| |
| |||||||
Log-Analyse und Auswertung: Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
08.08.2018, 13:48
| #16 |
 |  Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter 14:03:37.0222 0x0f7c TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
14:03:40.0737 0x0f7c ============================================================
14:03:40.0737 0x0f7c Current date / time: 2018/08/08 14:03:40.0737
14:03:40.0737 0x0f7c SystemInfo:
14:03:40.0737 0x0f7c
14:03:40.0737 0x0f7c OS Version: 10.0.17134 ServicePack: 0.0
14:03:40.0737 0x0f7c Product type: Workstation
14:03:40.0737 0x0f7c ComputerName: MARENS-PC
14:03:40.0737 0x0f7c UserName: Maren
14:03:40.0737 0x0f7c Windows directory: C:\WINDOWS
14:03:40.0737 0x0f7c System windows directory: C:\WINDOWS
14:03:40.0737 0x0f7c Running under WOW64
14:03:40.0737 0x0f7c Processor architecture: Intel x64
14:03:40.0737 0x0f7c Number of processors: 4
14:03:40.0737 0x0f7c Page size: 0x1000
14:03:40.0737 0x0f7c Boot type: Normal boot
14:03:40.0737 0x0f7c CodeIntegrityOptions = 0x00000201
14:03:40.0737 0x0f7c ============================================================
14:03:40.0768 0x0f7c KLMD registered as C:\WINDOWS\system32\drivers\84166870.sys
14:03:40.0768 0x0f7c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
14:03:40.0847 0x0f7c System UUID: {20F6B752-4751-F3C6-A3DF-F1F07952BDD4}
14:03:41.0034 0x0f7c Drive \Device\Harddisk0\DR0 - Size: 0x29EB906000 ( 167.68 Gb ), SectorSize: 0x200, Cylinders: 0x5581, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:03:41.0034 0x0f7c ============================================================
14:03:41.0034 0x0f7c \Device\Harddisk0\DR0:
14:03:41.0034 0x0f7c MBR partitions:
14:03:41.0034 0x0f7c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
14:03:41.0034 0x0f7c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x11E05000
14:03:41.0034 0x0f7c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x120F3800, BlocksNum 0x2068800
14:03:41.0034 0x0f7c ============================================================
14:03:41.0050 0x0f7c C: <-> \Device\Harddisk0\DR0\Partition2
14:03:41.0050 0x0f7c Q: <-> \Device\Harddisk0\DR0\Partition3
14:03:41.0050 0x0f7c ============================================================
14:03:41.0050 0x0f7c Initialize success
14:03:41.0050 0x0f7c ============================================================
14:03:42.0737 0x1c6c ============================================================
14:03:42.0737 0x1c6c Scan started
14:03:42.0737 0x1c6c Mode: Manual;
14:03:42.0737 0x1c6c ============================================================
14:03:42.0737 0x1c6c KSN ping started
14:03:42.0800 0x1c6c KSN ping finished: true
14:03:43.0284 0x1c6c ================ Scan system memory ========================
14:03:43.0284 0x1c6c System memory - ok
14:03:43.0284 0x1c6c ================ Scan services =============================
14:03:43.0331 0x1c6c 1394ohci - ok
14:03:43.0331 0x1c6c 3ware - ok
14:03:43.0331 0x1c6c ACPI - ok
14:03:43.0346 0x1c6c AcpiDev - ok
14:03:43.0346 0x1c6c acpiex - ok
14:03:43.0346 0x1c6c acpipagr - ok
14:03:43.0346 0x1c6c [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
14:03:43.0346 0x1c6c AcpiPmi - ok
14:03:43.0362 0x1c6c acpitime - ok
14:03:43.0378 0x1c6c [ 429052DAECD6BF6CCD462B22858B3D2A, 40F3EDE23332CCBEE8A637D099B71C0F41D328B864C8D3A7EA672E58B8069E06 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
14:03:43.0378 0x1c6c acsock - ok
14:03:43.0378 0x1c6c ADP80XX - ok
14:03:43.0393 0x1c6c AFD - ok
14:03:43.0393 0x1c6c [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
14:03:43.0393 0x1c6c afunix - ok
14:03:43.0409 0x1c6c [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:03:43.0409 0x1c6c ahcache - ok
14:03:43.0409 0x1c6c [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
14:03:43.0409 0x1c6c AJRouter - ok
14:03:43.0424 0x1c6c [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe
14:03:43.0424 0x1c6c ALG - ok
14:03:43.0424 0x1c6c AmdK8 - ok
14:03:43.0424 0x1c6c AmdPPM - ok
14:03:43.0424 0x1c6c amdsata - ok
14:03:43.0440 0x1c6c amdsbs - ok
14:03:43.0440 0x1c6c amdxata - ok
14:03:43.0440 0x1c6c [ 2CCB04097E143C7F82333863343C838C, E6A79EDDF03317BEF9B25C9FA658DF6A588DC06A9AF66338ADE31D5D29E4FB3C ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
14:03:43.0456 0x1c6c AppHostSvc - ok
14:03:43.0456 0x1c6c [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID C:\WINDOWS\system32\drivers\appid.sys
14:03:43.0456 0x1c6c AppID - ok
14:03:43.0471 0x1c6c [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
14:03:43.0471 0x1c6c AppIDSvc - ok
14:03:43.0471 0x1c6c [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll
14:03:43.0471 0x1c6c Appinfo - ok
14:03:43.0487 0x1c6c [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
14:03:43.0487 0x1c6c applockerfltr - ok
14:03:43.0487 0x1c6c [ 78548DB096DA7BA26BAA318FE9B0CEC1, 7B8D29C457B8677E3D4FAF0C070C373CD937E852BE28C1A8313E3E9448621E8D ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:03:43.0503 0x1c6c AppMgmt - ok
14:03:43.0503 0x1c6c AppReadiness - ok
14:03:43.0503 0x1c6c AppVClient - ok
14:03:43.0503 0x1c6c [ 5CD58F779237F533D5F30C294DA04C0E, 3CFEF499310AC6444369A06E604B6335D3329E1AB6E4EFBCD09BB7CA8440BB3E ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
14:03:43.0518 0x1c6c AppvStrm - ok
14:03:43.0518 0x1c6c [ A4354E3EF779E4CDC6C9D705FFBD3652, BBF11800EE6014E77C1BAA8FBFE8F551338420384E72C69579A0E8690B585D46 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
14:03:43.0518 0x1c6c AppvVemgr - ok
14:03:43.0534 0x1c6c [ 467021D15ED33D9B8CD313C7631A89B6, 18703DBB3EF3192EDFEC4A64B2BA49CBD7197B1B181C991397A2626171E22331 ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
14:03:43.0534 0x1c6c AppvVfs - ok
14:03:43.0534 0x1c6c AppXSvc - ok
14:03:43.0549 0x1c6c arcsas - ok
14:03:43.0549 0x1c6c [ 9EDC7F9BB19D3F12EB05437BD5687C8A, 182772D576C3C8A9CFDADE7F75A14DD0639C0DF5C3C345F158C2DE51708A2F76 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:03:43.0565 0x1c6c aspnet_state - ok
14:03:43.0581 0x1c6c [ 44EDBC9E6F5823D2F529113C26368A9E, DD8739523C24078B90E9B00C994C1A7793539E4C945A1F728828F48ACE608005 ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
14:03:43.0581 0x1c6c AssignedAccessManagerSvc - ok
14:03:43.0581 0x1c6c AsyncMac - ok
14:03:43.0596 0x1c6c atapi - ok
14:03:43.0596 0x1c6c AudioEndpointBuilder - ok
14:03:43.0596 0x1c6c Audiosrv - ok
14:03:43.0612 0x1c6c [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
14:03:43.0612 0x1c6c AxInstSV - ok
14:03:43.0612 0x1c6c b06bdrv - ok
14:03:43.0612 0x1c6c [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys
14:03:43.0612 0x1c6c bam - ok
14:03:43.0628 0x1c6c BasicDisplay - ok
14:03:43.0628 0x1c6c BasicRender - ok
14:03:43.0628 0x1c6c BcastDVRUserService - ok
14:03:43.0643 0x1c6c bcmfn2 - ok
14:03:43.0659 0x1c6c [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
14:03:43.0659 0x1c6c BDESVC - ok
14:03:43.0659 0x1c6c [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:03:43.0659 0x1c6c Beep - ok
14:03:43.0674 0x1c6c BFE - ok
14:03:43.0674 0x1c6c [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
14:03:43.0674 0x1c6c bindflt - ok
14:03:43.0706 0x1c6c [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll
14:03:43.0737 0x1c6c BITS - ok
14:03:43.0753 0x1c6c [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
14:03:43.0753 0x1c6c BluetoothUserService - ok
14:03:43.0768 0x1c6c bowser - ok
14:03:43.0768 0x1c6c BrokerInfrastructure - ok
14:03:43.0768 0x1c6c [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser C:\WINDOWS\System32\browser.dll
14:03:43.0784 0x1c6c Browser - ok
14:03:43.0784 0x1c6c [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll
14:03:43.0799 0x1c6c BTAGService - ok
14:03:43.0815 0x1c6c [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
14:03:43.0815 0x1c6c BthAvctpSvc - ok
14:03:43.0831 0x1c6c [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:03:43.0831 0x1c6c BthEnum - ok
14:03:43.0831 0x1c6c [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
14:03:43.0846 0x1c6c BthHFEnum - ok
14:03:43.0846 0x1c6c [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
14:03:43.0846 0x1c6c BthLEEnum - ok
14:03:43.0862 0x1c6c [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
14:03:43.0862 0x1c6c BTHMODEM - ok
14:03:43.0862 0x1c6c [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
14:03:43.0862 0x1c6c BthPan - ok
14:03:43.0862 0x1c6c BTHPORT - ok
14:03:43.0878 0x1c6c [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll
14:03:43.0878 0x1c6c bthserv - ok
14:03:43.0893 0x1c6c [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
14:03:43.0893 0x1c6c BTHUSB - ok
14:03:43.0893 0x1c6c bttflt - ok
14:03:43.0893 0x1c6c buttonconverter - ok
14:03:43.0893 0x1c6c [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys
14:03:43.0909 0x1c6c CAD - ok
14:03:43.0909 0x1c6c camsvc - ok
14:03:43.0909 0x1c6c CapImg - ok
14:03:43.0924 0x1c6c [ 1200CA82E0D59510F69B6839540A76AA, A24E0098D279B04734558032A95EEBED0F20422AF8C62783E46FDEE0DA39F94E ] CaptureService C:\WINDOWS\System32\CaptureService.dll
14:03:43.0924 0x1c6c CaptureService - ok
14:03:43.0924 0x1c6c cdfs - ok
14:03:43.0940 0x1c6c [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
14:03:43.0956 0x1c6c CDPSvc - ok
14:03:43.0971 0x1c6c [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
14:03:43.0971 0x1c6c CDPUserSvc - ok
14:03:43.0987 0x1c6c cdrom - ok
14:03:43.0987 0x1c6c [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
14:03:43.0987 0x1c6c CertPropSvc - ok
14:03:44.0003 0x1c6c cht4iscsi - ok
14:03:44.0003 0x1c6c cht4vbd - ok
14:03:44.0003 0x1c6c [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
14:03:44.0003 0x1c6c circlass - ok
14:03:44.0018 0x1c6c [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
14:03:44.0034 0x1c6c CldFlt - ok
14:03:44.0034 0x1c6c CLFS - ok
14:03:44.0190 0x1c6c [ 64536C6809869A967A7390CF2B588E05, AF1C8116014C108A8393A767FBA66CBF5E9AA836DC599D00B8F794460548254F ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
14:03:44.0331 0x1c6c ClickToRunSvc - ok
14:03:44.0362 0x1c6c [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
14:03:44.0378 0x1c6c ClipSVC - ok
14:03:44.0393 0x1c6c CmBatt - ok
14:03:44.0393 0x1c6c CNG - ok
14:03:44.0393 0x1c6c [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:03:44.0393 0x1c6c cnghwassist - ok
14:03:44.0409 0x1c6c [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
14:03:44.0409 0x1c6c CompositeBus - ok
14:03:44.0424 0x1c6c COMSysApp - ok
14:03:44.0424 0x1c6c condrv - ok
14:03:44.0424 0x1c6c CoreMessagingRegistrar - ok
14:03:44.0456 0x1c6c [ 6C9B2C4E3AA10A9209724A583373690B, E9F3E1B81B6C70848B334A3AE3D985F5A11C91898496D572F784DCF5EDA04A09 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:03:44.0456 0x1c6c cphs - ok
14:03:44.0471 0x1c6c CryptSvc - ok
14:03:44.0487 0x1c6c [ 87463F1AE447874675F1CBB55CBF7136, 83DB34BD3D9C335541B4A5552E51BB5388654C3B8EB06B28953859225BBF7B1D ] CSC C:\WINDOWS\system32\drivers\csc.sys
14:03:44.0487 0x1c6c CSC - ok
14:03:44.0503 0x1c6c [ E20EC7EA6EEF16B5780B459FBA86C521, 52CAAB13F1B1E99097E4996432943260417F519E6F4D232A0CFE0259C8BCAECF ] CscService C:\WINDOWS\System32\cscsvc.dll
14:03:44.0518 0x1c6c CscService - ok
14:03:44.0534 0x1c6c [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys
14:03:44.0534 0x1c6c dam - ok
14:03:44.0534 0x1c6c DcomLaunch - ok
14:03:44.0534 0x1c6c defragsvc - ok
14:03:44.0549 0x1c6c [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:03:44.0565 0x1c6c DeviceAssociationService - ok
14:03:44.0565 0x1c6c DeviceInstall - ok
14:03:44.0581 0x1c6c [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
14:03:44.0596 0x1c6c DevicePickerUserSvc - ok
14:03:44.0612 0x1c6c [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
14:03:44.0628 0x1c6c DevicesFlowUserSvc - ok
14:03:44.0628 0x1c6c [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
14:03:44.0628 0x1c6c DevQueryBroker - ok
14:03:44.0628 0x1c6c Dfsc - ok
14:03:44.0643 0x1c6c Dhcp - ok
14:03:44.0643 0x1c6c diagnosticshub.standardcollector.service - ok
14:03:44.0659 0x1c6c [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
14:03:44.0659 0x1c6c diagsvc - ok
14:03:44.0659 0x1c6c DiagTrack - ok
14:03:44.0659 0x1c6c Disk - ok
14:03:44.0674 0x1c6c DmEnrollmentSvc - ok
14:03:44.0674 0x1c6c dmvsc - ok
14:03:44.0674 0x1c6c [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:03:44.0674 0x1c6c dmwappushservice - ok
14:03:44.0690 0x1c6c Dnscache - ok
14:03:44.0690 0x1c6c [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
14:03:44.0706 0x1c6c dot3svc - ok
14:03:44.0706 0x1c6c [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll
14:03:44.0721 0x1c6c DPS - ok
14:03:44.0721 0x1c6c drmkaud - ok
14:03:44.0721 0x1c6c DsmSvc - ok
14:03:44.0721 0x1c6c DsSvc - ok
14:03:44.0737 0x1c6c [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
14:03:44.0737 0x1c6c DusmSvc - ok
14:03:44.0753 0x1c6c DXGKrnl - ok
14:03:44.0768 0x1c6c [ 4787BD0EED0E035EEA85625FB5F1F77E, B79E998CCC9D0D6D431645C87C7802AE90FE1A2522BD77EB16CDBF65F6F88507 ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d64x64.sys
14:03:44.0768 0x1c6c e1dexpress - ok
14:03:44.0768 0x1c6c Eaphost - ok
14:03:44.0768 0x1c6c ebdrv - ok
14:03:44.0784 0x1c6c EFS - ok
14:03:44.0784 0x1c6c EhStorClass - ok
14:03:44.0784 0x1c6c EhStorTcgDrv - ok
14:03:44.0799 0x1c6c [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
14:03:44.0799 0x1c6c embeddedmode - ok
14:03:44.0815 0x1c6c [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:03:44.0815 0x1c6c EntAppSvc - ok
14:03:44.0815 0x1c6c ErrDev - ok
14:03:44.0831 0x1c6c [ 082F9D1ADB6DF9E5DB30EB52A34FCF0A, DC62F2E7D81B4D3C266855A64A575563A31D894B19F23E841B6C8A552FAF81CC ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
14:03:44.0831 0x1c6c ESProtectionDriver - ok
14:03:44.0846 0x1c6c [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll
14:03:44.0862 0x1c6c EventSystem - ok
14:03:44.0862 0x1c6c exfat - ok
14:03:44.0862 0x1c6c fastfat - ok
