16e4  PptpMiniport - ok
14:41:31.0349 0x16e4  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:41:31.0506 0x16e4  PrintNotify - ok
14:41:31.0521 0x16e4  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor      C:\WINDOWS\System32\drivers\processr.sys
14:41:31.0552 0x16e4  Processor - ok
14:41:31.0631 0x16e4  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
14:41:31.0677 0x16e4  ProfSvc - ok
14:41:31.0693 0x16e4  [ DEF4D00D1E55B1E29138A1541D0B82D3, CB042B49BA34F501CAD5AE1277EBFC34BD7BC01C1251811733901566880FF280 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
14:41:31.0724 0x16e4  Psched - ok
14:41:31.0756 0x16e4  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE          C:\WINDOWS\system32\qwave.dll
14:41:31.0787 0x16e4  QWAVE - ok
14:41:31.0818 0x16e4  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
14:41:31.0834 0x16e4  QWAVEdrv - ok
14:41:31.0849 0x16e4  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:41:31.0865 0x16e4  RasAcd - ok
14:41:31.0881 0x16e4  [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn    C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
14:41:31.0974 0x16e4  RasAgileVpn - ok
14:41:31.0990 0x16e4  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
14:41:32.0006 0x16e4  RasAuto - ok
14:41:32.0037 0x16e4  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp        C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:41:32.0084 0x16e4  Rasl2tp - ok
14:41:32.0099 0x16e4  [ 0A655DD285E4E1E2975CEAB8FDE75295, 023B73A71CB48578702548F8F1096BDF72BE09D836F2D324DDA869E4F0354133 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:41:32.0131 0x16e4  RasMan - ok
14:41:32.0146 0x16e4  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:41:32.0162 0x16e4  RasPppoe - ok
14:41:32.0193 0x16e4  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp        C:\WINDOWS\system32\DRIVERS\rassstp.sys
14:41:32.0209 0x16e4  RasSstp - ok
14:41:32.0224 0x16e4  [ 3560C2D5A5DAC09BF81F5C5CD0029192, BF07AE75CAC322304024AF2385034847F18615439894306CC96D3F6F3C088CB5 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:41:32.0271 0x16e4  rdbss - ok
14:41:32.0287 0x16e4  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
14:41:32.0303 0x16e4  rdpbus - ok
14:41:32.0334 0x16e4  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
14:41:32.0349 0x16e4  RDPDR - ok
14:41:32.0381 0x16e4  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:41:32.0381 0x16e4  RdpVideoMiniport - ok
14:41:32.0396 0x16e4  [ 468F9F3886DD3320357ECDBFF838DBBF, B8A8198A3D7CF19D662718AC9D33AD3722D179DA88D9F3FCFFB67AAA3F95C153 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
14:41:32.0428 0x16e4  rdyboost - ok
14:41:32.0474 0x16e4  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
14:41:32.0537 0x16e4  ReFS - ok
14:41:32.0553 0x16e4  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:41:32.0568 0x16e4  RemoteAccess - ok
14:41:32.0584 0x16e4  [ 7594FEFBAD6BA4645CE7AA175C19BAD0, 32625BA39B905576F0465E261F15D222ED228A19071E3A1BC4286B5FECA0F948 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:41:32.0631 0x16e4  RemoteRegistry - ok
14:41:32.0646 0x16e4  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
14:41:32.0677 0x16e4  RFCOMM - ok
14:41:32.0677 0x16e4  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
14:41:32.0709 0x16e4  RpcEptMapper - ok
14:41:32.0709 0x16e4  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:41:32.0740 0x16e4  RpcLocator - ok
14:41:32.0771 0x16e4  [ 2928249E4DD39C2ADD3E74F02427AB8B, E331028A55FFFD753BC09163F25765AA67B1FE55BD0EB2803CC50D841E14BDA6 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
14:41:32.0803 0x16e4  RpcSs - ok
14:41:32.0818 0x16e4  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
14:41:32.0834 0x16e4  rspndr - ok
14:41:32.0896 0x16e4  rtop - ok
14:41:32.0912 0x16e4  [ 57E908ED01D8DF05B9CC6A0C9869C7A2, 2EF74F1AC8AF796D1E92190A583960E10CB498B2AC7C34BC52B69D88E5688150 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
14:41:32.0959 0x16e4  s3cap - ok
14:41:32.0959 0x16e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs          C:\WINDOWS\system32\lsass.exe
14:41:32.0974 0x16e4  SamSs - ok
14:41:32.0990 0x16e4  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
14:41:33.0006 0x16e4  sbp2port - ok
14:41:33.0021 0x16e4  [ 305B725E3FC1936162FE84A0BB526F22, 341E311BAF071F630E277BA41629883D5F8DB76E820425AB898BAC13D09971DC ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
14:41:33.0068 0x16e4  SCardSvr - ok
14:41:33.0084 0x16e4  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
14:41:33.0099 0x16e4  ScDeviceEnum - ok
14:41:33.0115 0x16e4  [ DEA731D96816F1F67C32F49E4EF248DD, 6A977D80164616A85BDAE437A3D50E055720E3163941259F19E8719F54BE267D ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:41:33.0131 0x16e4  scfilter - ok
14:41:33.0178 0x16e4  [ F5523FFAFFCE7937D076E4FE6F5BD9AD, 42B08D5B54C07331D3754688878122F9CD9C7C9253C5ED8C3185C4BF6F68D847 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:41:33.0240 0x16e4  Schedule - ok