14:03:44.0878 0x1c6c [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe
14:03:44.0893 0x1c6c Fax - ok
14:03:44.0893 0x1c6c fdc - ok
14:03:44.0909 0x1c6c [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
14:03:44.0909 0x1c6c fdPHost - ok
14:03:44.0909 0x1c6c [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
14:03:44.0909 0x1c6c FDResPub - ok
14:03:44.0924 0x1c6c [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
14:03:44.0924 0x1c6c fhsvc - ok
14:03:44.0924 0x1c6c [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
14:03:44.0924 0x1c6c FileCrypt - ok
14:03:44.0940 0x1c6c FileInfo - ok
14:03:44.0940 0x1c6c Filetrace - ok
14:03:44.0940 0x1c6c flpydisk - ok
14:03:44.0940 0x1c6c FltMgr - ok
14:03:44.0956 0x1c6c FontCache - ok
14:03:44.0956 0x1c6c FontCache3.0.0.0 - ok
14:03:44.0956 0x1c6c FrameServer - ok
14:03:44.0956 0x1c6c FsDepends - ok
14:03:44.0971 0x1c6c Fs_Rec - ok
14:03:44.0971 0x1c6c fvevol - ok
14:03:44.0971 0x1c6c [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
14:03:44.0971 0x1c6c gencounter - ok
14:03:44.0987 0x1c6c genericusbfn - ok
14:03:44.0987 0x1c6c GPIOClx0101 - ok
14:03:44.0987 0x1c6c gpsvc - ok
14:03:44.0987 0x1c6c [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:03:44.0987 0x1c6c GpuEnergyDrv - ok
14:03:45.0002 0x1c6c [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
14:03:45.0002 0x1c6c GraphicsPerfSvc - ok
14:03:45.0002 0x1c6c HDAudBus - ok
14:03:45.0002 0x1c6c HidBatt - ok
14:03:45.0018 0x1c6c [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
14:03:45.0018 0x1c6c HidBth - ok
14:03:45.0018 0x1c6c hidi2c - ok
14:03:45.0034 0x1c6c hidinterrupt - ok
14:03:45.0034 0x1c6c [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
14:03:45.0034 0x1c6c HidIr - ok
14:03:45.0034 0x1c6c hidserv - ok
14:03:45.0034 0x1c6c HidUsb - ok
14:03:45.0049 0x1c6c HpSAMD - ok
14:03:45.0049 0x1c6c HTTP - ok
14:03:45.0065 0x1c6c [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
14:03:45.0065 0x1c6c hvcrash - ok
14:03:45.0065 0x1c6c [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
14:03:45.0065 0x1c6c HvHost - ok
14:03:45.0081 0x1c6c [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
14:03:45.0081 0x1c6c hvservice - ok
14:03:45.0081 0x1c6c [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
14:03:45.0081 0x1c6c HwNClx0101 - ok
14:03:45.0081 0x1c6c hwpolicy - ok
14:03:45.0096 0x1c6c hyperkbd - ok
14:03:45.0096 0x1c6c HyperVideo - ok
14:03:45.0096 0x1c6c i8042prt - ok
14:03:45.0096 0x1c6c iagpio - ok
14:03:45.0112 0x1c6c iai2c - ok
14:03:45.0112 0x1c6c iaLPSS2i_GPIO2 - ok
14:03:45.0112 0x1c6c iaLPSS2i_GPIO2_BXT_P - ok
14:03:45.0112 0x1c6c iaLPSS2i_I2C - ok
14:03:45.0127 0x1c6c iaLPSS2i_I2C_BXT_P - ok
14:03:45.0127 0x1c6c iaLPSSi_GPIO - ok
14:03:45.0127 0x1c6c iaLPSSi_I2C - ok
14:03:45.0143 0x1c6c [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
14:03:45.0159 0x1c6c iaStorA - ok
14:03:45.0159 0x1c6c iaStorAVC - ok
14:03:45.0159 0x1c6c iaStorV - ok
14:03:45.0174 0x1c6c ibbus - ok
14:03:45.0174 0x1c6c [ DB706D75DADEA0ED1D939C3FC7508AF9, B3F6535422B6AFD83B9DAF661988293511BA33D8472D756232047F310E56B571 ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
14:03:45.0174 0x1c6c IBMPMDRV - ok
14:03:45.0190 0x1c6c [ 9E60D9F0E66480EF6D3355BD1FD20127, 3D24F4CB628E362EA2A975D8DED9CD930974E885BA70E19E7EAC069EEB7CBC53 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
14:03:45.0190 0x1c6c IBMPMSVC - ok
14:03:45.0190 0x1c6c ibtsiva - ok
14:03:45.0206 0x1c6c [ EAD6C953C40FC06E8E56182D9C27C480, E1DF45FF871B0A777A37702A5EF2379164DDD646D294F4520379979B7BD23B3F ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
14:03:45.0206 0x1c6c ibtusb - ok
14:03:45.0206 0x1c6c [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll
14:03:45.0221 0x1c6c icssvc - ok
14:03:45.0377 0x1c6c [ F474A11DD1F5DFA3A37945DB495B2D01, 2F6DCEF674A9507C8FC37F0876C5F7AA70A55F3DE3A7D985BFC9E488D3A0EC8E ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:03:45.0487 0x1c6c igfx - ok
14:03:45.0518 0x1c6c [ 880C59EFB0042BE63F026FF3A468D968, 24244627C8F7374E7BA4F3868F19933D6AA7DD31AF1316520ACA0553FEEF5428 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:03:45.0518 0x1c6c igfxCUIService2.0.0.0 - ok
14:03:45.0534 0x1c6c IKEEXT - ok
14:03:45.0534 0x1c6c [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
14:03:45.0534 0x1c6c IndirectKmd - ok
14:03:45.0549 0x1c6c InstallService - ok
14:03:45.0627 0x1c6c [ 51B3BD768A5EE43A94E8B6B157F4F9E1, 90D87B91F144892FEF79CB140F95BDCD8DC8895FD87A3C9E00B14E0B0C4A3E91 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:03:45.0706 0x1c6c IntcAzAudAddService - ok
14:03:45.0721 0x1c6c [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:03:45.0737 0x1c6c IntcDAud - ok
14:03:45.0752 0x1c6c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:03:45.0768 0x1c6c Intel(R) Capability Licensing Service Interface - ok
14:03:45.0784 0x1c6c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:03:45.0799 0x1c6c Intel(R) Capability Licensing Service TCP IP Interface - ok
14:03:45.0799 0x1c6c intelide - ok
14:03:45.0799 0x1c6c [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
14:03:45.0815 0x1c6c intelpep - ok
14:03:45.0815 0x1c6c intelppm - ok
14:03:45.0815 0x1c6c [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
14:03:45.0815 0x1c6c iorate - ok
14:03:45.0831 0x1c6c [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:03:45.0831 0x1c6c IpFilterDriver - ok
14:03:45.0846 0x1c6c [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
14:03:45.0862 0x1c6c iphlpsvc - ok
14:03:45.0862 0x1c6c IPMIDRV - ok
14:03:45.0877 0x1c6c [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
14:03:45.0877 0x1c6c IPNAT - ok
14:03:45.0877 0x1c6c [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
14:03:45.0877 0x1c6c IPT - ok
14:03:45.0893 0x1c6c [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
14:03:45.0893 0x1c6c IpxlatCfgSvc - ok
14:03:45.0893 0x1c6c [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys
14:03:45.0909 0x1c6c irda - ok
14:03:45.0909 0x1c6c [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
14:03:45.0909 0x1c6c IRENUM - ok
14:03:45.0909 0x1c6c [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll
14:03:45.0909 0x1c6c irmon - ok
14:03:45.0924 0x1c6c isapnp - ok
14:03:45.0924 0x1c6c iScsiPrt - ok
14:03:45.0924 0x1c6c ItSas35i - ok
14:03:45.0940 0x1c6c [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
14:03:45.0940 0x1c6c iwdbus - ok
14:03:45.0940 0x1c6c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:03:45.0940 0x1c6c jhi_service - ok
14:03:45.0956 0x1c6c kbdclass - ok
14:03:45.0956 0x1c6c kbdhid - ok
14:03:45.0956 0x1c6c kdnic - ok
14:03:45.0956 0x1c6c KeyIso - ok
14:03:45.0971 0x1c6c KSecDD - ok
14:03:45.0971 0x1c6c KSecPkg - ok
14:03:45.0971 0x1c6c ksthunk - ok
14:03:45.0987 0x1c6c [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
14:03:46.0002 0x1c6c KtmRm - ok
14:03:46.0002 0x1c6c LanmanServer - ok
14:03:46.0002 0x1c6c LanmanWorkstation - ok
14:03:46.0018 0x1c6c [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
14:03:46.0034 0x1c6c Lenovo EasyPlus Hotspot - ok
14:03:46.0034 0x1c6c [ BB7F4D4160460511EAC00B97669D7052, F268B034708C26857D2C472871D65BFD74066B95ADCAC841E69E7BE91B9DE17F ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
14:03:46.0034 0x1c6c LENOVO.CAMMUTE - ok
14:03:46.0049 0x1c6c [ D5D33958026F3BC85ED4CDAA7090C083, 0D556266D1C0FEAC5F06A7B4B65B098F6A95D159CB3817CC314E331A3D5A9A80 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
14:03:46.0049 0x1c6c LENOVO.MICMUTE - ok
14:03:46.0049 0x1c6c [ E7ADA2310BD3E95E7B0647E650DA9E50, B3A5A406DF9A828A115653D32368B4C8D77532E5258844DD9EB107115FCBFB6F ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
14:03:46.0049 0x1c6c LENOVO.TPKNRSVC - ok
14:03:46.0049 0x1c6c [ 6A7AF51544418052522D3D5862022399, F752B558BDC2F5A615BDAD2BAE7DACAF9A725CB135E2BB10BFD6BA30DB79212E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
14:03:46.0065 0x1c6c LENOVO.TVTVCAM - ok
14:03:46.0065 0x1c6c [ D253E6009F05776F505F96866CCF460F, 8A39E77B4FC780BB9C6C8A892603248D87ED70255BF9BED0218BE2420B5E8C53 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
14:03:46.0065 0x1c6c Lenovo.VIRTSCRLSVC - ok
14:03:46.0065 0x1c6c [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
14:03:46.0081 0x1c6c lfsvc - ok
14:03:46.0081 0x1c6c [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
14:03:46.0081 0x1c6c LicenseManager - ok
14:03:46.0096 0x1c6c [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
14:03:46.0096 0x1c6c lltdio - ok
14:03:46.0096 0x1c6c [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
14:03:46.0112 0x1c6c lltdsvc - ok
14:03:46.0112 0x1c6c lmhosts - ok
14:03:46.0127 0x1c6c [ 888A1DD2EB317FAF3906E64ACEE7A1BC, 1FDEA6073F64E829A4208BECBE1DAE7FBEC19D6100B001D1A78D48A3CBF687C3 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:03:46.0127 0x1c6c LMS - ok
14:03:46.0143 0x1c6c [ 49ED6CF0E353D09942AEDF219DE335B3, EEF462B2213589170722FF8B9B085209E7765A5934789F993F00D1E072F02282 ] lnvDiscoveryWinSvc C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
14:03:46.0143 0x1c6c lnvDiscoveryWinSvc - ok
14:03:46.0143 0x1c6c [ 25F003B378E831514587DC6155781227, 7E68BED3721B9B917DDF215E572EEC4D1B30805CB8C274222450F65AA6B9D945 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
14:03:46.0159 0x1c6c LSCWinService - ok
14:03:46.0159 0x1c6c LSI_SAS - ok
14:03:46.0159 0x1c6c LSI_SAS2i - ok
14:03:46.0159 0x1c6c LSI_SAS3i - ok
14:03:46.0174 0x1c6c LSI_SSS - ok
14:03:46.0174 0x1c6c LSM - ok
14:03:46.0174 0x1c6c [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
14:03:46.0190 0x1c6c luafv - ok
14:03:46.0190 0x1c6c [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
14:03:46.0206 0x1c6c LxpSvc - ok
14:03:46.0206 0x1c6c MapsBroker - ok
14:03:46.0206 0x1c6c mausbhost - ok
14:03:46.0206 0x1c6c mausbip - ok
14:03:46.0221 0x1c6c [ F6A196A0A107406D6BA54A1A7293C67A, 862B5F7EBF8FC02B7DCE3C5F7C18FCE02FD84F1E0CE47919E3945335146B8EC1 ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
14:03:46.0221 0x1c6c MBAMChameleon - ok
14:03:46.0237 0x1c6c [ 99E885018EE51F1BDDDC5228AADD873B, 657BCEA1BD0D1E06FD5496176244A814794D74D4260C50D1A57B2C7E88AD9673 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
14:03:46.0237 0x1c6c MBAMFarflt - ok
14:03:46.0237 0x1c6c [ E8F4540E13A62E1649824D4C5576EE29, A307DA9D42DCB1EE4EF83ACA7400507E56CD36269234A0EBB5C1E61EF5663581 ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
14:03:46.0237 0x1c6c MBAMProtection - ok
14:03:46.0362 0x1c6c [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
14:03:46.0471 0x1c6c MBAMService - ok
14:03:46.0487 0x1c6c [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
14:03:46.0487 0x1c6c MBAMSwissArmy - ok
14:03:46.0502 0x1c6c [ 912DB8F40C7D5CCB1918FFED8C1B99DB, 74D6CB2F1CBE41C74A00AE0DA8D9F7C5ACF3680445502C45C7A487CFAECB3A91 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
14:03:46.0502 0x1c6c MBAMWebProtection - ok
14:03:46.0502 0x1c6c megasas - ok
14:03:46.0502 0x1c6c megasas2i - ok
14:03:46.0502 0x1c6c megasas35i - ok
14:03:46.0518 0x1c6c megasr - ok
14:03:46.0518 0x1c6c [ 8FE46E9374DAD76ED081936DEDD3F6B0, 2CEA37D4C9BD68BCF554120FF2A6A6B6E2A5CBB48C62071D1210557CB6A1D32D ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
14:03:46.0518 0x1c6c MEIx64 - ok
14:03:46.0534 0x1c6c [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
14:03:46.0534 0x1c6c MessagingService - ok
14:03:46.0534 0x1c6c mlx4_bus - ok
14:03:46.0549 0x1c6c MMCSS - ok
14:03:46.0549 0x1c6c [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys
14:03:46.0549 0x1c6c Modem - ok
14:03:46.0549 0x1c6c [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys
14:03:46.0549 0x1c6c monitor - ok
14:03:46.0565 0x1c6c mouclass - ok
14:03:46.0565 0x1c6c mouhid - ok
14:03:46.0565 0x1c6c mountmgr - ok
14:03:46.0565 0x1c6c mpsdrv - ok
14:03:46.0581 0x1c6c mpssvc - ok
14:03:46.0581 0x1c6c [ FE4CB8E6B4852BFEC3754A454290353C, 215208FC8196C42C9FC37E81F84FD3AA883F44DCA098A7AFCBE98116F64B8A48 ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
14:03:46.0581 0x1c6c MQAC - ok
14:03:46.0596 0x1c6c MRxDAV - ok
14:03:46.0596 0x1c6c mrxsmb - ok
14:03:46.0596 0x1c6c mrxsmb10 - ok
14:03:46.0612 0x1c6c mrxsmb20 - ok
14:03:46.0612 0x1c6c [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
14:03:46.0612 0x1c6c MsBridge - ok
14:03:46.0627 0x1c6c [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe
14:03:46.0627 0x1c6c MSDTC - ok
14:03:46.0643 0x1c6c Msfs - ok
14:03:46.0643 0x1c6c [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:03:46.0643 0x1c6c msgpiowin32 - ok
14:03:46.0643 0x1c6c mshidkmdf - ok
14:03:46.0659 0x1c6c [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
14:03:46.0659 0x1c6c mshidumdf - ok
14:03:46.0659 0x1c6c msisadrv - ok
14:03:46.0659 0x1c6c MSiSCSI - ok
14:03:46.0659 0x1c6c msiserver - ok
14:03:46.0674 0x1c6c MSKSSRV - ok
14:03:46.0674 0x1c6c [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
14:03:46.0674 0x1c6c MsLldp - ok
14:03:46.0690 0x1c6c [ 5048B167703E801A1C631B07532A3942, F195D27C540F8A26130E6FA948B622E2ADE3973CCDE8EB37089A32D3816F07F7 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
14:03:46.0690 0x1c6c MSMQ - ok
14:03:46.0690 0x1c6c MSPCLOCK - ok
14:03:46.0690 0x1c6c MSPQM - ok
14:03:46.0705 0x1c6c MsRPC - ok
14:03:46.0705 0x1c6c [ 234715501CF129ECD718D70FDA074C57, C2FB3ACE1CA3EB6BAB907B2452422C9C79C0BDDD6F4AF093E9F5144AE639AB83 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
14:03:46.0721 0x1c6c MsSecFlt - ok
14:03:46.0721 0x1c6c mssmbios - ok
14:03:46.0721 0x1c6c MSTEE - ok
14:03:46.0737 0x1c6c MTConfig - ok
14:03:46.0737 0x1c6c Mup - ok
14:03:46.0737 0x1c6c mvumis - ok
14:03:46.0752 0x1c6c NativeWifiP - ok
14:03:46.0768 0x1c6c [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
14:03:46.0784 0x1c6c NaturalAuthentication - ok
14:03:46.0799 0x1c6c [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
14:03:46.0799 0x1c6c NcaSvc - ok
14:03:46.0815 0x1c6c [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll
14:03:46.0815 0x1c6c NcbService - ok
14:03:46.0830 0x1c6c [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
14:03:46.0830 0x1c6c NcdAutoSetup - ok
14:03:46.0846 0x1c6c ndfltr - ok
14:03:46.0846 0x1c6c NDIS - ok
14:03:46.0846 0x1c6c [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
14:03:46.0846 0x1c6c NdisCap - ok
14:03:46.0862 0x1c6c [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
14:03:46.0862 0x1c6c NdisImPlatform - ok
14:03:46.0862 0x1c6c NdisTapi - ok
14:03:46.0877 0x1c6c Ndisuio - ok
14:03:46.0877 0x1c6c NdisVirtualBus - ok
14:03:46.0877 0x1c6c NdisWan - ok
14:03:46.0877 0x1c6c ndiswanlegacy - ok
14:03:46.0893 0x1c6c ndproxy - ok
14:03:46.0893 0x1c6c [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
14:03:46.0893 0x1c6c Ndu - ok
14:03:46.0909 0x1c6c NetAdapterCx - ok
14:03:46.0909 0x1c6c NetBIOS - ok
14:03:46.0909 0x1c6c NetBT - ok
14:03:46.0909 0x1c6c Netlogon - ok
14:03:46.0924 0x1c6c Netman - ok
14:03:46.0924 0x1c6c [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:03:46.0940 0x1c6c NetMsmqActivator - ok
14:03:46.0940 0x1c6c [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:03:46.0940 0x1c6c NetPipeActivator - ok
14:03:46.0955 0x1c6c [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
14:03:46.0971 0x1c6c netprofm - ok
14:03:46.0971 0x1c6c NetSetupSvc - ok
14:03:46.0987 0x1c6c [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:03:46.0987 0x1c6c NetTcpActivator - ok
14:03:46.0987 0x1c6c [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:03:46.0987 0x1c6c NetTcpPortSharing - ok
14:03:47.0002 0x1c6c netvsc - ok
14:03:47.0065 0x1c6c [ 4BE126A9829B91EDC1A4233ABC855C17, 365BB62F9C29770E69D2E5DA561A42D3BFD9B989C94BD220DDD8212D03AACF05 ] NETwNb64 C:\WINDOWS\system32\DRIVERS\Netwbw02.sys
14:03:47.0127 0x1c6c NETwNb64 - ok
14:03:47.0143 0x1c6c [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
14:03:47.0159 0x1c6c NgcCtnrSvc - ok
14:03:47.0159 0x1c6c NgcSvc - ok
14:03:47.0174 0x1c6c NlaSvc - ok
14:03:47.0174 0x1c6c Npfs - ok
14:03:47.0174 0x1c6c npsvctrig - ok
14:03:47.0174 0x1c6c nsi - ok
14:03:47.0190 0x1c6c nsiproxy - ok
14:03:47.0190 0x1c6c Ntfs - ok
14:03:47.0190 0x1c6c Null - ok
14:03:47.0205 0x1c6c nvdimm - ok
14:03:47.0205 0x1c6c nvraid - ok
14:03:47.0205 0x1c6c nvstor - ok
14:03:47.0221 0x1c6c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:03:47.0221 0x1c6c odserv - ok
14:03:47.0237 0x1c6c [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
14:03:47.0252 0x1c6c OneSyncSvc - ok
14:03:47.0252 0x1c6c [ 44EC1C7AC8999C35DA603DE8E9E1393C, D0EF55DB094D8711C6F28934D207489FC8B85276CAF1E17C516BD5777132F49A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:03:47.0268 0x1c6c ose - ok
14:03:47.0268 0x1c6c [ 65E0500B39BA5D9F99DF63AFC261A90D, 2A7611C0C30D7092C3777BA49700C41A944677DF9E4F65F69E3E9CEC17EA4106 ] osrss C:\WINDOWS\system32\osrss.dll
14:03:47.0268 0x1c6c osrss - ok
14:03:47.0299 0x1c6c [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
14:03:47.0299 0x1c6c p2pimsvc - ok
14:03:47.0315 0x1c6c [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
14:03:47.0330 0x1c6c p2psvc - ok
14:03:47.0330 0x1c6c Parport - ok
14:03:47.0330 0x1c6c partmgr - ok
14:03:47.0346 0x1c6c PcaSvc - ok
14:03:47.0346 0x1c6c pci - ok
14:03:47.0346 0x1c6c pciide - ok
14:03:47.0346 0x1c6c pcmcia - ok
14:03:47.0362 0x1c6c pcw - ok
14:03:47.0362 0x1c6c pdc - ok
14:03:47.0377 0x1c6c [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
14:03:47.0393 0x1c6c PEAUTH - ok
14:03:47.0440 0x1c6c [ 05A0A1AC00A8653B49F94381872D47E7, 75B7E616D08D6D8BD964953B5CC342E72E35D8C660E2F97BD36ADA59130169F6 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
14:03:47.0471 0x1c6c PeerDistSvc - ok
14:03:47.0471 0x1c6c percsas2i - ok
14:03:47.0487 0x1c6c percsas3i - ok
14:03:47.0502 0x1c6c [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
14:03:47.0502 0x1c6c PerfHost - ok
14:03:47.0518 0x1c6c [ E12EE66C81F7F8840BB4769BDA36FFF8, 85DFB175591A79A6F9EC4F16187D70D768CB5C1BBEFD437B544A6D9CBC275DDC ] phidmice C:\WINDOWS\system32\DRIVERS\phidmice.sys
14:03:47.0518 0x1c6c phidmice - ok
14:03:47.0518 0x1c6c PhoneSvc - ok
14:03:47.0534 0x1c6c [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
14:03:47.0534 0x1c6c PimIndexMaintenanceSvc - ok
14:03:47.0580 0x1c6c [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll
14:03:47.0596 0x1c6c pla - ok
14:03:47.0612 0x1c6c PlugPlay - ok
14:03:47.0612 0x1c6c pmem - ok
14:03:47.0612 0x1c6c [ FC4F75AF9082758E536569E5E4C2AF27, 31162DE85432999D0301448ECC58863BF6909295949060A2E17D232CDEE85130 ] pmouself C:\WINDOWS\system32\DRIVERS\pmouself.sys
14:03:47.0627 0x1c6c pmouself - ok
14:03:47.0627 0x1c6c [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
14:03:47.0627 0x1c6c PNPMEM - ok
14:03:47.0627 0x1c6c [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
14:03:47.0643 0x1c6c PNRPAutoReg - ok
14:03:47.0643 0x1c6c [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
14:03:47.0659 0x1c6c PNRPsvc - ok
14:03:47.0659 0x1c6c PolicyAgent - ok
14:03:47.0674 0x1c6c Power - ok
14:03:47.0674 0x1c6c PptpMiniport - ok
14:03:47.0752 0x1c6c [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:03:47.0799 0x1c6c PrintNotify - ok
14:03:47.0815 0x1c6c [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
14:03:47.0815 0x1c6c PrintWorkflowUserSvc - ok
14:03:47.0830 0x1c6c Processor - ok
14:03:47.0830 0x1c6c ProfSvc - ok
14:03:47.0830 0x1c6c [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\WINDOWS\System32\drivers\psadd.sys
14:03:47.0846 0x1c6c psadd - ok
14:03:47.0846 0x1c6c [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
14:03:47.0846 0x1c6c Psched - ok
14:03:47.0862 0x1c6c [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
14:03:47.0862 0x1c6c PushToInstall - ok
14:03:47.0877 0x1c6c [ FA14FA4FCF33B9783F8317CFCCD08F49, 4AB631CD8BA56E2F5A110831AE4939B20D776AF4F1545D78F7B44FC93A081F0B ] pvendrlf C:\WINDOWS\system32\DRIVERS\pvendrlf.sys
14:03:47.0877 0x1c6c pvendrlf - ok
14:03:47.0877 0x1c6c [ 93430FFD315E5A378675EF07CBD22D68, 2C663F54BCBA208FDFC588B4D63FA5181269F820A7F099E6F388D5C92A563621 ] QuickControlMasterSvc C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
14:03:47.0877 0x1c6c QuickControlMasterSvc - ok
14:03:47.0893 0x1c6c [ 9A3B6FC0B44A200719BBF50E4DF8A557, 260D35AD9D6CDE5298F0FF574863717DC41D81D8A5A92784BB30B9998C0D706E ] QuickControlService C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
14:03:47.0893 0x1c6c QuickControlService - ok
14:03:47.0909 0x1c6c [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll
14:03:47.0924 0x1c6c QWAVE - ok
14:03:47.0924 0x1c6c [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
14:03:47.0924 0x1c6c QWAVEdrv - ok
14:03:47.0924 0x1c6c Ramdisk - ok
14:03:47.0940 0x1c6c RasAcd - ok
14:03:47.0940 0x1c6c RasAgileVpn - ok
14:03:47.0940 0x1c6c RasAuto - ok
14:03:47.0940 0x1c6c Rasl2tp - ok
14:03:47.0955 0x1c6c RasMan - ok
14:03:47.0955 0x1c6c RasPppoe - ok
14:03:47.0955 0x1c6c RasSstp - ok
14:03:47.0971 0x1c6c rdbss - ok
14:03:47.0971 0x1c6c [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
14:03:47.0971 0x1c6c rdpbus - ok
14:03:47.0987 0x1c6c RDPDR - ok
14:03:47.0987 0x1c6c [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:03:47.0987 0x1c6c RdpVideoMiniport - ok
14:03:48.0002 0x1c6c [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
14:03:48.0018 0x1c6c rdyboost - ok
14:03:48.0018 0x1c6c ReFS - ok
14:03:48.0018 0x1c6c ReFSv1 - ok
14:03:48.0034 0x1c6c [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:03:48.0049 0x1c6c RemoteAccess - ok
14:03:48.0049 0x1c6c [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:03:48.0065 0x1c6c RemoteRegistry - ok
14:03:48.0080 0x1c6c [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
14:03:48.0096 0x1c6c RetailDemo - ok
14:03:48.0112 0x1c6c [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
14:03:48.0112 0x1c6c RFCOMM - ok
14:03:48.0112 0x1c6c [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
14:03:48.0112 0x1c6c rhproxy - ok
14:03:48.0127 0x1c6c [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll
14:03:48.0143 0x1c6c RmSvc - ok
14:03:48.0143 0x1c6c RpcEptMapper - ok
14:03:48.0143 0x1c6c [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:03:48.0143 0x1c6c RpcLocator - ok
14:03:48.0159 0x1c6c RpcSs - ok
14:03:48.0159 0x1c6c [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
14:03:48.0159 0x1c6c rspndr - ok
14:03:48.0174 0x1c6c [ BE7E1D29CD6DAF79EF08A24A03E10D38, 6DD736E4AFFA8C2237990C3BB2B0313A2A18A77745198F847891128A1BA4D9FD ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys
14:03:48.0190 0x1c6c RTSPER - ok
14:03:48.0205 0x1c6c [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
14:03:48.0205 0x1c6c s3cap - ok
14:03:48.0205 0x1c6c SamSs - ok
14:03:48.0205 0x1c6c sbp2port - ok
14:03:48.0221 0x1c6c [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
14:03:48.0237 0x1c6c SCardSvr - ok
14:03:48.0237 0x1c6c [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
14:03:48.0252 0x1c6c ScDeviceEnum - ok
14:03:48.0252 0x1c6c [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:03:48.0252 0x1c6c scfilter - ok
14:03:48.0284 0x1c6c [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:03:48.0299 0x1c6c Schedule - ok
14:03:48.0299 0x1c6c scmbus - ok
14:03:48.0315 0x1c6c [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
14:03:48.0315 0x1c6c SCPolicySvc - ok
14:03:48.0315 0x1c6c sdbus - ok
14:03:48.0330 0x1c6c [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
14:03:48.0330 0x1c6c SDFRd - ok
14:03:48.0330 0x1c6c [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
14:03:48.0346 0x1c6c SDRSVC - ok
14:03:48.0346 0x1c6c sdstor - ok
14:03:48.0362 0x1c6c [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll
14:03:48.0362 0x1c6c seclogon - ok
14:03:48.0362 0x1c6c SecurityHealthService - ok
14:03:48.0393 0x1c6c [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
14:03:48.0424 0x1c6c SEMgrSvc - ok
14:03:48.0424 0x1c6c [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll
14:03:48.0440 0x1c6c SENS - ok
14:03:48.0440 0x1c6c Sense - ok
14:03:48.0471 0x1c6c [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
14:03:48.0502 0x1c6c SensorDataService - ok
14:03:48.0518 0x1c6c [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll
14:03:48.0533 0x1c6c SensorService - ok
14:03:48.0549 0x1c6c [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
14:03:48.0549 0x1c6c SensrSvc - ok
14:03:48.0565 0x1c6c SerCx - ok
14:03:48.0565 0x1c6c SerCx2 - ok
14:03:48.0565 0x1c6c Serenum - ok
14:03:48.0565 0x1c6c Serial - ok
14:03:48.0580 0x1c6c sermouse - ok
14:03:48.0596 0x1c6c [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
14:03:48.0612 0x1c6c SessionEnv - ok
14:03:48.0612 0x1c6c sfloppy - ok
14:03:48.0627 0x1c6c [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
14:03:48.0627 0x1c6c SgrmAgent - ok
14:03:48.0627 0x1c6c [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
14:03:48.0643 0x1c6c SgrmBroker - ok
14:03:48.0658 0x1c6c [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:03:48.0674 0x1c6c SharedAccess - ok
14:03:48.0690 0x1c6c [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
14:03:48.0705 0x1c6c SharedRealitySvc - ok
14:03:48.0721 0x1c6c [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:03:48.0737 0x1c6c ShellHWDetection - ok
14:03:48.0752 0x1c6c [ EF92588890C3ADEE806D6EE7E3892D99, 1B2F9A18D44B42621AE2408997657F7C6D5507980F5EC5F0DDF1876EAA42A471 ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx64.sys
14:03:48.0752 0x1c6c Shockprf - ok
14:03:48.0768 0x1c6c [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
14:03:48.0768 0x1c6c shpamsvc - ok
14:03:48.0783 0x1c6c SiSRaid2 - ok
14:03:48.0783 0x1c6c SiSRaid4 - ok
14:03:48.0783 0x1c6c [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:03:48.0799 0x1c6c SkypeUpdate - ok
14:03:48.0799 0x1c6c [ C4C7316E98CFBC3F0CDAEE6968D7B9DC, 176AF4E9866E4FBB01DAB80A72BA0FE1A9AF6C55B3BF30032F5EB2F8D25EF5F3 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
14:03:48.0799 0x1c6c SmbDrvI - ok
14:03:48.0815 0x1c6c [ A02AFDFB748D0A638A09DC4B5E47B240, E14BFA930A2F04012144B475DA9A565431F804DF0BA2B7595C43BB48EFBA4883 ] SMIDriver C:\WINDOWS\system32\DRIVERS\smi.sys
14:03:48.0815 0x1c6c SMIDriver - ok
14:03:48.0815 0x1c6c smphost - ok
14:03:48.0830 0x1c6c [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
14:03:48.0846 0x1c6c SmsRouter - ok
14:03:48.0862 0x1c6c [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
14:03:48.0862 0x1c6c SNMPTRAP - ok
14:03:48.0877 0x1c6c spaceport - ok
14:03:48.0877 0x1c6c [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
14:03:48.0877 0x1c6c SpatialGraphFilter - ok
14:03:48.0877 0x1c6c SpbCx - ok
14:03:48.0893 0x1c6c spectrum - ok
14:03:48.0908 0x1c6c [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe
14:03:48.0924 0x1c6c Spooler - ok
14:03:48.0940 0x1c6c sppsvc - ok
14:03:48.0955 0x1c6c [ 97E4F8B6D113CB77CAFB9257A6C4C15B, 0F732AFB074A8E54B71673A36830657EA11828B7CFF7EC32AC2E47DE333A14F4 ] SPUVCbv C:\WINDOWS\System32\Drivers\SPUVCbv64.sys
14:03:48.0971 0x1c6c SPUVCbv - ok
14:03:48.0971 0x1c6c srv - ok
14:03:48.0971 0x1c6c srv2 - ok
14:03:48.0987 0x1c6c srvnet - ok
14:03:49.0002 0x1c6c [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:03:49.0002 0x1c6c SSDPSRV - ok
14:03:49.0018 0x1c6c [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
14:03:49.0033 0x1c6c ssh-agent - ok
14:03:49.0033 0x1c6c SstpSvc - ok
14:03:49.0033 0x1c6c StateRepository - ok
14:03:49.0049 0x1c6c stexstor - ok
14:03:49.0065 0x1c6c [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll
14:03:49.0080 0x1c6c stisvc - ok
14:03:49.0080 0x1c6c storahci - ok
14:03:49.0080 0x1c6c storflt - ok
14:03:49.0096 0x1c6c stornvme - ok
14:03:49.0096 0x1c6c storqosflt - ok
14:03:49.0096 0x1c6c StorSvc - ok
14:03:49.0112 0x1c6c storufs - ok
14:03:49.0112 0x1c6c storvsc - ok