14:41:33.0256 0x16e4  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
14:41:33.0287 0x16e4  SCPolicySvc - ok
14:41:33.0318 0x16e4  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
14:41:33.0349 0x16e4  sdbus - ok
14:41:33.0381 0x16e4  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
14:41:33.0396 0x16e4  sdstor - ok
14:41:33.0428 0x16e4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
14:41:33.0459 0x16e4  secdrv - ok
14:41:33.0459 0x16e4  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
14:41:33.0506 0x16e4  seclogon - ok
14:41:33.0521 0x16e4  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
14:41:33.0521 0x16e4  SENS - ok
14:41:33.0553 0x16e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsHIDClassDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:41:33.0568 0x16e4  SensorsHIDClassDriver - ok
14:41:33.0584 0x16e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsServiceDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:41:33.0599 0x16e4  SensorsServiceDriver - ok
14:41:33.0615 0x16e4  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
14:41:33.0646 0x16e4  SensrSvc - ok
14:41:33.0678 0x16e4  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
14:41:33.0693 0x16e4  SerCx - ok
14:41:33.0693 0x16e4  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
14:41:33.0709 0x16e4  SerCx2 - ok
14:41:33.0740 0x16e4  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
14:41:33.0771 0x16e4  Serenum - ok
14:41:33.0787 0x16e4  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\WINDOWS\System32\drivers\serial.sys
14:41:33.0912 0x16e4  Serial - ok
14:41:33.0928 0x16e4  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
14:41:33.0974 0x16e4  sermouse - ok
14:41:34.0053 0x16e4  [ 624BB76941938B9F5776DEA56004D33E, D4EE7A23665D71646622D477CA962335B4C17BAC931A728122DF8C112CD5A560 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
14:41:34.0146 0x16e4  SessionEnv - ok
14:41:34.0162 0x16e4  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
14:41:34.0178 0x16e4  sfloppy - ok
14:41:34.0193 0x16e4  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:41:34.0240 0x16e4  SharedAccess - ok
14:41:34.0349 0x16e4  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:41:34.0396 0x16e4  ShellHWDetection - ok
14:41:34.0412 0x16e4  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:41:34.0428 0x16e4  SiSRaid2 - ok
14:41:34.0443 0x16e4  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
14:41:34.0459 0x16e4  SiSRaid4 - ok
14:41:34.0474 0x16e4  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost        C:\WINDOWS\System32\smphost.dll
14:41:34.0537 0x16e4  smphost - ok
14:41:34.0568 0x16e4  [ 961507DB02D7AC0B7A7828D457143B8E, F423BE6287C65960A955EBB3BFBAC047313BEB2F54920A6E57E51FCCE855F5E0 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
14:41:34.0599 0x16e4  SNMPTRAP - ok
14:41:34.0631 0x16e4  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
14:41:34.0646 0x16e4  spaceport - ok
14:41:34.0678 0x16e4  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
14:41:34.0678 0x16e4  SpbCx - ok
14:41:34.0724 0x16e4  [ 851F06253BED584E39F5126EB5C2D6DD, 5144AA4C45598B0749D4F2CF477BB8E9B75DFB858385888E31E703B7C8FB6463 ] Spooler        C:\WINDOWS\System32\spoolsv.exe
14:41:34.0756 0x16e4  Spooler - ok
14:41:35.0146 0x16e4  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
14:41:35.0428 0x16e4  sppsvc - ok
14:41:35.0506 0x16e4  [ CA62440584866C8435AF39E70C8CDDDD, 8B4C6AF1CFD628632D20C17D4D64C70BA6609382E416007DE28E542C5E5C8798 ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
14:41:35.0537 0x16e4  srv - ok
14:41:35.0740 0x16e4  [ 9770D34D1DACA4A9C57D22D64A9E8E09, 386187918EA15CD13A394CC0C8A49E10ADCFD5E3D91279AA8D81FFFFF13DD700 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
14:41:35.0834 0x16e4  srv2 - ok
14:41:35.0849 0x16e4  [ B15C5053F127BE389F3980620D475EB0, 3EA6EFE61D09DB4F648CC3959F2880C373EB1D0FD603B7C2E67EC09D35283EE4 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:41:35.0896 0x16e4  srvnet - ok
14:41:35.0928 0x16e4  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
14:41:35.0960 0x16e4  SSDPSRV - ok
14:41:35.0992 0x16e4  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
14:41:36.0023 0x16e4  SstpSvc - ok
14:41:36.0039 0x16e4  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
14:41:36.0039 0x16e4  stexstor - ok
14:41:36.0070 0x16e4  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
14:41:36.0102 0x16e4  stisvc - ok
14:41:36.0133 0x16e4  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
14:41:36.0133 0x16e4  storahci - ok
14:41:36.0164 0x16e4  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt        C:\WINDOWS\system32\drivers\vmstorfl.sys
14:41:36.0164 0x16e4  storflt - ok
14:41:36.0180 0x16e4  [ 1D5A045F59D216448FCDE3A8D69970E2, CEDEB0843D93339D10FE4BC209CCFCB6E12C6064FD62694DA7675082E8B8C915 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
14:41:36.0195 0x16e4  stornvme - ok