14:03:49.0112 0x1c6c [ BC2CF20E9C24423FF8826C601104A4CC, E71D5070B7BA59CDC61D555FB9D8ADD178521FB186174CB522852522929D62D4 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
14:03:49.0112 0x1c6c SUService - ok
14:03:49.0127 0x1c6c svsvc - ok
14:03:49.0127 0x1c6c swenum - ok
14:03:49.0143 0x1c6c swprv - ok
14:03:49.0143 0x1c6c [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:03:49.0143 0x1c6c Synth3dVsc - ok
14:03:49.0174 0x1c6c [ 6F02CE00CF9B10E134FA659F9D1353E8, 26616F8CCA9E67066EC02B477BE838023AB1307D7D7DA26ED14C065E0F4AA5B2 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:03:49.0174 0x1c6c SynTP - ok
14:03:49.0190 0x1c6c [ 6CDAAEB36655B8963081C0E11BBBEE02, 3766074C780B95CA54A40FF075C08DEC3A46CECF42C1E047F3FA78C27783ED73 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
14:03:49.0190 0x1c6c SynTPEnhService - ok
14:03:49.0221 0x1c6c [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain C:\WINDOWS\system32\sysmain.dll
14:03:49.0237 0x1c6c SysMain - ok
14:03:49.0252 0x1c6c SystemEventsBroker - ok
14:03:49.0252 0x1c6c [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:03:49.0268 0x1c6c TabletInputService - ok
14:03:49.0268 0x1c6c [ 9F04EBEFACA1CB11428CD3B91782D732, F43AF03810211912A97E357DFAFDF240144197549C67256DB64674564DC9E4C1 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
14:03:49.0268 0x1c6c tap0901 - ok
14:03:49.0283 0x1c6c [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:03:49.0299 0x1c6c TapiSrv - ok
14:03:49.0299 0x1c6c Tcpip - ok
14:03:49.0299 0x1c6c Tcpip6 - ok
14:03:49.0315 0x1c6c [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
14:03:49.0315 0x1c6c tcpipreg - ok
14:03:49.0315 0x1c6c tdx - ok
14:03:49.0330 0x1c6c [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
14:03:49.0330 0x1c6c terminpt - ok
14:03:49.0362 0x1c6c [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll
14:03:49.0377 0x1c6c TermService - ok
14:03:49.0393 0x1c6c [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll
14:03:49.0393 0x1c6c Themes - ok
14:03:49.0408 0x1c6c [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
14:03:49.0424 0x1c6c TieringEngineService - ok
14:03:49.0424 0x1c6c TimeBrokerSvc - ok
14:03:49.0424 0x1c6c TokenBroker - ok
14:03:49.0440 0x1c6c [ A61D61672153DFF710CA33186D2C8B18, 8A126E249D1BEB66153A958ACD2C56F8DD8D0D762F0BB035E69FCC259C0A8757 ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM64.sys
14:03:49.0440 0x1c6c TPDIGIMN - ok
14:03:49.0440 0x1c6c [ 40492513735AED7A4357AAEC84873027, ACBD7F5A2C90866996C7DD0B69AAF6C79AFB0546A31682D8BD9E378DE2A2375C ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG64.exe
14:03:49.0455 0x1c6c TPHDEXLGSVC - ok
14:03:49.0455 0x1c6c [ 3B4250CB21F95FFA64162389106F39BA, 2461E6D335D699F837908254FDA43C789D589FE90C9592B5B43D964CFDB43F11 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
14:03:49.0455 0x1c6c TPHKLOAD - ok
14:03:49.0471 0x1c6c [ 667EF334C512416712F14118E3382919, D59D3ED81E823A84885AA0787B020DAFBCA20303F1F5A37F37E5392C5C272F9D ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
14:03:49.0471 0x1c6c TPHKSVC - ok
14:03:49.0471 0x1c6c TPM - ok
14:03:49.0471 0x1c6c [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll
14:03:49.0487 0x1c6c TrkWks - ok
14:03:49.0487 0x1c6c TrustedInstaller - ok
14:03:49.0502 0x1c6c [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
14:03:49.0502 0x1c6c TsUsbFlt - ok
14:03:49.0502 0x1c6c [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:03:49.0518 0x1c6c TsUsbGD - ok
14:03:49.0518 0x1c6c [ 3A84A09CBC42148A0C7D00B3E82517F1, 75E609AC991C96E31F55E723925EAF9A363DC5B3324FFD4CFCB701189369D701 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
14:03:49.0518 0x1c6c tsusbhub - ok
14:03:49.0533 0x1c6c [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
14:03:49.0533 0x1c6c tunnel - ok
14:03:49.0549 0x1c6c [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
14:03:49.0549 0x1c6c tzautoupdate - ok
14:03:49.0549 0x1c6c UASPStor - ok
14:03:49.0565 0x1c6c [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
14:03:49.0565 0x1c6c UcmCx0101 - ok
14:03:49.0580 0x1c6c [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
14:03:49.0580 0x1c6c UcmTcpciCx0101 - ok
14:03:49.0580 0x1c6c [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
14:03:49.0580 0x1c6c UcmUcsi - ok
14:03:49.0596 0x1c6c Ucx01000 - ok
14:03:49.0596 0x1c6c UdeCx - ok
14:03:49.0596 0x1c6c udfs - ok
14:03:49.0612 0x1c6c UEFI - ok
14:03:49.0612 0x1c6c [ AD58EA78772B8163CFDE9BF671B6F8F1, E8304179B6B52B143846AEF80C7B2D577125742EA2DFF09F8AC5F37F4E28793E ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
14:03:49.0612 0x1c6c UevAgentDriver - ok
14:03:49.0643 0x1c6c [ F7E36C20DB953DFF4FDDB817904C0E48, 2C5EDE0807D8A5EC4B6E0FE0C308B37DBBDE12714FD9ADC4CE3EF4E0A5692207 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
14:03:49.0674 0x1c6c UevAgentService - ok
14:03:49.0674 0x1c6c [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
14:03:49.0690 0x1c6c Ufx01000 - ok
14:03:49.0690 0x1c6c UfxChipidea - ok
14:03:49.0690 0x1c6c ufxsynopsys - ok
14:03:49.0705 0x1c6c umbus - ok
14:03:49.0721 0x1c6c UmPass - ok
14:03:49.0721 0x1c6c [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
14:03:49.0737 0x1c6c UmRdpService - ok
14:03:49.0768 0x1c6c [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
14:03:49.0799 0x1c6c UnistoreSvc - ok
14:03:49.0815 0x1c6c [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:03:49.0830 0x1c6c upnphost - ok
14:03:49.0830 0x1c6c [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
14:03:49.0830 0x1c6c UrsChipidea - ok
14:03:49.0846 0x1c6c [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
14:03:49.0846 0x1c6c UrsCx01000 - ok
14:03:49.0846 0x1c6c [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
14:03:49.0846 0x1c6c UrsSynopsys - ok
14:03:49.0862 0x1c6c [ 524BFB402B1AB1007ED91E94D6AB6F72, 5A970292D2E7A580FAD86615BC6E66C2A5C74044EFF6C1543E928773E5B9C0F8 ] usb3Hub C:\WINDOWS\System32\drivers\usb3Hub.sys
14:03:49.0862 0x1c6c usb3Hub - ok
14:03:49.0862 0x1c6c usbccgp - ok
14:03:49.0877 0x1c6c [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
14:03:49.0877 0x1c6c usbcir - ok
14:03:49.0877 0x1c6c usbehci - ok
14:03:49.0893 0x1c6c usbhub - ok
14:03:49.0893 0x1c6c USBHUB3 - ok
14:03:49.0893 0x1c6c usbohci - ok
14:03:49.0908 0x1c6c [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
14:03:49.0908 0x1c6c usbprint - ok
14:03:49.0908 0x1c6c usbser - ok
14:03:49.0924 0x1c6c USBSTOR - ok
14:03:49.0924 0x1c6c usbuhci - ok
14:03:49.0924 0x1c6c USBXHCI - ok
14:03:49.0955 0x1c6c [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
14:03:49.0987 0x1c6c UserDataSvc - ok
14:03:50.0002 0x1c6c UserManager - ok
14:03:50.0002 0x1c6c UsoSvc - ok
14:03:50.0018 0x1c6c [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll
14:03:50.0033 0x1c6c VacSvc - ok
14:03:50.0033 0x1c6c [ D46604714C0BE35D0298514B2E4A7B34, 3EEFF41D198C92CC4CD8974C6575839D89A2139B64C8B08D10FB516660A2F7BD ] valWBFPolicyService C:\WINDOWS\system32\valWBFPolicyService.exe
14:03:50.0049 0x1c6c valWBFPolicyService - ok
14:03:50.0049 0x1c6c [ 151F02D8A7E5CB7765E7C2BA5B0AD1D4, B7A3D233046510FEC6866020490B14B3A544BFC82A14D457FBD6D821E20635D5 ] valWbioSyncSvc C:\WINDOWS\system32\valWbioSyncSvc.exe
14:03:50.0065 0x1c6c valWbioSyncSvc - ok
14:03:50.0065 0x1c6c VaultSvc - ok
14:03:50.0065 0x1c6c [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\WINDOWS\System32\drivers\VClone.sys
14:03:50.0065 0x1c6c VClone - ok
14:03:50.0080 0x1c6c vdrvroot - ok
14:03:50.0080 0x1c6c vds - ok
14:03:50.0080 0x1c6c VerifierExt - ok
14:03:50.0096 0x1c6c vhdmp - ok
14:03:50.0096 0x1c6c vhf - ok
14:03:50.0096 0x1c6c vmbus - ok
14:03:50.0112 0x1c6c VMBusHID - ok
14:03:50.0112 0x1c6c [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
14:03:50.0112 0x1c6c vmgid - ok
14:03:50.0127 0x1c6c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
14:03:50.0127 0x1c6c vmicguestinterface - ok
14:03:50.0143 0x1c6c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
14:03:50.0143 0x1c6c vmicheartbeat - ok
14:03:50.0158 0x1c6c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
14:03:50.0158 0x1c6c vmickvpexchange - ok
14:03:50.0174 0x1c6c [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
14:03:50.0190 0x1c6c vmicrdv - ok
14:03:50.0190 0x1c6c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
14:03:50.0205 0x1c6c vmicshutdown - ok
14:03:50.0205 0x1c6c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
14:03:50.0221 0x1c6c vmictimesync - ok
14:03:50.0221 0x1c6c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
14:03:50.0236 0x1c6c vmicvmsession - ok
14:03:50.0252 0x1c6c [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
14:03:50.0252 0x1c6c vmicvss - ok
14:03:50.0268 0x1c6c volmgr - ok
14:03:50.0268 0x1c6c volmgrx - ok
14:03:50.0268 0x1c6c volsnap - ok
14:03:50.0283 0x1c6c volume - ok
14:03:50.0283 0x1c6c [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
14:03:50.0283 0x1c6c vpci - ok
14:03:50.0315 0x1c6c [ 5B709509F409E43D24B4A1E59FB80F72, A138D4666425652BF750EC7AB29F348F8C5D0C3576CC13F0FBE6EFFF0F7C7931 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
14:03:50.0330 0x1c6c vpnagent - ok
14:03:50.0330 0x1c6c [ 1BD8D125A46369CE6C5BDC678074D18A, 8F2472508C3A658FA6BD870D9B4076283C8C02CE9B9C293194ED9592BE4CF6D9 ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys
14:03:50.0330 0x1c6c vpnva - ok
14:03:50.0346 0x1c6c vsmraid - ok
14:03:50.0346 0x1c6c VSS - ok
14:03:50.0346 0x1c6c VSTXRAID - ok
14:03:50.0361 0x1c6c vwifibus - ok
14:03:50.0361 0x1c6c vwififlt - ok
14:03:50.0361 0x1c6c vwifimp - ok
14:03:50.0377 0x1c6c W32Time - ok
14:03:50.0377 0x1c6c [ 244BA3FE721EAF5377634A4A39EB323D, A009894399149AC3442462DDB44C31E5E7012B43489E8458D48E30485763D0B9 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
14:03:50.0377 0x1c6c w3logsvc - ok
14:03:50.0393 0x1c6c [ 1C62EBBF82DE40E65B1B34D384C96403, 4BF2C51CBDD2E15669ECD6402E9DC243378D989FB0322AA41CC938766BED63FD ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:03:50.0408 0x1c6c W3SVC - ok
14:03:50.0424 0x1c6c [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
14:03:50.0440 0x1c6c WaaSMedicSvc - ok
14:03:50.0440 0x1c6c WacomPen - ok
14:03:50.0455 0x1c6c [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll
14:03:50.0471 0x1c6c WalletService - ok
14:03:50.0471 0x1c6c wanarp - ok
14:03:50.0471 0x1c6c wanarpv6 - ok
14:03:50.0486 0x1c6c [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
14:03:50.0486 0x1c6c WarpJITSvc - ok
14:03:50.0502 0x1c6c [ 1C62EBBF82DE40E65B1B34D384C96403, 4BF2C51CBDD2E15669ECD6402E9DC243378D989FB0322AA41CC938766BED63FD ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:03:50.0518 0x1c6c WAS - ok
14:03:50.0518 0x1c6c wbengine - ok
14:03:50.0533 0x1c6c WbioSrvc - ok
14:03:50.0533 0x1c6c [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
14:03:50.0533 0x1c6c wcifs - ok
14:03:50.0549 0x1c6c Wcmsvc - ok
14:03:50.0549 0x1c6c wcncsvc - ok
14:03:50.0565 0x1c6c [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
14:03:50.0565 0x1c6c wcnfs - ok
14:03:50.0565 0x1c6c [ 9BD1C97BAED4B916C95D4E107B3D9812, 722456319EBA63AC6EB21B6A99F4FC928F58AA972DF227EDF0982BC51F4DE86D ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
14:03:50.0565 0x1c6c WdBoot - ok
14:03:50.0580 0x1c6c Wdf01000 - ok
14:03:50.0580 0x1c6c [ D25D9930BFD78A09B8FD4A7504C6F57A, 9D94BC1368A73B06312ED9016482534EA64F7005C85AAB240ED619FDD19E7F4C ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
14:03:50.0596 0x1c6c WdFilter - ok
14:03:50.0596 0x1c6c [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
14:03:50.0611 0x1c6c WdiServiceHost - ok
14:03:50.0611 0x1c6c [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
14:03:50.0627 0x1c6c WdiSystemHost - ok
14:03:50.0627 0x1c6c wdiwifi - ok
14:03:50.0627 0x1c6c [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
14:03:50.0643 0x1c6c WdmCompanionFilter - ok
14:03:50.0643 0x1c6c [ 54E97FEADEEFF973797EB878DC0D2850, A7ABD9E8B94DA19328BB9BF498D64603C6147BE998C40A6F0F8C2E0716CBFC95 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:03:50.0643 0x1c6c WdNisDrv - ok
14:03:50.0643 0x1c6c WdNisSvc - ok
14:03:50.0658 0x1c6c [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:03:50.0674 0x1c6c WebClient - ok
14:03:50.0674 0x1c6c [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
14:03:50.0690 0x1c6c Wecsvc - ok
14:03:50.0690 0x1c6c [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
14:03:50.0705 0x1c6c WEPHOSTSVC - ok
14:03:50.0705 0x1c6c [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
14:03:50.0721 0x1c6c wercplsupport - ok
14:03:50.0721 0x1c6c WerSvc - ok
14:03:50.0736 0x1c6c [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
14:03:50.0768 0x1c6c WFDSConMgrSvc - ok
14:03:50.0768 0x1c6c WFPLWFS - ok
14:03:50.0768 0x1c6c [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
14:03:50.0783 0x1c6c WiaRpc - ok
14:03:50.0783 0x1c6c WIMMount - ok
14:03:50.0783 0x1c6c WinDefend - ok
14:03:50.0799 0x1c6c WindowsTrustedRT - ok
14:03:50.0815 0x1c6c [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
14:03:50.0815 0x1c6c WindowsTrustedRTProxy - ok
14:03:50.0815 0x1c6c WinHttpAutoProxySvc - ok
14:03:50.0830 0x1c6c WinMad - ok
14:03:50.0830 0x1c6c Winmgmt - ok
14:03:50.0846 0x1c6c [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
14:03:50.0846 0x1c6c WinNat - ok
14:03:50.0908 0x1c6c [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
14:03:50.0955 0x1c6c WinRM - ok
14:03:50.0971 0x1c6c [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
14:03:50.0971 0x1c6c WINUSB - ok
14:03:50.0986 0x1c6c WinVerbs - ok
14:03:50.0986 0x1c6c wisvc - ok
14:03:50.0986 0x1c6c WlanSvc - ok
14:03:51.0002 0x1c6c wlidsvc - ok
14:03:51.0018 0x1c6c [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
14:03:51.0049 0x1c6c wlpasvc - ok
14:03:51.0065 0x1c6c WmiAcpi - ok
14:03:51.0065 0x1c6c wmiApSrv - ok
14:03:51.0065 0x1c6c WMPNetworkSvc - ok
14:03:51.0080 0x1c6c [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
14:03:51.0080 0x1c6c Wof - ok