14:41:36.0211 0x16e4  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
14:41:36.0242 0x16e4  StorSvc - ok
14:41:36.0258 0x16e4  [ 26F9B63705BFA9640D53FBD141041865, BBADADE6EAB71CC0B96D327E0C94BE696249003CF66E8E264BAF6716F54C545F ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
14:41:36.0289 0x16e4  storvsc - ok
14:41:36.0305 0x16e4  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc          C:\WINDOWS\system32\svsvc.dll
14:41:36.0336 0x16e4  svsvc - ok
14:41:36.0352 0x16e4  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
14:41:36.0352 0x16e4  swenum - ok
14:41:36.0383 0x16e4  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv          C:\WINDOWS\System32\swprv.dll
14:41:36.0414 0x16e4  swprv - ok
14:41:36.0430 0x16e4  [ A2BA4E39BD5794202EDB5B071B9AFD43, EE24B7DFB1CBF50E26F399F85760D80F6675DDE30CEC85789BCB56F3DC9D54D1 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:41:36.0445 0x16e4  Synth3dVsc - ok
14:41:36.0508 0x16e4  [ 0404A539EC3D731EE42632AAFFF0666A, 5558B96C9A425ADEC69A020E0FEDB6D7562A60E403A2ECDCE58CAF2CA155549F ] SysMain        C:\WINDOWS\system32\sysmain.dll
14:41:36.0586 0x16e4  SysMain - ok
14:41:36.0633 0x16e4  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:41:36.0664 0x16e4  SystemEventsBroker - ok
14:41:36.0664 0x16e4  [ 54A1F83B166F1062000A0D816CB3B43A, 8A104B2141546984CFB988CC178EB1910F6B42A19CB75A30F4E74D5EE67901EB ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:41:36.0695 0x16e4  TabletInputService - ok
14:41:36.0711 0x16e4  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
14:41:36.0742 0x16e4  TapiSrv - ok
14:41:36.0820 0x16e4  [ 12D04D8C02F16D8D7346A494E524507D, C308B26CB90052E078A3EEAF5B76D2A88708ED14E2705A492AEAE16CB18BD189 ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
14:41:36.0898 0x16e4  Tcpip - ok
14:41:37.0180 0x16e4  [ 12D04D8C02F16D8D7346A494E524507D, C308B26CB90052E078A3EEAF5B76D2A88708ED14E2705A492AEAE16CB18BD189 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:41:37.0242 0x16e4  TCPIP6 - ok
14:41:37.0273 0x16e4  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
14:41:37.0320 0x16e4  tcpipreg - ok
14:41:37.0336 0x16e4  [ 576FA545FAB846B06E79B324160DE25C, 14F1FD2769E7F5362E6452CA061564EF3DEBFDF6BC8EFF0CD4E22068A460A727 ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
14:41:37.0367 0x16e4  tdx - ok
14:41:37.0961 0x16e4  [ 7139743C088045BA6BE0B7CCE6FA2D8F, 5FE20C650DB8E9BFB9A4F43C56CE981239437A52B7BE906398A61D11A6847478 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:41:40.0428 0x16e4  TeamViewer - ok
14:41:40.0459 0x16e4  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
14:41:40.0475 0x16e4  terminpt - ok
14:41:40.0521 0x16e4  [ 680396E9E1FA365C80CA470BEB7CEECF, C51E5E5EAD08E2CED701464C4030DD161877F9A291BC8BF12AF7A0358DCA1886 ] TermService    C:\WINDOWS\System32\termsrv.dll
14:41:40.0568 0x16e4  TermService - ok
14:41:40.0584 0x16e4  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
14:41:40.0600 0x16e4  Themes - ok
14:41:40.0600 0x16e4  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER    C:\WINDOWS\system32\mmcss.dll
14:41:40.0615 0x16e4  THREADORDER - ok
14:41:40.0631 0x16e4  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
14:41:40.0646 0x16e4  TimeBroker - ok
14:41:40.0678 0x16e4  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM            C:\WINDOWS\system32\drivers\tpm.sys
14:41:40.0693 0x16e4  TPM - ok
14:41:40.0740 0x16e4  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
14:41:40.0756 0x16e4  TrkWks - ok
14:41:40.0787 0x16e4  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:41:40.0818 0x16e4  TrustedInstaller - ok
14:41:40.0834 0x16e4  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
14:41:40.0850 0x16e4  TsUsbFlt - ok
14:41:40.0881 0x16e4  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:41:40.0896 0x16e4  TsUsbGD - ok
14:41:40.0896 0x16e4  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
14:41:40.0912 0x16e4  tunnel - ok
14:41:40.0928 0x16e4  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
14:41:40.0943 0x16e4  uagp35 - ok
14:41:40.0959 0x16e4  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
14:41:40.0975 0x16e4  UASPStor - ok
14:41:41.0006 0x16e4  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
14:41:41.0021 0x16e4  UCX01000 - ok
14:41:41.0058 0x16e4  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
14:41:41.0100 0x16e4  udfs - ok
14:41:41.0116 0x16e4  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
14:41:41.0131 0x16e4  UEFI - ok
14:41:41.0147 0x16e4  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
14:41:41.0203 0x16e4  UI0Detect - ok
14:41:41.0216 0x16e4  [ 4EF2D1DCFFC75ADFFFDD471BD9EBEDCC, 9B47DB34537B08D2F934C5FA0503B3441F718F0F8CEDF2483F77C684BD2D63E5 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
14:41:41.0237 0x16e4  uliagpkx - ok
14:41:41.0253 0x16e4  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
14:41:41.0268 0x16e4  umbus - ok
14:41:41.0268 0x16e4  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