14:03:51.0143 0x1c6c [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
14:03:51.0174 0x1c6c workfolderssvc - ok
14:03:51.0190 0x1c6c WpcMonSvc - ok
14:03:51.0190 0x1c6c WPDBusEnum - ok
14:03:51.0205 0x1c6c [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:03:51.0205 0x1c6c WpdUpFltr - ok
14:03:51.0205 0x1c6c [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll
14:03:51.0221 0x1c6c WpnService - ok
14:03:51.0236 0x1c6c [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
14:03:51.0236 0x1c6c WpnUserService - ok
14:03:51.0252 0x1c6c ws2ifsl - ok
14:03:51.0252 0x1c6c [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll
14:03:51.0268 0x1c6c wscsvc - ok
14:03:51.0283 0x1c6c WSearch - ok
14:03:51.0283 0x1c6c wuauserv - ok
14:03:51.0299 0x1c6c [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
14:03:51.0299 0x1c6c WudfPf - ok
14:03:51.0299 0x1c6c [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:03:51.0315 0x1c6c WUDFRd - ok
14:03:51.0346 0x1c6c [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
14:03:51.0377 0x1c6c WwanSvc - ok
14:03:51.0393 0x1c6c [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
14:03:51.0408 0x1c6c xbgm - ok
14:03:51.0424 0x1c6c [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
14:03:51.0455 0x1c6c XblAuthManager - ok
14:03:51.0486 0x1c6c [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
14:03:51.0502 0x1c6c XblGameSave - ok
14:03:51.0518 0x1c6c xboxgip - ok
14:03:51.0518 0x1c6c [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
14:03:51.0533 0x1c6c XboxGipSvc - ok
14:03:51.0565 0x1c6c [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
14:03:51.0580 0x1c6c XboxNetApiSvc - ok
14:03:51.0596 0x1c6c [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
14:03:51.0596 0x1c6c xinputhid - ok
14:03:51.0596 0x1c6c ================ Scan global ===============================
14:03:51.0611 0x1c6c [ Global ] - ok
14:03:51.0611 0x1c6c ================ Scan MBR ==================================
14:03:51.0611 0x1c6c [ A2CC2DB843A17BDD7414F0ED5E4FDD21 ] \Device\Harddisk0\DR0
14:03:51.0705 0x1c6c \Device\Harddisk0\DR0 - ok
14:03:51.0705 0x1c6c ================ Scan VBR ==================================
14:03:51.0705 0x1c6c [ B2606AB0598BCE8D94328D24F2A16446 ] \Device\Harddisk0\DR0\Partition1
14:03:51.0705 0x1c6c \Device\Harddisk0\DR0\Partition1 - ok
14:03:51.0705 0x1c6c [ 5289D4D71FB58748BBC6C016001A5A69 ] \Device\Harddisk0\DR0\Partition2
14:03:51.0705 0x1c6c \Device\Harddisk0\DR0\Partition2 - ok
14:03:51.0705 0x1c6c [ 3B3A08A958A13C8C63D47B47692B6774 ] \Device\Harddisk0\DR0\Partition3
14:03:51.0721 0x1c6c \Device\Harddisk0\DR0\Partition3 - ok
14:03:51.0721 0x1c6c ================ Scan generic autorun ======================
14:03:51.0721 0x1c6c SecurityHealth - ok
14:03:51.0721 0x1c6c [ 3870A4FB83F82357713AB8DB9ED1FEBD, D1669E3E066E23D69BD4E4D4ECF7D8F0247BBD2C9E69B572273715EC18FDC0C4 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
14:03:51.0721 0x1c6c BLEServicesCtrl - ok
14:03:51.0736 0x1c6c [ 29DFA4FC734C5328FFC9FEF4F71D23A0, B15F3395472A4109346196851331254BDDB6B022B7112E3D3496B5B800F6F38A ] C:\Windows\system32\igfxtray.exe
14:03:51.0736 0x1c6c IgfxTray - ok
14:03:51.0752 0x1c6c [ 08593F82008D1524079C7CEA3D7F28F4, D6FF1875593D2BFFC137F9AD91C7A77916B83631B1D0BB97FF826F77D139B892 ] C:\WINDOWS\system32\TpShocks.exe
14:03:51.0768 0x1c6c TpShocks - ok
14:03:51.0768 0x1c6c [ 4E2FED41009B0D4E10F0121290C2EE7A, A8D1267F185439D41DA3D2486B2AEF9EE4A90362C01CB863615F44FC80EE3EC9 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
14:03:51.0783 0x1c6c LENOVO.TPKNRRES - ok
14:03:51.0861 0x1c6c [ 5CA53785B469303CC02CDB44E7410F12, 2302D64E1ECB3592DD83C3E74425F273A2628589C1FD1B0269DC319256D75E76 ] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe
14:03:51.0908 0x1c6c Enhanced Performance Keyboard - ok
14:03:52.0002 0x1c6c [ C8BD6D2BD6D52259C2A672A86AA26A51, B790812B7B2A6BBEAD46E78D97358F7135386BDA8C95C8E936BE55286C8492D7 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
14:03:52.0064 0x1c6c Lenovo Registration - ok
14:03:52.0111 0x1c6c [ E504BAAC3857F20F1D9F20EAED5E0637, 2C527925FF7EBD9F2D41E21420958A07524310F81DD1921A414D74430E13531D ] C:\Program Files (x86)\Integrated Camera\monitor.exe
14:03:52.0127 0x1c6c Integrated Camera_Monitor - ok
14:03:52.0143 0x1c6c [ 505844B5C97F8CF519DB0CF2A2E6AE1B, 57F112DA9374050D5EA3E67C6654CD29F9CC3A1B43371DA4FF423FF5682A25BB ] C:\Program Files (x86)\Mindjet\MindManager 15\MMReminderService.exe
14:03:52.0143 0x1c6c MMReminderService - ok
14:03:52.0174 0x1c6c [ CFE242C34F6DBAF1135D666A44E478C8, 46CE13A60ED54BD9C10A92042584863B623E62AE610CAE3F6AB6BFF945401317 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
14:03:52.0189 0x1c6c Cisco AnyConnect Secure Mobility Agent for Windows - ok
14:03:52.0580 0x1c6c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:03:52.0939 0x1c6c OneDriveSetup - ok
14:03:52.0971 0x1c6c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
14:03:52.0971 0x1c6c WAB Migrate - ok
14:03:53.0393 0x1c6c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:03:53.0689 0x1c6c OneDriveSetup - ok
14:03:53.0721 0x1c6c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
14:03:53.0736 0x1c6c WAB Migrate - ok
14:03:53.0768 0x1c6c [ 0E5FABACD6FC0C7D1766FF6A86F90F9A, 0E524FE27A4307ED8499A1C0D4DF1F7354BE6862085D368433F8DF7028D13803 ] C:\Users\Maren\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:03:53.0799 0x1c6c OneDrive - ok
14:03:53.0799 0x1c6c Skype - ok
14:03:53.0893 0x1c6c [ 0F07A461077941DDA25C45622C80ACD8, BF7D2F3AD62E0C653CE74D8245F1182831FE64B7FD37C81DA99581413E35E30F ] C:\Program Files (x86)\tubcloud\tubcloud.exe
14:03:53.0955 0x1c6c tubcloud - ok
14:03:54.0002 0x1c6c [ 62305D013F4E1538FA071846BD62FF52, E3DE76A994F2CCF17F443EFC928532FA6114469BC2C4B21D43B1DCE677D5D112 ] C:\Users\Maren\AppData\Local\FluxSoftware\Flux\flux.exe
14:03:54.0033 0x1c6c f.lux - ok
14:03:54.0439 0x1c6c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:03:54.0736 0x1c6c OneDriveSetup - ok
14:03:54.0767 0x1c6c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
14:03:54.0767 0x1c6c WAB Migrate - ok
14:03:54.0767 0x1c6c Waiting for KSN requests completion. In queue: 306
14:03:55.0830 0x1c6c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.13.17134.1 ), 0x62100 ( disabled : updated )
14:03:55.0830 0x1c6c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
14:03:55.0845 0x1c6c Win FW state via NFP2: enabled ( trusted )
14:03:55.0971 0x1c6c ============================================================
14:03:55.0971 0x1c6c Scan finished
14:03:55.0971 0x1c6c ============================================================
14:03:55.0971 0x1a38 Detected object count: 0
14:03:55.0971 0x1a38 Actual detected object count: 0
14:32:12.0517 0x19a8 ============================================================
|
|
08.08.2018, 13:49
| #17 |
| | Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter 14:32:12.0517 0x19a8 Scan started
14:32:12.0517 0x19a8 Mode: Manual; SigCheck; TDLFS;
14:32:12.0517 0x19a8 ============================================================
14:32:12.0517 0x19a8 KSN ping started
14:32:12.0553 0x19a8 KSN ping finished: true
14:32:13.0245 0x19a8 ================ Scan system memory ========================
14:32:13.0245 0x19a8 System memory - ok
14:32:13.0245 0x19a8 ================ Scan services =============================
14:32:13.0285 0x19a8 1394ohci - ok
14:32:13.0285 0x19a8 3ware - ok
14:32:13.0289 0x19a8 ACPI - ok
14:32:13.0293 0x19a8 AcpiDev - ok
14:32:13.0301 0x19a8 acpiex - ok
14:32:13.0305 0x19a8 acpipagr - ok
14:32:13.0309 0x19a8 [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
14:32:13.0357 0x19a8 AcpiPmi - ok
14:32:13.0361 0x19a8 acpitime - ok
14:32:13.0373 0x19a8 [ 429052DAECD6BF6CCD462B22858B3D2A, 40F3EDE23332CCBEE8A637D099B71C0F41D328B864C8D3A7EA672E58B8069E06 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
14:32:13.0397 0x19a8 acsock - ok
14:32:13.0401 0x19a8 ADP80XX - ok
14:32:13.0409 0x19a8 AFD - ok
14:32:13.0413 0x19a8 [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
14:32:13.0433 0x19a8 afunix - ok
14:32:13.0441 0x19a8 [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:32:13.0465 0x19a8 ahcache - ok
14:32:13.0469 0x19a8 [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
14:32:13.0489 0x19a8 AJRouter - ok
14:32:13.0497 0x19a8 [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe
14:32:13.0521 0x19a8 ALG - ok
14:32:13.0525 0x19a8 AmdK8 - ok
14:32:13.0525 0x19a8 AmdPPM - ok
14:32:13.0529 0x19a8 amdsata - ok
14:32:13.0533 0x19a8 amdsbs - ok
14:32:13.0537 0x19a8 amdxata - ok
14:32:13.0545 0x19a8 [ 2CCB04097E143C7F82333863343C838C, E6A79EDDF03317BEF9B25C9FA658DF6A588DC06A9AF66338ADE31D5D29E4FB3C ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
14:32:13.0561 0x19a8 AppHostSvc - ok
14:32:13.0569 0x19a8 [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID C:\WINDOWS\system32\drivers\appid.sys
14:32:13.0585 0x19a8 AppID - ok
14:32:13.0593 0x19a8 [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
14:32:13.0613 0x19a8 AppIDSvc - ok
14:32:13.0621 0x19a8 [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll
14:32:13.0645 0x19a8 Appinfo - ok
14:32:13.0649 0x19a8 [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
14:32:13.0669 0x19a8 applockerfltr - ok
14:32:13.0677 0x19a8 [ 78548DB096DA7BA26BAA318FE9B0CEC1, 7B8D29C457B8677E3D4FAF0C070C373CD937E852BE28C1A8313E3E9448621E8D ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:32:13.0701 0x19a8 AppMgmt - ok
14:32:13.0705 0x19a8 AppReadiness - ok
14:32:13.0709 0x19a8 AppVClient - ok
14:32:13.0713 0x19a8 [ 5CD58F779237F533D5F30C294DA04C0E, 3CFEF499310AC6444369A06E604B6335D3329E1AB6E4EFBCD09BB7CA8440BB3E ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
14:32:13.0729 0x19a8 AppvStrm - ok
14:32:13.0737 0x19a8 [ A4354E3EF779E4CDC6C9D705FFBD3652, BBF11800EE6014E77C1BAA8FBFE8F551338420384E72C69579A0E8690B585D46 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
14:32:13.0753 0x19a8 AppvVemgr - ok
14:32:13.0757 0x19a8 [ 467021D15ED33D9B8CD313C7631A89B6, 18703DBB3EF3192EDFEC4A64B2BA49CBD7197B1B181C991397A2626171E22331 ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
14:32:13.0773 0x19a8 AppvVfs - ok
14:32:13.0777 0x19a8 AppXSvc - ok
14:32:13.0781 0x19a8 arcsas - ok
14:32:13.0797 0x19a8 [ 9EDC7F9BB19D3F12EB05437BD5687C8A, 182772D576C3C8A9CFDADE7F75A14DD0639C0DF5C3C345F158C2DE51708A2F76 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:32:13.0813 0x19a8 aspnet_state - ok
14:32:13.0833 0x19a8 [ 44EDBC9E6F5823D2F529113C26368A9E, DD8739523C24078B90E9B00C994C1A7793539E4C945A1F728828F48ACE608005 ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
14:32:13.0865 0x19a8 AssignedAccessManagerSvc - ok
14:32:13.0869 0x19a8 AsyncMac - ok
14:32:13.0873 0x19a8 atapi - ok
14:32:13.0877 0x19a8 AudioEndpointBuilder - ok
14:32:13.0881 0x19a8 Audiosrv - ok
14:32:13.0885 0x19a8 [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
14:32:13.0905 0x19a8 AxInstSV - ok
14:32:13.0909 0x19a8 b06bdrv - ok
14:32:13.0917 0x19a8 [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys
14:32:13.0929 0x19a8 bam - ok
14:32:13.0933 0x19a8 BasicDisplay - ok
14:32:13.0937 0x19a8 BasicRender - ok
14:32:13.0945 0x19a8 BcastDVRUserService - ok
14:32:13.0949 0x19a8 bcmfn2 - ok
14:32:13.0961 0x19a8 [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
14:32:13.0989 0x19a8 BDESVC - ok
14:32:13.0993 0x19a8 [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:32:14.0021 0x19a8 Beep - ok
14:32:14.0025 0x19a8 BFE - ok
14:32:14.0029 0x19a8 [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
14:32:14.0041 0x19a8 bindflt - ok
14:32:14.0073 0x19a8 [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll
14:32:14.0149 0x19a8 BITS - ok
14:32:14.0161 0x19a8 [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
14:32:14.0201 0x19a8 BluetoothUserService - ok
14:32:14.0205 0x19a8 bowser - ok
14:32:14.0209 0x19a8 BrokerInfrastructure - ok
14:32:14.0221 0x19a8 [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser C:\WINDOWS\System32\browser.dll
14:32:14.0241 0x19a8 Browser - ok
14:32:14.0257 0x19a8 [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll
14:32:14.0293 0x19a8 BTAGService - ok
14:32:14.0309 0x19a8 [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
14:32:14.0337 0x19a8 BthAvctpSvc - ok
14:32:14.0345 0x19a8 [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:32:14.0365 0x19a8 BthEnum - ok
14:32:14.0373 0x19a8 [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
14:32:14.0393 0x19a8 BthHFEnum - ok
14:32:14.0401 0x19a8 [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
14:32:14.0421 0x19a8 BthLEEnum - ok
14:32:14.0424 0x19a8 [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
14:32:14.0445 0x19a8 BTHMODEM - ok
14:32:14.0448 0x19a8 [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
14:32:14.0473 0x19a8 BthPan - ok
14:32:14.0477 0x19a8 BTHPORT - ok
14:32:14.0485 0x19a8 [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll
14:32:14.0509 0x19a8 bthserv - ok
14:32:14.0516 0x19a8 [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
14:32:14.0532 0x19a8 BTHUSB - ok
14:32:14.0536 0x19a8 bttflt - ok
14:32:14.0540 0x19a8 buttonconverter - ok
14:32:14.0544 0x19a8 [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys
14:32:14.0560 0x19a8 CAD - ok
14:32:14.0560 0x19a8 camsvc - ok
14:32:14.0568 0x19a8 CapImg - ok
14:32:14.0572 0x19a8 [ 1200CA82E0D59510F69B6839540A76AA, A24E0098D279B04734558032A95EEBED0F20422AF8C62783E46FDEE0DA39F94E ] CaptureService C:\WINDOWS\System32\CaptureService.dll
14:32:14.0592 0x19a8 CaptureService - ok
14:32:14.0600 0x19a8 cdfs - ok
14:32:14.0616 0x19a8 [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
14:32:14.0656 0x19a8 CDPSvc - ok
14:32:14.0672 0x19a8 [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
14:32:14.0708 0x19a8 CDPUserSvc - ok
14:32:14.0716 0x19a8 cdrom - ok
14:32:14.0724 0x19a8 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
14:32:14.0752 0x19a8 CertPropSvc - ok
14:32:14.0756 0x19a8 cht4iscsi - ok
14:32:14.0760 0x19a8 cht4vbd - ok
14:32:14.0764 0x19a8 [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
14:32:14.0784 0x19a8 circlass - ok
14:32:14.0796 0x19a8 [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
14:32:14.0824 0x19a8 CldFlt - ok
14:32:14.0828 0x19a8 CLFS - ok
14:32:15.0020 0x19a8 [ 64536C6809869A967A7390CF2B588E05, AF1C8116014C108A8393A767FBA66CBF5E9AA836DC599D00B8F794460548254F ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
14:32:15.0200 0x19a8 ClickToRunSvc - ok
14:32:15.0236 0x19a8 [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
14:32:15.0272 0x19a8 ClipSVC - ok
14:32:15.0284 0x19a8 CmBatt - ok
14:32:15.0288 0x19a8 CNG - ok
14:32:15.0292 0x19a8 [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:32:15.0308 0x19a8 cnghwassist - ok
14:32:15.0320 0x19a8 [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
14:32:15.0332 0x19a8 CompositeBus - ok
14:32:15.0336 0x19a8 COMSysApp - ok
14:32:15.0340 0x19a8 condrv - ok
14:32:15.0344 0x19a8 CoreMessagingRegistrar - ok
14:32:15.0372 0x19a8 [ 6C9B2C4E3AA10A9209724A583373690B, E9F3E1B81B6C70848B334A3AE3D985F5A11C91898496D572F784DCF5EDA04A09 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:32:15.0396 0x19a8 cphs - ok
14:32:15.0404 0x19a8 CryptSvc - ok
14:32:15.0424 0x19a8 [ 87463F1AE447874675F1CBB55CBF7136, 83DB34BD3D9C335541B4A5552E51BB5388654C3B8EB06B28953859225BBF7B1D ] CSC C:\WINDOWS\system32\drivers\csc.sys
14:32:15.0460 0x19a8 CSC - ok
14:32:15.0480 0x19a8 [ E20EC7EA6EEF16B5780B459FBA86C521, 52CAAB13F1B1E99097E4996432943260417F519E6F4D232A0CFE0259C8BCAECF ] CscService C:\WINDOWS\System32\cscsvc.dll
14:32:15.0520 0x19a8 CscService - ok
14:32:15.0528 0x19a8 [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys
14:32:15.0552 0x19a8 dam - ok
14:32:15.0556 0x19a8 DcomLaunch - ok
14:32:15.0560 0x19a8 defragsvc - ok
14:32:15.0572 0x19a8 [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:32:15.0608 0x19a8 DeviceAssociationService - ok
14:32:15.0612 0x19a8 DeviceInstall - ok
14:32:15.0624 0x19a8 [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
14:32:15.0664 0x19a8 DevicePickerUserSvc - ok
14:32:15.0684 0x19a8 [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
14:32:15.0728 0x19a8 DevicesFlowUserSvc - ok
14:32:15.0736 0x19a8 [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
14:32:15.0760 0x19a8 DevQueryBroker - ok
14:32:15.0764 0x19a8 Dfsc - ok
14:32:15.0768 0x19a8 Dhcp - ok
14:32:15.0772 0x19a8 diagnosticshub.standardcollector.service - ok
14:32:15.0780 0x19a8 [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
14:32:15.0808 0x19a8 diagsvc - ok
14:32:15.0812 0x19a8 DiagTrack - ok
14:32:15.0816 0x19a8 Disk - ok
14:32:15.0820 0x19a8 DmEnrollmentSvc - ok
14:32:15.0824 0x19a8 dmvsc - ok
14:32:15.0828 0x19a8 [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:32:15.0852 0x19a8 dmwappushservice - ok
14:32:15.0856 0x19a8 Dnscache - ok
14:32:15.0868 0x19a8 [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
14:32:15.0892 0x19a8 dot3svc - ok
14:32:15.0900 0x19a8 [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll
14:32:15.0924 0x19a8 DPS - ok
14:32:15.0928 0x19a8 drmkaud - ok
14:32:15.0932 0x19a8 DsmSvc - ok
14:32:15.0936 0x19a8 DsSvc - ok
14:32:15.0948 0x19a8 [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
14:32:15.0976 0x19a8 DusmSvc - ok
14:32:15.0980 0x19a8 DXGKrnl - ok
14:32:15.0996 0x19a8 [ 4787BD0EED0E035EEA85625FB5F1F77E, B79E998CCC9D0D6D431645C87C7802AE90FE1A2522BD77EB16CDBF65F6F88507 ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d64x64.sys
14:32:16.0016 0x19a8 e1dexpress - ok
14:32:16.0020 0x19a8 Eaphost - ok
14:32:16.0024 0x19a8 ebdrv - ok
14:32:16.0028 0x19a8 EFS - ok
14:32:16.0032 0x19a8 EhStorClass - ok
14:32:16.0036 0x19a8 EhStorTcgDrv - ok
14:32:16.0044 0x19a8 [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
14:32:16.0068 0x19a8 embeddedmode - ok
14:32:16.0076 0x19a8 [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:32:16.0104 0x19a8 EntAppSvc - ok
14:32:16.0108 0x19a8 ErrDev - ok
14:32:16.0116 0x19a8 [ 082F9D1ADB6DF9E5DB30EB52A34FCF0A, DC62F2E7D81B4D3C266855A64A575563A31D894B19F23E841B6C8A552FAF81CC ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
14:32:16.0128 0x19a8 ESProtectionDriver - ok
14:32:16.0144 0x19a8 [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll
14:32:16.0180 0x19a8 EventSystem - ok
14:32:16.0184 0x19a8 exfat - ok
14:32:16.0188 0x19a8 fastfat - ok
14:32:16.0204 0x19a8 [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe
14:32:16.0244 0x19a8 Fax - ok
14:32:16.0248 0x19a8 fdc - ok
14:32:16.0256 0x19a8 [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
14:32:16.0276 0x19a8 fdPHost - ok
14:32:16.0284 0x19a8 [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
14:32:16.0308 0x19a8 FDResPub - ok
14:32:16.0316 0x19a8 [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
14:32:16.0340 0x19a8 fhsvc - ok
14:32:16.0344 0x19a8 [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
14:32:16.0364 0x19a8 FileCrypt - ok
14:32:16.0368 0x19a8 FileInfo - ok
14:32:16.0376 0x19a8 Filetrace - ok
14:32:16.0380 0x19a8 flpydisk - ok
14:32:16.0388 0x19a8 FltMgr - ok
14:32:16.0396 0x19a8 FontCache - ok
14:32:16.0400 0x19a8 FontCache3.0.0.0 - ok
14:32:16.0408 0x19a8 FrameServer - ok
14:32:16.0412 0x19a8 FsDepends - ok
14:32:16.0416 0x19a8 Fs_Rec - ok
14:32:16.0424 0x19a8 fvevol - ok
14:32:16.0428 0x19a8 [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
14:32:16.0448 0x19a8 gencounter - ok
14:32:16.0452 0x19a8 genericusbfn - ok
14:32:16.0460 0x19a8 GPIOClx0101 - ok
14:32:16.0464 0x19a8 gpsvc - ok
14:32:16.0472 0x19a8 [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:32:16.0496 0x19a8 GpuEnergyDrv - ok
14:32:16.0500 0x19a8 [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
14:32:16.0528 0x19a8 GraphicsPerfSvc - ok
14:32:16.0532 0x19a8 HDAudBus - ok
14:32:16.0540 0x19a8 HidBatt - ok
14:32:16.0548 0x19a8 [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
14:32:16.0572 0x19a8 HidBth - ok
14:32:16.0580 0x19a8 hidi2c - ok
14:32:16.0584 0x19a8 hidinterrupt - ok
14:32:16.0592 0x19a8 [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
14:32:16.0608 0x19a8 HidIr - ok
14:32:16.0616 0x19a8 hidserv - ok
14:32:16.0620 0x19a8 HidUsb - ok
14:32:16.0628 0x19a8 HpSAMD - ok
14:32:16.0632 0x19a8 HTTP - ok
14:32:16.0636 0x19a8 [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
14:32:16.0652 0x19a8 hvcrash - ok
14:32:16.0656 0x19a8 [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
14:32:16.0672 0x19a8 HvHost - ok
14:32:16.0676 0x19a8 [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
14:32:16.0692 0x19a8 hvservice - ok
14:32:16.0696 0x19a8 [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
14:32:16.0716 0x19a8 HwNClx0101 - ok
14:32:16.0720 0x19a8 hwpolicy - ok
14:32:16.0724 0x19a8 hyperkbd - ok
14:32:16.0728 0x19a8 HyperVideo - ok
14:32:16.0732 0x19a8 i8042prt - ok
14:32:16.0736 0x19a8 iagpio - ok
14:32:16.0740 0x19a8 iai2c - ok
14:32:16.0740 0x19a8 iaLPSS2i_GPIO2 - ok
14:32:16.0748 0x19a8 iaLPSS2i_GPIO2_BXT_P - ok
14:32:16.0748 0x19a8 iaLPSS2i_I2C - ok
14:32:16.0756 0x19a8 iaLPSS2i_I2C_BXT_P - ok
14:32:16.0756 0x19a8 iaLPSSi_GPIO - ok
14:32:16.0760 0x19a8 iaLPSSi_I2C - ok
14:32:16.0780 0x19a8 [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
14:32:16.0804 0x19a8 iaStorA - ok
14:32:16.0808 0x19a8 iaStorAVC - ok
14:32:16.0812 0x19a8 iaStorV - ok
14:32:16.0820 0x19a8 ibbus - ok
14:32:16.0828 0x19a8 [ DB706D75DADEA0ED1D939C3FC7508AF9, B3F6535422B6AFD83B9DAF661988293511BA33D8472D756232047F310E56B571 ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
14:32:16.0844 0x19a8 IBMPMDRV - ok
14:32:16.0852 0x19a8 [ 9E60D9F0E66480EF6D3355BD1FD20127, 3D24F4CB628E362EA2A975D8DED9CD930974E885BA70E19E7EAC069EEB7CBC53 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
14:32:16.0864 0x19a8 IBMPMSVC - ok
14:32:16.0868 0x19a8 ibtsiva - ok
14:32:16.0876 0x19a8 [ EAD6C953C40FC06E8E56182D9C27C480, E1DF45FF871B0A777A37702A5EF2379164DDD646D294F4520379979B7BD23B3F ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
14:32:16.0896 0x19a8 ibtusb - ok
14:32:16.0908 0x19a8 [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll
14:32:16.0940 0x19a8 icssvc - ok
14:32:17.0100 0x19a8 [ F474A11DD1F5DFA3A37945DB495B2D01, 2F6DCEF674A9507C8FC37F0876C5F7AA70A55F3DE3A7D985BFC9E488D3A0EC8E ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:32:17.0264 0x19a8 igfx - ok
14:32:17.0284 0x19a8 [ 880C59EFB0042BE63F026FF3A468D968, 24244627C8F7374E7BA4F3868F19933D6AA7DD31AF1316520ACA0553FEEF5428 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:32:17.0308 0x19a8 igfxCUIService2.0.0.0 - ok
14:32:17.0316 0x19a8 IKEEXT - ok
14:32:17.0320 0x19a8 [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
14:32:17.0340 0x19a8 IndirectKmd - ok
14:32:17.0348 0x19a8 InstallService - ok
14:32:17.0436 0x19a8 [ 51B3BD768A5EE43A94E8B6B157F4F9E1, 90D87B91F144892FEF79CB140F95BDCD8DC8895FD87A3C9E00B14E0B0C4A3E91 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:32:17.0532 0x19a8 IntcAzAudAddService - ok
14:32:17.0556 0x19a8 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:32:17.0576 0x19a8 IntcDAud - ok
14:32:17.0596 0x19a8 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:32:17.0624 0x19a8 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:32:17.0628 0x19a8 Detect skipped due to KSN trusted
14:32:17.0628 0x19a8 Intel(R) Capability Licensing Service Interface - ok
14:32:17.0644 0x19a8 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:32:17.0672 0x19a8 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:32:17.0684 0x19a8 intelide - ok
14:32:17.0708 0x19a8 [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
14:32:17.0744 0x19a8 intelpep - ok
14:32:17.0748 0x19a8 intelppm - ok
14:32:17.0760 0x19a8 [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
14:32:17.0780 0x19a8 iorate - ok
14:32:17.0788 0x19a8 [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:32:17.0828 0x19a8 IpFilterDriver - ok
14:32:17.0848 0x19a8 [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
14:32:17.0916 0x19a8 iphlpsvc - ok
14:32:17.0924 0x19a8 IPMIDRV - ok
14:32:17.0936 0x19a8 [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
14:32:17.0980 0x19a8 IPNAT - ok
14:32:17.0988 0x19a8 [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
14:32:18.0008 0x19a8 IPT - ok
14:32:18.0016 0x19a8 [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
14:32:18.0040 0x19a8 IpxlatCfgSvc - ok
14:32:18.0048 0x19a8 [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys
14:32:18.0068 0x19a8 irda - ok
14:32:18.0072 0x19a8 [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
14:32:18.0092 0x19a8 IRENUM - ok
14:32:18.0096 0x19a8 [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll
14:32:18.0116 0x19a8 irmon - ok
14:32:18.0124 0x19a8 isapnp - ok
14:32:18.0128 0x19a8 iScsiPrt - ok
14:32:18.0132 0x19a8 ItSas35i - ok
14:32:18.0140 0x19a8 [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
14:32:18.0152 0x19a8 iwdbus - ok
14:32:18.0164 0x19a8 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:32:18.0176 0x19a8 jhi_service - ok
14:32:18.0180 0x19a8 kbdclass - ok
14:32:18.0184 0x19a8 kbdhid - ok
14:32:18.0188 0x19a8 kdnic - ok
14:32:18.0192 0x19a8 KeyIso - ok
14:32:18.0196 0x19a8 KSecDD - ok
14:32:18.0200 0x19a8 KSecPkg - ok
14:32:18.0208 0x19a8 ksthunk - ok
14:32:18.0220 0x19a8 [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
14:32:18.0256 0x19a8 KtmRm - ok
14:32:18.0260 0x19a8 LanmanServer - ok
14:32:18.0264 0x19a8 LanmanWorkstation - ok
14:32:18.0284 0x19a8 [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
14:32:18.0304 0x19a8 Lenovo EasyPlus Hotspot - ok
14:32:18.0312 0x19a8 [ BB7F4D4160460511EAC00B97669D7052, F268B034708C26857D2C472871D65BFD74066B95ADCAC841E69E7BE91B9DE17F ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
14:32:18.0324 0x19a8 LENOVO.CAMMUTE - ok
14:32:18.0328 0x19a8 [ D5D33958026F3BC85ED4CDAA7090C083, 0D556266D1C0FEAC5F06A7B4B65B098F6A95D159CB3817CC314E331A3D5A9A80 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
14:32:18.0340 0x19a8 LENOVO.MICMUTE - ok
14:32:18.0344 0x19a8 [ E7ADA2310BD3E95E7B0647E650DA9E50, B3A5A406DF9A828A115653D32368B4C8D77532E5258844DD9EB107115FCBFB6F ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
14:32:18.0356 0x19a8 LENOVO.TPKNRSVC - ok
14:32:18.0360 0x19a8 [ 6A7AF51544418052522D3D5862022399, F752B558BDC2F5A615BDAD2BAE7DACAF9A725CB135E2BB10BFD6BA30DB79212E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
14:32:18.0376 0x19a8 LENOVO.TVTVCAM - ok
14:32:18.0380 0x19a8 [ D253E6009F05776F505F96866CCF460F, 8A39E77B4FC780BB9C6C8A892603248D87ED70255BF9BED0218BE2420B5E8C53 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
14:32:18.0396 0x19a8 Lenovo.VIRTSCRLSVC - ok
14:32:18.0400 0x19a8 [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
14:32:18.0423 0x19a8 lfsvc - ok
14:32:18.0432 0x19a8 [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
14:32:18.0451 0x19a8 LicenseManager - ok
14:32:18.0459 0x19a8 [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
14:32:18.0479 0x19a8 lltdio - ok
14:32:18.0487 0x19a8 [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
14:32:18.0519 0x19a8 lltdsvc - ok
14:32:18.0523 0x19a8 lmhosts - ok
14:32:18.0539 0x19a8 [ 888A1DD2EB317FAF3906E64ACEE7A1BC, 1FDEA6073F64E829A4208BECBE1DAE7FBEC19D6100B001D1A78D48A3CBF687C3 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:32:18.0555 0x19a8 LMS - ok
14:32:18.0563 0x19a8 [ 49ED6CF0E353D09942AEDF219DE335B3, EEF462B2213589170722FF8B9B085209E7765A5934789F993F00D1E072F02282 ] lnvDiscoveryWinSvc C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
14:32:18.0571 0x19a8 lnvDiscoveryWinSvc - ok
14:32:18.0583 0x19a8 [ 25F003B378E831514587DC6155781227, 7E68BED3721B9B917DDF215E572EEC4D1B30805CB8C274222450F65AA6B9D945 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
14:32:18.0599 0x19a8 LSCWinService - ok