14:41:41.0299 0x16e4  UmPass - ok
14:41:41.0346 0x16e4  [ 87743CF5FF2FB3F2B424F0D8DFF8FD8C, C14C979612426D4449274C109FCF25D3BE170DC5CD7EF8E230C7E8D5681904D3 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
14:41:41.0411 0x16e4  UmRdpService - ok
14:41:41.0427 0x16e4  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:41:41.0443 0x16e4  upnphost - ok
14:41:41.0490 0x16e4  [ 621317D14B93CBFBD5694767EFB6B40A, 84D3F4AA2CAFA11DF5EAD178889ACCAA2FF50D48AFE9518F63FBB862928630FB ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
14:41:41.0552 0x16e4  usbccgp - ok
14:41:41.0568 0x16e4  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
14:41:41.0599 0x16e4  usbcir - ok
14:41:41.0615 0x16e4  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
14:41:41.0661 0x16e4  usbehci - ok
14:41:41.0708 0x16e4  [ E30B159760053C5A1297D2CD08046CD7, E45472CEEC31616DBE2B38C4FD9B90179ED7FF29041F21FB124334B4A53AE48C ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
14:41:41.0771 0x16e4  usbhub - ok
14:41:41.0802 0x16e4  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
14:41:41.0849 0x16e4  USBHUB3 - ok
14:41:41.0865 0x16e4  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
14:41:41.0911 0x16e4  usbohci - ok
14:41:41.0927 0x16e4  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
14:41:41.0974 0x16e4  usbprint - ok
14:41:41.0974 0x16e4  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan        C:\WINDOWS\System32\drivers\usbscan.sys
14:41:42.0021 0x16e4  usbscan - ok
14:41:42.0036 0x16e4  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:41:42.0068 0x16e4  USBSTOR - ok
14:41:42.0083 0x16e4  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
14:41:42.0115 0x16e4  usbuhci - ok
14:41:42.0146 0x16e4  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:41:42.0161 0x16e4  USBXHCI - ok
14:41:42.0161 0x16e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
14:41:42.0177 0x16e4  VaultSvc - ok
14:41:42.0193 0x16e4  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
14:41:42.0208 0x16e4  vdrvroot - ok
14:41:42.0255 0x16e4  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds            C:\WINDOWS\System32\vds.exe
14:41:42.0302 0x16e4  vds - ok
14:41:42.0349 0x16e4  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
14:41:42.0365 0x16e4  VerifierExt - ok
14:41:42.0396 0x16e4  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
14:41:42.0458 0x16e4  vhdmp - ok
14:41:42.0474 0x16e4  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
14:41:42.0490 0x16e4  viaide - ok
14:41:42.0505 0x16e4  [ 0312DCB72628E57C6F0FA087295F25B8, 7DF309934FB9A4342E073E52EE136F1953BDBA0E1255E0208E7AF249A08A1D51 ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
14:41:42.0536 0x16e4  vmbus - ok
14:41:42.0536 0x16e4  [ 4A2F3A12A67BF9D4BCF2EFBADD801BA9, 130DD728DDD264E136833E250471201AACAD3C6E567AC6D8AAB7868720E01115 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
14:41:42.0615 0x16e4  VMBusHID - ok
14:41:42.0630 0x16e4  [ 73E50D3FEBA752FD9D3CBDEFF765C9CD, DB30DB8BA18582E4DC0DE560E51943B51E74294EA6C52E564641F1C734E38482 ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
14:41:42.0677 0x16e4  vmbusr - ok
14:41:42.0708 0x16e4  [ AD15850D7F16D8D9E178D225E2B166BE, 47770C6FF9D028C41A4022622ADAC3B22E0ECABECD00D18F830F5204D89194AA ] VMC412          C:\WINDOWS\System32\Drivers\VMC412.sys
14:41:42.0802 0x16e4  VMC412 - ok
14:41:42.0849 0x16e4  [ F40F49AF154CCD772112F808FF59B365, 09999190CA17AF202FAE7466F60D35B2AF2A0E8603319171BE200B93A1314DA2 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:41:42.0911 0x16e4  vmicguestinterface - ok
14:41:42.0927 0x16e4  [ F40F49AF154CCD772112F808FF59B365, 09999190CA17AF202FAE7466F60D35B2AF2A0E8603319171BE200B93A1314DA2 ] vmicheartbeat  C:\WINDOWS\System32\ICSvc.dll
14:41:42.0943 0x16e4  vmicheartbeat - ok
14:41:42.0974 0x16e4  [ F40F49AF154CCD772112F808FF59B365, 09999190CA17AF202FAE7466F60D35B2AF2A0E8603319171BE200B93A1314DA2 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:41:43.0005 0x16e4  vmickvpexchange - ok
14:41:43.0130 0x16e4  [ F40F49AF154CCD772112F808FF59B365, 09999190CA17AF202FAE7466F60D35B2AF2A0E8603319171BE200B93A1314DA2 ] vmicrdv        C:\WINDOWS\System32\ICSvc.dll
14:41:43.0208 0x16e4  vmicrdv - ok
14:41:43.0240 0x16e4  [ F40F49AF154CCD772112F808FF59B365, 09999190CA17AF202FAE7466F60D35B2AF2A0E8603319171BE200B93A1314DA2 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
14:41:43.0271 0x16e4  vmicshutdown - ok
14:41:43.0318 0x16e4  [ F40F49AF154CCD772112F808FF59B365, 09999190CA17AF202FAE7466F60D35B2AF2A0E8603319171BE200B93A1314DA2 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
14:41:43.0349 0x16e4  vmictimesync - ok
14:41:43.0365 0x16e4  [ F40F49AF154CCD772112F808FF59B365, 09999190CA17AF202FAE7466F60D35B2AF2A0E8603319171BE200B93A1314DA2 ] vmicvss        C:\WINDOWS\System32\ICSvc.dll
14:41:43.0380 0x16e4  vmicvss - ok
14:41:43.0427 0x16e4  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
14:41:43.0443 0x16e4  volmgr - ok