14:32:18.0603 0x19a8 LSI_SAS - ok
14:32:18.0611 0x19a8 LSI_SAS2i - ok
14:32:18.0615 0x19a8 LSI_SAS3i - ok
14:32:18.0623 0x19a8 LSI_SSS - ok
14:32:18.0627 0x19a8 LSM - ok
14:32:18.0635 0x19a8 [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
14:32:18.0655 0x19a8 luafv - ok
14:32:18.0663 0x19a8 [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
14:32:18.0703 0x19a8 LxpSvc - ok
14:32:18.0707 0x19a8 MapsBroker - ok
14:32:18.0711 0x19a8 mausbhost - ok
14:32:18.0715 0x19a8 mausbip - ok
14:32:18.0727 0x19a8 [ F6A196A0A107406D6BA54A1A7293C67A, 862B5F7EBF8FC02B7DCE3C5F7C18FCE02FD84F1E0CE47919E3945335146B8EC1 ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
14:32:18.0739 0x19a8 MBAMChameleon - ok
14:32:18.0747 0x19a8 [ 99E885018EE51F1BDDDC5228AADD873B, 657BCEA1BD0D1E06FD5496176244A814794D74D4260C50D1A57B2C7E88AD9673 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
14:32:18.0759 0x19a8 MBAMFarflt - ok
14:32:18.0767 0x19a8 [ E8F4540E13A62E1649824D4C5576EE29, A307DA9D42DCB1EE4EF83ACA7400507E56CD36269234A0EBB5C1E61EF5663581 ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
14:32:18.0783 0x19a8 MBAMProtection - ok
14:32:18.0935 0x19a8 [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
14:32:19.0071 0x19a8 MBAMService - ok
14:32:19.0091 0x19a8 [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
14:32:19.0103 0x19a8 MBAMSwissArmy - ok
14:32:19.0111 0x19a8 [ 912DB8F40C7D5CCB1918FFED8C1B99DB, 74D6CB2F1CBE41C74A00AE0DA8D9F7C5ACF3680445502C45C7A487CFAECB3A91 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
14:32:19.0123 0x19a8 MBAMWebProtection - ok
14:32:19.0127 0x19a8 megasas - ok
14:32:19.0131 0x19a8 megasas2i - ok
14:32:19.0135 0x19a8 megasas35i - ok
14:32:19.0139 0x19a8 megasr - ok
14:32:19.0147 0x19a8 [ 8FE46E9374DAD76ED081936DEDD3F6B0, 2CEA37D4C9BD68BCF554120FF2A6A6B6E2A5CBB48C62071D1210557CB6A1D32D ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
14:32:19.0159 0x19a8 MEIx64 - ok
14:32:19.0163 0x19a8 [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
14:32:19.0183 0x19a8 MessagingService - ok
14:32:19.0191 0x19a8 mlx4_bus - ok
14:32:19.0195 0x19a8 MMCSS - ok
14:32:19.0203 0x19a8 [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys
14:32:19.0219 0x19a8 Modem - ok
14:32:19.0223 0x19a8 [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys
14:32:19.0239 0x19a8 monitor - ok
14:32:19.0243 0x19a8 mouclass - ok
14:32:19.0247 0x19a8 mouhid - ok
14:32:19.0255 0x19a8 mountmgr - ok
14:32:19.0259 0x19a8 mpsdrv - ok
14:32:19.0263 0x19a8 mpssvc - ok
14:32:19.0271 0x19a8 [ FE4CB8E6B4852BFEC3754A454290353C, 215208FC8196C42C9FC37E81F84FD3AA883F44DCA098A7AFCBE98116F64B8A48 ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
14:32:19.0291 0x19a8 MQAC - ok
14:32:19.0299 0x19a8 MRxDAV - ok
14:32:19.0303 0x19a8 mrxsmb - ok
14:32:19.0307 0x19a8 mrxsmb10 - ok
14:32:19.0315 0x19a8 mrxsmb20 - ok
14:32:19.0323 0x19a8 [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
14:32:19.0343 0x19a8 MsBridge - ok
14:32:19.0351 0x19a8 [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe
14:32:19.0379 0x19a8 MSDTC - ok
14:32:19.0383 0x19a8 Msfs - ok
14:32:19.0391 0x19a8 [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:32:19.0407 0x19a8 msgpiowin32 - ok
14:32:19.0411 0x19a8 mshidkmdf - ok
14:32:19.0415 0x19a8 [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
14:32:19.0431 0x19a8 mshidumdf - ok
14:32:19.0439 0x19a8 msisadrv - ok
14:32:19.0443 0x19a8 MSiSCSI - ok
14:32:19.0447 0x19a8 msiserver - ok
14:32:19.0451 0x19a8 MSKSSRV - ok
14:32:19.0455 0x19a8 [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
14:32:19.0475 0x19a8 MsLldp - ok
14:32:19.0479 0x19a8 [ 5048B167703E801A1C631B07532A3942, F195D27C540F8A26130E6FA948B622E2ADE3973CCDE8EB37089A32D3816F07F7 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
14:32:19.0499 0x19a8 MSMQ - ok
14:32:19.0507 0x19a8 MSPCLOCK - ok
14:32:19.0511 0x19a8 MSPQM - ok
14:32:19.0519 0x19a8 MsRPC - ok
14:32:19.0535 0x19a8 [ 234715501CF129ECD718D70FDA074C57, C2FB3ACE1CA3EB6BAB907B2452422C9C79C0BDDD6F4AF093E9F5144AE639AB83 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
14:32:19.0555 0x19a8 MsSecFlt - ok
14:32:19.0559 0x19a8 mssmbios - ok
14:32:19.0563 0x19a8 MSTEE - ok
14:32:19.0567 0x19a8 MTConfig - ok
14:32:19.0575 0x19a8 Mup - ok
14:32:19.0579 0x19a8 mvumis - ok
14:32:19.0583 0x19a8 NativeWifiP - ok
14:32:19.0607 0x19a8 [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
14:32:19.0655 0x19a8 NaturalAuthentication - ok
14:32:19.0667 0x19a8 [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
14:32:19.0695 0x19a8 NcaSvc - ok
14:32:19.0707 0x19a8 [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll
14:32:19.0739 0x19a8 NcbService - ok
14:32:19.0747 0x19a8 [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
14:32:19.0771 0x19a8 NcdAutoSetup - ok
14:32:19.0775 0x19a8 ndfltr - ok
14:32:19.0779 0x19a8 NDIS - ok
14:32:19.0787 0x19a8 [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
14:32:19.0803 0x19a8 NdisCap - ok
14:32:19.0811 0x19a8 [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
14:32:19.0831 0x19a8 NdisImPlatform - ok
14:32:19.0835 0x19a8 NdisTapi - ok
14:32:19.0839 0x19a8 Ndisuio - ok
14:32:19.0843 0x19a8 NdisVirtualBus - ok
14:32:19.0847 0x19a8 NdisWan - ok
14:32:19.0855 0x19a8 ndiswanlegacy - ok
14:32:19.0859 0x19a8 ndproxy - ok
14:32:19.0863 0x19a8 [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
14:32:19.0883 0x19a8 Ndu - ok
14:32:19.0891 0x19a8 NetAdapterCx - ok
14:32:19.0895 0x19a8 NetBIOS - ok
14:32:19.0903 0x19a8 NetBT - ok
14:32:19.0907 0x19a8 Netlogon - ok
14:32:19.0911 0x19a8 Netman - ok
14:32:19.0923 0x19a8 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:19.0939 0x19a8 NetMsmqActivator - ok
14:32:19.0943 0x19a8 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:19.0955 0x19a8 NetPipeActivator - ok
14:32:19.0971 0x19a8 [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
14:32:20.0007 0x19a8 netprofm - ok
14:32:20.0011 0x19a8 NetSetupSvc - ok
14:32:20.0019 0x19a8 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:20.0031 0x19a8 NetTcpActivator - ok
14:32:20.0039 0x19a8 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:20.0051 0x19a8 NetTcpPortSharing - ok
14:32:20.0055 0x19a8 netvsc - ok
14:32:20.0127 0x19a8 [ 4BE126A9829B91EDC1A4233ABC855C17, 365BB62F9C29770E69D2E5DA561A42D3BFD9B989C94BD220DDD8212D03AACF05 ] NETwNb64 C:\WINDOWS\system32\DRIVERS\Netwbw02.sys
14:32:20.0207 0x19a8 NETwNb64 - ok
14:32:20.0231 0x19a8 [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
14:32:20.0267 0x19a8 NgcCtnrSvc - ok
14:32:20.0271 0x19a8 NgcSvc - ok
14:32:20.0279 0x19a8 NlaSvc - ok
14:32:20.0283 0x19a8 Npfs - ok
14:32:20.0287 0x19a8 npsvctrig - ok
14:32:20.0291 0x19a8 nsi - ok
14:32:20.0295 0x19a8 nsiproxy - ok
14:32:20.0303 0x19a8 Ntfs - ok
14:32:20.0307 0x19a8 Null - ok
14:32:20.0311 0x19a8 nvdimm - ok
14:32:20.0319 0x19a8 nvraid - ok
14:32:20.0323 0x19a8 nvstor - ok
14:32:20.0339 0x19a8 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:32:20.0359 0x19a8 odserv - ok
14:32:20.0367 0x19a8 [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
14:32:20.0395 0x19a8 OneSyncSvc - ok
14:32:20.0407 0x19a8 [ 44EC1C7AC8999C35DA603DE8E9E1393C, D0EF55DB094D8711C6F28934D207489FC8B85276CAF1E17C516BD5777132F49A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:32:20.0423 0x19a8 ose - ok
14:32:20.0427 0x19a8 [ 65E0500B39BA5D9F99DF63AFC261A90D, 2A7611C0C30D7092C3777BA49700C41A944677DF9E4F65F69E3E9CEC17EA4106 ] osrss C:\WINDOWS\system32\osrss.dll
14:32:20.0447 0x19a8 osrss - ok
14:32:20.0459 0x19a8 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
14:32:20.0491 0x19a8 p2pimsvc - ok
14:32:20.0507 0x19a8 [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
14:32:20.0539 0x19a8 p2psvc - ok
14:32:20.0547 0x19a8 Parport - ok
14:32:20.0551 0x19a8 partmgr - ok
14:32:20.0555 0x19a8 PcaSvc - ok
14:32:20.0559 0x19a8 pci - ok
14:32:20.0563 0x19a8 pciide - ok
14:32:20.0567 0x19a8 pcmcia - ok
14:32:20.0571 0x19a8 pcw - ok
14:32:20.0579 0x19a8 pdc - ok
14:32:20.0599 0x19a8 [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
14:32:20.0651 0x19a8 PEAUTH - ok
14:32:20.0715 0x19a8 [ 05A0A1AC00A8653B49F94381872D47E7, 75B7E616D08D6D8BD964953B5CC342E72E35D8C660E2F97BD36ADA59130169F6 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
14:32:20.0843 0x19a8 PeerDistSvc - ok
14:32:20.0851 0x19a8 percsas2i - ok
14:32:20.0859 0x19a8 percsas3i - ok
14:32:20.0887 0x19a8 [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
14:32:20.0927 0x19a8 PerfHost - ok
14:32:20.0943 0x19a8 [ E12EE66C81F7F8840BB4769BDA36FFF8, 85DFB175591A79A6F9EC4F16187D70D768CB5C1BBEFD437B544A6D9CBC275DDC ] phidmice C:\WINDOWS\system32\DRIVERS\phidmice.sys
14:32:20.0967 0x19a8 phidmice - ok
14:32:20.0975 0x19a8 PhoneSvc - ok
14:32:20.0987 0x19a8 [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
14:32:21.0023 0x19a8 PimIndexMaintenanceSvc - ok
14:32:21.0067 0x19a8 [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll
14:32:21.0151 0x19a8 pla - ok
14:32:21.0159 0x19a8 PlugPlay - ok
14:32:21.0163 0x19a8 pmem - ok
14:32:21.0171 0x19a8 [ FC4F75AF9082758E536569E5E4C2AF27, 31162DE85432999D0301448ECC58863BF6909295949060A2E17D232CDEE85130 ] pmouself C:\WINDOWS\system32\DRIVERS\pmouself.sys
14:32:21.0191 0x19a8 pmouself - ok
14:32:21.0195 0x19a8 [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
14:32:21.0215 0x19a8 PNPMEM - ok
14:32:21.0219 0x19a8 [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
14:32:21.0243 0x19a8 PNRPAutoReg - ok
14:32:21.0259 0x19a8 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
14:32:21.0291 0x19a8 PNRPsvc - ok
14:32:21.0299 0x19a8 PolicyAgent - ok
14:32:21.0311 0x19a8 Power - ok
14:32:21.0319 0x19a8 PptpMiniport - ok
14:32:21.0403 0x19a8 [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:32:21.0547 0x19a8 PrintNotify - ok
14:32:21.0559 0x19a8 [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
14:32:21.0587 0x19a8 PrintWorkflowUserSvc - ok
14:32:21.0599 0x19a8 Processor - ok
14:32:21.0603 0x19a8 ProfSvc - ok
14:32:21.0611 0x19a8 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\WINDOWS\System32\drivers\psadd.sys
14:32:21.0623 0x19a8 psadd - ok
14:32:21.0631 0x19a8 [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
14:32:21.0647 0x19a8 Psched - ok
14:32:21.0659 0x19a8 [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
14:32:21.0691 0x19a8 PushToInstall - ok
14:32:21.0695 0x19a8 [ FA14FA4FCF33B9783F8317CFCCD08F49, 4AB631CD8BA56E2F5A110831AE4939B20D776AF4F1545D78F7B44FC93A081F0B ] pvendrlf C:\WINDOWS\system32\DRIVERS\pvendrlf.sys
14:32:21.0715 0x19a8 pvendrlf - ok
14:32:21.0719 0x19a8 [ 93430FFD315E5A378675EF07CBD22D68, 2C663F54BCBA208FDFC588B4D63FA5181269F820A7F099E6F388D5C92A563621 ] QuickControlMasterSvc C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
14:32:21.0731 0x19a8 QuickControlMasterSvc - ok
14:32:21.0739 0x19a8 [ 9A3B6FC0B44A200719BBF50E4DF8A557, 260D35AD9D6CDE5298F0FF574863717DC41D81D8A5A92784BB30B9998C0D706E ] QuickControlService C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
14:32:21.0755 0x19a8 QuickControlService - ok
14:32:21.0767 0x19a8 [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll
14:32:21.0799 0x19a8 QWAVE - ok
14:32:21.0807 0x19a8 [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
14:32:21.0827 0x19a8 QWAVEdrv - ok
14:32:21.0831 0x19a8 Ramdisk - ok
14:32:21.0835 0x19a8 RasAcd - ok
14:32:21.0843 0x19a8 RasAgileVpn - ok
14:32:21.0847 0x19a8 RasAuto - ok
14:32:21.0851 0x19a8 Rasl2tp - ok
14:32:21.0859 0x19a8 RasMan - ok
14:32:21.0863 0x19a8 RasPppoe - ok
14:32:21.0867 0x19a8 RasSstp - ok
14:32:21.0871 0x19a8 rdbss - ok
14:32:21.0879 0x19a8 [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
14:32:21.0895 0x19a8 rdpbus - ok
14:32:21.0903 0x19a8 RDPDR - ok
14:32:21.0915 0x19a8 [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:32:21.0927 0x19a8 RdpVideoMiniport - ok
14:32:21.0939 0x19a8 [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
14:32:21.0959 0x19a8 rdyboost - ok
14:32:21.0963 0x19a8 ReFS - ok
14:32:21.0967 0x19a8 ReFSv1 - ok
14:32:21.0983 0x19a8 [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:32:22.0015 0x19a8 RemoteAccess - ok
14:32:22.0023 0x19a8 [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:32:22.0051 0x19a8 RemoteRegistry - ok
14:32:22.0071 0x19a8 [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
14:32:22.0115 0x19a8 RetailDemo - ok
14:32:22.0127 0x19a8 [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
14:32:22.0147 0x19a8 RFCOMM - ok
14:32:22.0155 0x19a8 [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
14:32:22.0171 0x19a8 rhproxy - ok
14:32:22.0179 0x19a8 [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll
14:32:22.0203 0x19a8 RmSvc - ok
14:32:22.0211 0x19a8 RpcEptMapper - ok
14:32:22.0215 0x19a8 [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:32:22.0243 0x19a8 RpcLocator - ok
14:32:22.0247 0x19a8 RpcSs - ok
14:32:22.0255 0x19a8 [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
14:32:22.0275 0x19a8 rspndr - ok
14:32:22.0295 0x19a8 [ BE7E1D29CD6DAF79EF08A24A03E10D38, 6DD736E4AFFA8C2237990C3BB2B0313A2A18A77745198F847891128A1BA4D9FD ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys
14:32:22.0323 0x19a8 RTSPER - ok
14:32:22.0327 0x19a8 [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
14:32:22.0343 0x19a8 s3cap - ok
14:32:22.0347 0x19a8 SamSs - ok
14:32:22.0351 0x19a8 sbp2port - ok
14:32:22.0363 0x19a8 [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
14:32:22.0394 0x19a8 SCardSvr - ok
14:32:22.0403 0x19a8 [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
14:32:22.0438 0x19a8 ScDeviceEnum - ok
14:32:22.0443 0x19a8 [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:32:22.0462 0x19a8 scfilter - ok
14:32:22.0486 0x19a8 [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:32:22.0546 0x19a8 Schedule - ok
14:32:22.0550 0x19a8 scmbus - ok
14:32:22.0562 0x19a8 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