14:41:43.0474 0x16e4  [ 7DD4EAE2E680948D9AFF3E1B5234C1D3, 7B893CEF2B72458F5C716C811A24E4A8856E12E2AC9F551606A64B59C9DCF272 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
14:41:43.0521 0x16e4  volmgrx - ok
14:41:43.0552 0x16e4  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
14:41:43.0615 0x16e4  volsnap - ok
14:41:43.0630 0x16e4  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
14:41:43.0646 0x16e4  vpci - ok
14:41:43.0661 0x16e4  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
14:41:43.0677 0x16e4  vsmraid - ok
14:41:43.0724 0x16e4  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS            C:\WINDOWS\system32\vssvc.exe
14:41:43.0786 0x16e4  VSS - ok
14:41:43.0849 0x16e4  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
14:41:43.0880 0x16e4  VSTXRAID - ok
14:41:43.0880 0x16e4  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
14:41:43.0958 0x16e4  vwifibus - ok
14:41:43.0974 0x16e4  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
14:41:44.0036 0x16e4  vwififlt - ok
14:41:44.0052 0x16e4  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp        C:\WINDOWS\system32\DRIVERS\vwifimp.sys
14:41:44.0099 0x16e4  vwifimp - ok
14:41:44.0130 0x16e4  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time        C:\WINDOWS\system32\w32time.dll
14:41:44.0193 0x16e4  W32Time - ok
14:41:44.0208 0x16e4  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
14:41:44.0208 0x16e4  WacomPen - ok
14:41:44.0240 0x16e4  [ FCAFB80B6BB215E908EA1E9F598FEBCB, 9DCF4EE49AAD1E23F904FECDCEECDE3879D61B648DCF675CB5C3B52B779BC802 ] WANARP          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:41:44.0271 0x16e4  WANARP - ok
14:41:44.0286 0x16e4  [ FCAFB80B6BB215E908EA1E9F598FEBCB, 9DCF4EE49AAD1E23F904FECDCEECDE3879D61B648DCF675CB5C3B52B779BC802 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:41:44.0286 0x16e4  Wanarpv6 - ok
14:41:44.0349 0x16e4  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\WINDOWS\system32\wbengine.exe
14:41:44.0443 0x16e4  wbengine - ok
14:41:44.0458 0x16e4  [ EA5B116BC4819060F5B5003EA16EAA93, 4FCA2DA4AF523A8B50C673B694E40C46D6883009E66E1555F0E646B337EB6A96 ] WBHWDOCT        C:\Program Files\Lenovo\Alpha\WBHWDOCT64.SYS
14:41:44.0474 0x16e4  WBHWDOCT - ok
14:41:44.0490 0x16e4  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
14:41:44.0536 0x16e4  WbioSrvc - ok
14:41:44.0552 0x16e4  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
14:41:44.0568 0x16e4  Wcmsvc - ok
14:41:44.0599 0x16e4  [ A7F2B008F038EFFED5A847029852BC27, EC6C6DEC559AA0DD4307F87880939A84A4CFB13C73C92C444E9B53EBBDE80F79 ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
14:41:44.0630 0x16e4  wcncsvc - ok
14:41:44.0646 0x16e4  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:41:44.0771 0x16e4  WcsPlugInService - ok
14:41:44.0786 0x16e4  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
14:41:44.0833 0x16e4  WdBoot - ok
14:41:44.0865 0x16e4  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
14:41:44.0896 0x16e4  Wdf01000 - ok
14:41:44.0911 0x16e4  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
14:41:44.0943 0x16e4  WdFilter - ok
14:41:44.0958 0x16e4  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
14:41:44.0974 0x16e4  WdiServiceHost - ok
14:41:44.0974 0x16e4  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
14:41:44.0990 0x16e4  WdiSystemHost - ok
14:41:45.0021 0x16e4  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:41:45.0036 0x16e4  WdNisDrv - ok
14:41:45.0036 0x16e4  WdNisSvc - ok
14:41:45.0068 0x16e4  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient      C:\WINDOWS\System32\webclnt.dll
14:41:45.0115 0x16e4  WebClient - ok
14:41:45.0146 0x16e4  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
14:41:45.0161 0x16e4  Wecsvc - ok
14:41:45.0193 0x16e4  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
14:41:45.0208 0x16e4  WEPHOSTSVC - ok
14:41:45.0224 0x16e4  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
14:41:45.0255 0x16e4  wercplsupport - ok
14:41:45.0255 0x16e4  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
14:41:45.0271 0x16e4  WerSvc - ok
14:41:45.0349 0x16e4  [ B3E08E32BD082100928C6BA18AE5E526, 1D93EB34B5A6DE9CEF3A0F41C346E2172CA43A3EEDD9230CB24DB1AC6F1974DF ] WFPLWFS        C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
14:41:45.0411 0x16e4  WFPLWFS - ok
14:41:45.0427 0x16e4  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
14:41:45.0443 0x16e4  WiaRpc - ok
14:41:45.0458 0x16e4  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
14:41:45.0458 0x16e4  WIMMount - ok
14:41:45.0474 0x16e4  WinDefend - ok
14:41:45.0552 0x16e4  [ A083D80E73C2186C63A973971BD6E76D, 921BF84860F75FBDC841789B88E7C2835ADAB3DDCE7E7A7E61DE23D3376CAF96 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:41:45.0599 0x16e4  WinHttpAutoProxySvc - ok
14:41:45.0615 0x16e4  [ 66C365B542195C1F6E2FF4A7D8F3827C, FB43A64453283D1B236AFF73F010B8F6106B971047313B9B4EBE925C4DD325A2 ] WinI2C-DDC      C:\WINDOWS\system32\drivers\DDCDrv.sys
14:41:45.0630 0x16e4  WinI2C-DDC - ok
14:41:45.0693 0x16e4  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
14:41:45.0708 0x16e4  Winmgmt - ok
14:41:45.0896 0x16e4  [ F2F8EA11CF2464476E2CBE9BDF2C9776, E5EF31A42CA0D02CD5C6539A92E429AF5CD58F580B35716EAD03B6A5148442BF ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
14:41:46.0005 0x16e4  WinRM - ok
14:41:46.0036 0x16e4  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
14:41:46.0130 0x16e4  WinUsb - ok
14:41:46.0177 0x16e4  [ 2A4A54CB5198AEF84DF56560C679EDD9, 829BED307F9E57EEC38CEF91978034CC6846493AE33E51E76A1AC36EB5B1F197 ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
14:41:46.0224 0x16e4  WlanSvc - ok
14:41:46.0271 0x16e4  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
14:41:46.0318 0x16e4  wlidsvc - ok
14:41:46.0349 0x16e4  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
14:41:46.0349 0x16e4  WmiAcpi - ok
14:41:46.0365 0x16e4  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:41:46.0380 0x16e4  wmiApSrv - ok
14:41:46.0396 0x16e4  WMPNetworkSvc - ok
14:41:46.0411 0x16e4  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
14:41:46.0427 0x16e4  Wof - ok
14:41:46.0490 0x16e4  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
14:41:46.0693 0x16e4  workfolderssvc - ok
14:41:46.0708 0x16e4  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr        C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:41:46.0708 0x16e4  wpcfltr - ok
14:41:46.0724 0x16e4  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
14:41:46.0740 0x16e4  WPCSvc - ok
14:41:46.0771 0x16e4  [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
14:41:46.0818 0x16e4  WPDBusEnum - ok
14:41:46.0833 0x16e4  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:41:46.0833 0x16e4  WpdUpFltr - ok
14:41:46.0865 0x16e4  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:41:46.0880 0x16e4  ws2ifsl - ok
14:41:46.0911 0x16e4  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:41:46.0927 0x16e4  wscsvc - ok
14:41:46.0927 0x16e4  WSearch - ok
14:41:47.0068 0x16e4  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService      C:\WINDOWS\System32\WSService.dll
14:41:47.0177 0x16e4  WSService - ok
14:41:47.0208 0x16e4  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
14:41:47.0240 0x16e4  wsvd - ok
14:41:47.0349 0x16e4  [ 4B93BC39257006A7330D71907C74E319, D0EE6F28741037D6A868AA7212C42BAD1C0979E13FE3B68D625C7AC7514F0067 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
14:41:47.0552 0x16e4  wuauserv - ok
14:41:47.0599 0x16e4  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
14:41:47.0615 0x16e4  WudfPf - ok
14:41:47.0630 0x16e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
14:41:47.0646 0x16e4  WUDFRd - ok
14:41:47.0661 0x16e4  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
14:41:47.0693 0x16e4  wudfsvc - ok
14:41:47.0708 0x16e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:41:47.0708 0x16e4  WUDFWpdFs - ok
14:41:47.0724 0x16e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:41:47.0740 0x16e4  WUDFWpdMtp - ok
14:41:47.0802 0x16e4  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
14:41:47.0833 0x16e4  WwanSvc - ok
14:41:47.0880 0x16e4  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
14:41:49.0474 0x16e4  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:41:49.0568 0x16e4  Detect skipped due to KSN trusted
14:41:49.0568 0x16e4  ZAtheros Bt and Wlan Coex Agent - ok
14:41:49.0568 0x16e4  ================ Scan global ===============================
14:41:49.0615 0x16e4  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
14:41:49.0630 0x16e4  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
14:41:49.0646 0x16e4  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
14:41:49.0677 0x16e4  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
14:41:49.0693 0x16e4  [ Global ] - ok
14:41:49.0693 0x16e4  ================ Scan MBR ==================================
14:41:49.0708 0x16e4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:41:49.0802 0x16e4  \Device\Harddisk0\DR0 - ok
14:41:49.0818 0x16e4  ================ Scan VBR ==================================
14:41:49.0833 0x16e4  [ 07B2C29215AEF15224A83DA777483F66 ] \Device\Harddisk0\DR0\Partition1
14:41:49.0833 0x16e4  \Device\Harddisk0\DR0\Partition1 - ok
14:41:49.0849 0x16e4  [ 486433BA8AA1A540DD212D9075903299 ] \Device\Harddisk0\DR0\Partition2
14:41:49.0849 0x16e4  \Device\Harddisk0\DR0\Partition2 - ok
14:41:49.0865 0x16e4  [ F1F28013A8D4D924C7FB91329E097335 ] \Device\Harddisk0\DR0\Partition3
14:41:49.0865 0x16e4  \Device\Harddisk0\DR0\Partition3 - ok
14:41:49.0880 0x16e4  [ 9C0C036CE7F51C3EF02D635FEF482980 ] \Device\Harddisk0\DR0\Partition4
14:41:49.0880 0x16e4  \Device\Harddisk0\DR0\Partition4 - ok
14:41:49.0880 0x16e4  [ 9B98DD9FEF5830B80628C44ACF6870C0 ] \Device\Harddisk0\DR0\Partition5
14:41:49.0880 0x16e4  \Device\Harddisk0\DR0\Partition5 - ok
14:41:49.0896 0x16e4  [ A1B651C130B3D870A7490C00F1A60D2F ] \Device\Harddisk0\DR0\Partition6
14:41:49.0911 0x16e4  \Device\Harddisk0\DR0\Partition6 - ok
14:41:49.0927 0x16e4  [ ACCBAEB5C2EB98080EA9437595F90E08 ] \Device\Harddisk0\DR0\Partition7
14:41:49.0927 0x16e4  \Device\Harddisk0\DR0\Partition7 - ok
14:41:49.0943 0x16e4  [ 5E0B3B038750CC9C4433CEF9A59E04F6 ] \Device\Harddisk0\DR0\Partition8
14:41:49.0943 0x16e4  \Device\Harddisk0\DR0\Partition8 - ok
14:41:49.0943 0x16e4  [ DCE8CC80D599A0372408F4AAC6314170 ] \Device\Harddisk0\DR0\Partition9
14:41:49.0943 0x16e4  \Device\Harddisk0\DR0\Partition9 - ok
14:41:49.0958 0x16e4  [ 83F0AC5796CBA4524ACC3310021F4A7F ] \Device\Harddisk0\DR0\Partition10
14:41:49.0974 0x16e4  \Device\Harddisk0\DR0\Partition10 - ok
14:41:49.0974 0x16e4  ================ Scan generic autorun ======================
14:41:50.0521 0x16e4  [ 98E1071BF414F3BF9B064DB4B0BE8BE2, 5123E9303E94012614DCC9D4518BF29C81A379C7394D000930F250646B3A6A37 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:41:50.0802 0x16e4  RtHDVCpl - ok
14:41:50.0943 0x16e4  [ 538A8F4ECD7C25FC4826D758F7189178, 4DFA15B0282830D91E8F22D4637A3FD68D917B04FB1FE3F6E131CDC6A8D45983 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:41:50.0974 0x16e4  RtHDVBg_Dolby - ok
14:41:51.0052 0x16e4  [ 4503FA7E89950178CAD1B635B501640D, E607913AE096DB1E07B9FE1003DF9F9E294FC512F6CD3DEE8D0FB9851491BA37 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
14:41:51.0052 0x16e4  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
14:41:51.0162 0x16e4  Detect skipped due to KSN trusted
14:41:51.0162 0x16e4  IAStorIcon - ok
14:41:51.0208 0x16e4  [ 75FBFC49CE8A7EF087AB450145C093C1, 9682D832BFA8054D32A6C977CE3EF2B376EDDCBD9D722703029690203EA0061F ] C:\WINDOWS\system32\igfxtray.exe
14:41:51.0224 0x16e4  IgfxTray - ok
14:41:51.0255 0x16e4  [ 72B4FA18F38AA2E77C6B10DE6A3D8A65, 40DCFA447D5D6D190F4486F23009C7CBEF1472D712A8C29FEBE8B9EAA54D03A8 ] C:\Program Files\Lenovo\Alpha\WatcherService.exe
14:41:51.0271 0x16e4  AlphaShell - ok
14:41:51.0271 0x16e4  WindowsDefender - ok
14:41:51.0536 0x16e4  [ 0F264947311F05FA26EE574ABAA56E44, F1F4A3B1AEE46FEAF41EC95519730B74451D7DAA299481ECC725195BFC218447 ] C:\Program Files\McAfee\Real Protect\RealProtect.exe
14:41:51.0740 0x16e4  RealProtect - ok
14:41:51.0818 0x16e4  [ 7872A3E17E035C5CEE8FAAF0980DCC2D, F98C6BD48B4C0F30FCF9A36B5465C930612C0742305DA168C0F936D1AD515023 ] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
14:41:51.0896 0x16e4  Lenovo Silver Silk Wireless Keyboard - detected UnsignedFile.Multi.Generic ( 1 )
14:41:52.0287 0x16e4  Detect skipped due to KSN trusted
14:41:52.0302 0x16e4  Lenovo Silver Silk Wireless Keyboard - ok
14:41:52.0349 0x16e4  [ 50299DBA20F8A1735830914777B55932, 7A8864A9FA81BF6C53797B7B8FCC2199B812A7E913D35387A0C5C63C170BAC02 ] C:\Program Files\Lenovo\LVT\LJYZ.exe
14:41:52.0365 0x16e4  LVT - ok
14:41:52.0380 0x16e4  [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe
14:41:52.0396 0x16e4  Lenovo App Shop - ok
14:41:52.0412 0x16e4  [ A1741C3B79F9DF8895E05EF43579E74B, 446094FDBA93518ABE1CDEC50E24AB60BC7CA78022A289AF5C21461778FD8001 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
14:41:52.0412 0x16e4  YouCam Mirage - ok
14:41:52.0427 0x16e4  [ 987AE08A6BDEBF77D3E20B09EC4CF8A2, 27365247D990595BF17EAE23B4166BE1AFA629F9E0B6FE91914611F24C3B37CA ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
14:41:52.0443 0x16e4  YouCam Tray - ok
14:41:52.0505 0x16e4  [ 508CB348F6CBB482AABBD7FC8192A675, 8581B6FC664609F08AF252967EE0B220BE5389747F2C959CE5EB538F7EE8524A ] C:\Program Files\Lenovo\Lenovo Eye Distance System\RunLEDS.exe
14:41:52.0552 0x16e4  Lenovo Eye Distance System - ok
14:41:52.0599 0x16e4  [ 269E4E0E2A3E0F891AE1C492299E4519, 510A2A9FD807F225B16F4DE8F8BC9E58E395230A40B4F377466DE655D95B86D3 ] C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe
14:41:52.0662 0x16e4  AvgUi - ok
14:41:52.0958 0x16e4  [ C93422F5E7A2FB8A6C167EC0A25B3A40, FB3D9B6274A86EB956F981AFF05F1F078C5CD331BA310AC81B9D9142AB2A303A ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
14:41:53.0099 0x16e4  Dropbox - ok
14:41:53.0146 0x16e4  [ 7021BCD337B4A88CF3A63AA4F0C5D05D, BBAE4E28F58F5DFD5A7737676E004CEAB67FDC5EE56BE9A467F94ADEB4DBDDDA ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:41:53.0177 0x16e4  SunJavaUpdateSched - ok
14:41:53.0255 0x16e4  [ D536CCCE2A7992688DB76941506EA970, 784BE3D82F86DBBAB1ECFED093ABD0CA78DA8C3F35420F3D08BABDCC3CAAD083 ] C:\WINDOWS\SysWOW64\wscript.exe
14:41:53.0302 0x16e4  Kenudedul - ok
14:41:53.0302 0x16e4  Waiting for KSN requests completion. In queue: 173
14:41:54.0365 0x16e4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x61100 ( enabled : updated )
14:41:54.0365 0x16e4  Win FW state via NFP2: enabled ( trusted )
14:41:54.0490 0x16e4  ============================================================
14:41:54.0490 0x16e4  Scan finished
14:41:54.0490 0x16e4  ============================================================
14:41:54.0490 0x0d94  Detected object count: 0
14:41:54.0490 0x0d94  Actual detected object count: 0

cosinus 07.05.2018 14:06
Dann kann man schon mit ziemlicher Sicherheit sagen, dass hier Schädlinge nicht die Ursache sind. Wie ich am Anfang vermutet habe....aber mittlerweile wünschen sich ja viele mittlerweile regelrecht Schädlinge :balla:


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!



adwCleaner v7.1

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel löschen
    • Prefetch-Dateien löschen
    • Proxy wiederherstellen
    • IE-Policies wiederherstellen
    • Chrome-Policies wiederherstellen
    • Winsock wiederherstellen
  • Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.
  • WICHTIG:
    Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
  • Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
  • Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).

marosa 07.05.2018 14:28
Code:
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-27-2018
# Database: 2018-05-02.2
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-07-2018
# Duration: 00:00:03
# OS:      Windows 8.1
# Cleaned:  15
# Failed:  0


***** [ Services ] *****

Deleted      rtop
Deleted      ByteFenceService

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted      C:\Windows\System32\Tasks\ByteFence

***** [ Registry ] *****

Deleted      HKU\S-1-5-18\Software\ByteFence
Deleted      HKU\.DEFAULT\Software\ByteFence
Deleted      HKLM\Software\ByteFence
Deleted      HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06DDCE35-4FDC-475F-867D-BA7767BD8E3D}
Deleted      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence
Deleted      HKLM\System\CurrentControlSet\Services\EventLog\Application\ByteFenceService
Deleted      HKCU\Software\csastats
Deleted      HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page
Deleted      HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted      HKCU\Software\PRODUCTSETUP

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Frage:
was für ein antivirus soll ich jetzt benutzen?

cosinus 07.05.2018 14:48
adwcleaner bitte zwecks Kontrolle wiederholen

marosa 07.05.2018 14:51
...sorry ich habe neulich etwas ziemlich falsch verstanden damit:

dein Zitat: Avast können wir einfach nicht mehr guten Gewissens empfehlen.
Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Ich habe verstanden wie du es meinst, AVG ist auch nicht gut und wird nicht von euch empfholen. Daher frage ich dich, welche antivirus soll ich benutzen?
Was heißt ASK?

Zitat:
Zitat von cosinus (Beitrag 1691620)
adwcleaner bitte zwecks Kontrolle wiederholen
okay, mache ich es gleich, mußte den pc ausmachen, ging wieder los mit der Maus

cosinus 07.05.2018 14:51
Es gab extra einen dickenfetten blauen Text nach der Deinstallationsauffroderung! Also bitte hör jetzt auf nachzufragen welches AV weil ich genau damit solche Zwischenfragen unterbinden will! :kloppen:

marosa 07.05.2018 15:02
Code:
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-27-2018
# Database: 2018-05-02.2
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-07-2018
# Duration: 00:00:01
# OS:      Windows 8.1
# Cleaned:  0
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

cosinus 07.05.2018 15:03
Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

http://www.trojaner-board.de/picture...&pictureid=611

marosa 07.05.2018 15:11
Zitat:
Zitat von cosinus (Beitrag 1691623)
Es gab extra einen dickenfetten blauen Text nach der Deinstallationsauffroderung! Also bitte hör jetzt auf nachzufragen welches AV weil ich genau damit solche Zwischenfragen unterbinden will! :kloppen:
Tut mir echt leid, ich möchte dich nicht ärgern. Ich bin leider nicht so ein profi, daher ist es manchmal für leihe nicht einfach alles zu verstehen. Ich mache mir einfach sorgen das der pc sich viren einfängt... und bin sehr verunsichert, und weiss nicht was ich jetzt tun soll um den pc zu schützen. Sorry. Ich danke dir für deine Hilfe.

cosinus 07.05.2018 15:15
Gerade dann musst du meine Instruktionen und Hinweise alle komplett und richtig lesen...


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:48 Uhr.
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27