14:32:22.0586 0x19a8 SCPolicySvc - ok
14:32:22.0594 0x19a8 sdbus - ok
14:32:22.0598 0x19a8 [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
14:32:22.0614 0x19a8 SDFRd - ok
14:32:22.0622 0x19a8 [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
14:32:22.0650 0x19a8 SDRSVC - ok
14:32:22.0654 0x19a8 sdstor - ok
14:32:22.0662 0x19a8 [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll
14:32:22.0682 0x19a8 seclogon - ok
14:32:22.0690 0x19a8 SecurityHealthService - ok
14:32:22.0722 0x19a8 [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
14:32:22.0786 0x19a8 SEMgrSvc - ok
14:32:22.0794 0x19a8 [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll
14:32:22.0822 0x19a8 SENS - ok
14:32:22.0826 0x19a8 Sense - ok
14:32:22.0858 0x19a8 [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
14:32:22.0922 0x19a8 SensorDataService - ok
14:32:22.0946 0x19a8 [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll
14:32:22.0986 0x19a8 SensorService - ok
14:32:22.0998 0x19a8 [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
14:32:23.0026 0x19a8 SensrSvc - ok
14:32:23.0030 0x19a8 SerCx - ok
14:32:23.0034 0x19a8 SerCx2 - ok
14:32:23.0038 0x19a8 Serenum - ok
14:32:23.0046 0x19a8 Serial - ok
14:32:23.0050 0x19a8 sermouse - ok
14:32:23.0070 0x19a8 [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
14:32:23.0110 0x19a8 SessionEnv - ok
14:32:23.0118 0x19a8 sfloppy - ok
14:32:23.0126 0x19a8 [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
14:32:23.0142 0x19a8 SgrmAgent - ok
14:32:23.0150 0x19a8 [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
14:32:23.0170 0x19a8 SgrmBroker - ok
14:32:23.0186 0x19a8 [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:32:23.0230 0x19a8 SharedAccess - ok
14:32:23.0250 0x19a8 [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
14:32:23.0294 0x19a8 SharedRealitySvc - ok
14:32:23.0314 0x19a8 [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:32:23.0362 0x19a8 ShellHWDetection - ok
14:32:23.0370 0x19a8 [ EF92588890C3ADEE806D6EE7E3892D99, 1B2F9A18D44B42621AE2408997657F7C6D5507980F5EC5F0DDF1876EAA42A471 ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx64.sys
14:32:23.0382 0x19a8 Shockprf - ok
14:32:23.0390 0x19a8 [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
14:32:23.0418 0x19a8 shpamsvc - ok
14:32:23.0426 0x19a8 SiSRaid2 - ok
14:32:23.0430 0x19a8 SiSRaid4 - ok
14:32:23.0442 0x19a8 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:32:23.0462 0x19a8 SkypeUpdate - ok
14:32:23.0470 0x19a8 [ C4C7316E98CFBC3F0CDAEE6968D7B9DC, 176AF4E9866E4FBB01DAB80A72BA0FE1A9AF6C55B3BF30032F5EB2F8D25EF5F3 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
14:32:23.0478 0x19a8 SmbDrvI - ok
14:32:23.0486 0x19a8 [ A02AFDFB748D0A638A09DC4B5E47B240, E14BFA930A2F04012144B475DA9A565431F804DF0BA2B7595C43BB48EFBA4883 ] SMIDriver C:\WINDOWS\system32\DRIVERS\smi.sys
14:32:23.0498 0x19a8 SMIDriver - ok
14:32:23.0506 0x19a8 smphost - ok
14:32:23.0522 0x19a8 [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
14:32:23.0566 0x19a8 SmsRouter - ok
14:32:23.0582 0x19a8 [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
14:32:23.0618 0x19a8 SNMPTRAP - ok
14:32:23.0622 0x19a8 spaceport - ok
14:32:23.0630 0x19a8 [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
14:32:23.0646 0x19a8 SpatialGraphFilter - ok
14:32:23.0650 0x19a8 SpbCx - ok
14:32:23.0658 0x19a8 spectrum - ok
14:32:23.0682 0x19a8 [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe
14:32:23.0734 0x19a8 Spooler - ok
14:32:23.0738 0x19a8 sppsvc - ok
14:32:23.0758 0x19a8 [ 97E4F8B6D113CB77CAFB9257A6C4C15B, 0F732AFB074A8E54B71673A36830657EA11828B7CFF7EC32AC2E47DE333A14F4 ] SPUVCbv C:\WINDOWS\System32\Drivers\SPUVCbv64.sys
14:32:23.0798 0x19a8 SPUVCbv - ok
14:32:23.0802 0x19a8 srv - ok
14:32:23.0810 0x19a8 srv2 - ok
14:32:23.0814 0x19a8 srvnet - ok
14:32:23.0826 0x19a8 [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:32:23.0858 0x19a8 SSDPSRV - ok
14:32:23.0874 0x19a8 [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
14:32:23.0902 0x19a8 ssh-agent - ok
14:32:23.0910 0x19a8 SstpSvc - ok
14:32:23.0914 0x19a8 StateRepository - ok
14:32:23.0918 0x19a8 stexstor - ok
14:32:23.0938 0x19a8 [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll
14:32:23.0978 0x19a8 stisvc - ok
14:32:23.0986 0x19a8 storahci - ok
14:32:23.0990 0x19a8 storflt - ok
14:32:23.0994 0x19a8 stornvme - ok
14:32:24.0002 0x19a8 storqosflt - ok
14:32:24.0006 0x19a8 StorSvc - ok
14:32:24.0014 0x19a8 storufs - ok
14:32:24.0018 0x19a8 storvsc - ok
14:32:24.0026 0x19a8 [ BC2CF20E9C24423FF8826C601104A4CC, E71D5070B7BA59CDC61D555FB9D8ADD178521FB186174CB522852522929D62D4 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
14:32:24.0034 0x19a8 SUService - ok
14:32:24.0038 0x19a8 svsvc - ok
14:32:24.0050 0x19a8 swenum - ok
14:32:24.0054 0x19a8 swprv - ok
14:32:24.0066 0x19a8 [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:32:24.0090 0x19a8 Synth3dVsc - ok
14:32:24.0114 0x19a8 [ 6F02CE00CF9B10E134FA659F9D1353E8, 26616F8CCA9E67066EC02B477BE838023AB1307D7D7DA26ED14C065E0F4AA5B2 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:32:24.0174 0x19a8 SynTP - ok
14:32:24.0190 0x19a8 [ 6CDAAEB36655B8963081C0E11BBBEE02, 3766074C780B95CA54A40FF075C08DEC3A46CECF42C1E047F3FA78C27783ED73 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
14:32:24.0210 0x19a8 SynTPEnhService - ok
14:32:24.0238 0x19a8 [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain C:\WINDOWS\system32\sysmain.dll
14:32:24.0290 0x19a8 SysMain - ok
14:32:24.0302 0x19a8 SystemEventsBroker - ok
14:32:24.0310 0x19a8 [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:32:24.0342 0x19a8 TabletInputService - ok
14:32:24.0346 0x19a8 [ 9F04EBEFACA1CB11428CD3B91782D732, F43AF03810211912A97E357DFAFDF240144197549C67256DB64674564DC9E4C1 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
14:32:24.0366 0x19a8 tap0901 - ok
14:32:24.0374 0x19a8 [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:32:24.0410 0x19a8 TapiSrv - ok
14:32:24.0418 0x19a8 Tcpip - ok
14:32:24.0422 0x19a8 Tcpip6 - ok
14:32:24.0430 0x19a8 [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
14:32:24.0450 0x19a8 tcpipreg - ok
14:32:24.0458 0x19a8 tdx - ok
14:32:24.0466 0x19a8 [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
14:32:24.0482 0x19a8 terminpt - ok
14:32:24.0510 0x19a8 [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll
14:32:24.0562 0x19a8 TermService - ok
14:32:24.0574 0x19a8 [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll
14:32:24.0598 0x19a8 Themes - ok
14:32:24.0610 0x19a8 [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
14:32:24.0646 0x19a8 TieringEngineService - ok
14:32:24.0654 0x19a8 TimeBrokerSvc - ok
14:32:24.0658 0x19a8 TokenBroker - ok
14:32:24.0662 0x19a8 [ A61D61672153DFF710CA33186D2C8B18, 8A126E249D1BEB66153A958ACD2C56F8DD8D0D762F0BB035E69FCC259C0A8757 ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM64.sys
14:32:24.0674 0x19a8 TPDIGIMN - ok
14:32:24.0682 0x19a8 [ 40492513735AED7A4357AAEC84873027, ACBD7F5A2C90866996C7DD0B69AAF6C79AFB0546A31682D8BD9E378DE2A2375C ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG64.exe
14:32:24.0698 0x19a8 TPHDEXLGSVC - ok
14:32:24.0706 0x19a8 [ 3B4250CB21F95FFA64162389106F39BA, 2461E6D335D699F837908254FDA43C789D589FE90C9592B5B43D964CFDB43F11 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
14:32:24.0718 0x19a8 TPHKLOAD - ok
14:32:24.0722 0x19a8 [ 667EF334C512416712F14118E3382919, D59D3ED81E823A84885AA0787B020DAFBCA20303F1F5A37F37E5392C5C272F9D ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
14:32:24.0734 0x19a8 TPHKSVC - ok
14:32:24.0738 0x19a8 TPM - ok
14:32:24.0746 0x19a8 [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll
14:32:24.0770 0x19a8 TrkWks - ok
14:32:24.0774 0x19a8 TrustedInstaller - ok
14:32:24.0786 0x19a8 [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
14:32:24.0802 0x19a8 TsUsbFlt - ok
14:32:24.0806 0x19a8 [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:32:24.0822 0x19a8 TsUsbGD - ok
14:32:24.0834 0x19a8 [ 3A84A09CBC42148A0C7D00B3E82517F1, 75E609AC991C96E31F55E723925EAF9A363DC5B3324FFD4CFCB701189369D701 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
14:32:24.0854 0x19a8 tsusbhub - ok
14:32:24.0862 0x19a8 [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
14:32:24.0882 0x19a8 tunnel - ok
14:32:24.0890 0x19a8 [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
14:32:24.0922 0x19a8 tzautoupdate - ok
14:32:24.0926 0x19a8 UASPStor - ok
14:32:24.0938 0x19a8 [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
14:32:24.0958 0x19a8 UcmCx0101 - ok
14:32:24.0966 0x19a8 [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
14:32:24.0990 0x19a8 UcmTcpciCx0101 - ok
14:32:24.0994 0x19a8 [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
14:32:25.0018 0x19a8 UcmUcsi - ok
14:32:25.0026 0x19a8 Ucx01000 - ok
14:32:25.0030 0x19a8 UdeCx - ok
14:32:25.0034 0x19a8 udfs - ok
14:32:25.0042 0x19a8 UEFI - ok
14:32:25.0050 0x19a8 [ AD58EA78772B8163CFDE9BF671B6F8F1, E8304179B6B52B143846AEF80C7B2D577125742EA2DFF09F8AC5F37F4E28793E ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
14:32:25.0062 0x19a8 UevAgentDriver - ok
14:32:25.0090 0x19a8 [ F7E36C20DB953DFF4FDDB817904C0E48, 2C5EDE0807D8A5EC4B6E0FE0C308B37DBBDE12714FD9ADC4CE3EF4E0A5692207 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
14:32:25.0146 0x19a8 UevAgentService - ok
14:32:25.0158 0x19a8 [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
14:32:25.0178 0x19a8 Ufx01000 - ok
14:32:25.0182 0x19a8 UfxChipidea - ok
14:32:25.0190 0x19a8 ufxsynopsys - ok
14:32:25.0202 0x19a8 umbus - ok
14:32:25.0206 0x19a8 UmPass - ok
14:32:25.0222 0x19a8 [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
14:32:25.0254 0x19a8 UmRdpService - ok
14:32:25.0282 0x19a8 [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
14:32:25.0342 0x19a8 UnistoreSvc - ok
14:32:25.0362 0x19a8 [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:32:25.0398 0x19a8 upnphost - ok
14:32:25.0406 0x19a8 [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
14:32:25.0418 0x19a8 UrsChipidea - ok
14:32:25.0426 0x19a8 [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
14:32:25.0438 0x19a8 UrsCx01000 - ok
14:32:25.0446 0x19a8 [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
14:32:25.0458 0x19a8 UrsSynopsys - ok
14:32:25.0466 0x19a8 [ 524BFB402B1AB1007ED91E94D6AB6F72, 5A970292D2E7A580FAD86615BC6E66C2A5C74044EFF6C1543E928773E5B9C0F8 ] usb3Hub C:\WINDOWS\System32\drivers\usb3Hub.sys
14:32:25.0478 0x19a8 usb3Hub - ok
14:32:25.0482 0x19a8 usbccgp - ok
14:32:25.0490 0x19a8 [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
14:32:25.0510 0x19a8 usbcir - ok
14:32:25.0514 0x19a8 usbehci - ok
14:32:25.0522 0x19a8 usbhub - ok
14:32:25.0526 0x19a8 USBHUB3 - ok
14:32:25.0530 0x19a8 usbohci - ok
14:32:25.0538 0x19a8 [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
14:32:25.0554 0x19a8 usbprint - ok
14:32:25.0558 0x19a8 usbser - ok
14:32:25.0562 0x19a8 USBSTOR - ok
14:32:25.0566 0x19a8 usbuhci - ok
14:32:25.0574 0x19a8 USBXHCI - ok
14:32:25.0622 0x19a8 [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
14:32:25.0702 0x19a8 UserDataSvc - ok
14:32:25.0722 0x19a8 UserManager - ok
14:32:25.0730 0x19a8 UsoSvc - ok
14:32:25.0750 0x19a8 [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll
14:32:25.0782 0x19a8 VacSvc - ok
14:32:25.0790 0x19a8 [ D46604714C0BE35D0298514B2E4A7B34, 3EEFF41D198C92CC4CD8974C6575839D89A2139B64C8B08D10FB516660A2F7BD ] valWBFPolicyService C:\WINDOWS\system32\valWBFPolicyService.exe
14:32:25.0818 0x19a8 valWBFPolicyService - ok
14:32:25.0826 0x19a8 [ 151F02D8A7E5CB7765E7C2BA5B0AD1D4, B7A3D233046510FEC6866020490B14B3A544BFC82A14D457FBD6D821E20635D5 ] valWbioSyncSvc C:\WINDOWS\system32\valWbioSyncSvc.exe
14:32:25.0846 0x19a8 valWbioSyncSvc - ok
14:32:25.0854 0x19a8 VaultSvc - ok
14:32:25.0858 0x19a8 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\WINDOWS\System32\drivers\VClone.sys
14:32:25.0874 0x19a8 VClone - ok
14:32:25.0878 0x19a8 vdrvroot - ok
14:32:25.0886 0x19a8 vds - ok
14:32:25.0890 0x19a8 VerifierExt - ok
14:32:25.0894 0x19a8 vhdmp - ok
14:32:25.0902 0x19a8 vhf - ok
14:32:25.0910 0x19a8 vmbus - ok
14:32:25.0918 0x19a8 VMBusHID - ok
14:32:25.0922 0x19a8 [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
14:32:25.0938 0x19a8 vmgid - ok
14:32:25.0950 0x19a8 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
14:32:25.0974 0x19a8 vmicguestinterface - ok
14:32:25.0986 0x19a8 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
14:32:26.0014 0x19a8 vmicheartbeat - ok
14:32:26.0026 0x19a8 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
14:32:26.0050 0x19a8 vmickvpexchange - ok
14:32:26.0062 0x19a8 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
14:32:26.0086 0x19a8 vmicrdv - ok
14:32:26.0098 0x19a8 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
14:32:26.0126 0x19a8 vmicshutdown - ok
14:32:26.0134 0x19a8 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
14:32:26.0158 0x19a8 vmictimesync - ok
14:32:26.0170 0x19a8 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
14:32:26.0198 0x19a8 vmicvmsession - ok
14:32:26.0210 0x19a8 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
14:32:26.0234 0x19a8 vmicvss - ok
14:32:26.0238 0x19a8 volmgr - ok
14:32:26.0246 0x19a8 volmgrx - ok
14:32:26.0250 0x19a8 volsnap - ok
14:32:26.0254 0x19a8 volume - ok
14:32:26.0262 0x19a8 [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
14:32:26.0274 0x19a8 vpci - ok
14:32:26.0294 0x19a8 [ 5B709509F409E43D24B4A1E59FB80F72, A138D4666425652BF750EC7AB29F348F8C5D0C3576CC13F0FBE6EFFF0F7C7931 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
14:32:26.0326 0x19a8 vpnagent - ok
14:32:26.0337 0x19a8 [ 1BD8D125A46369CE6C5BDC678074D18A, 8F2472508C3A658FA6BD870D9B4076283C8C02CE9B9C293194ED9592BE4CF6D9 ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys
14:32:26.0349 0x19a8 vpnva - ok
14:32:26.0353 0x19a8 vsmraid - ok
14:32:26.0361 0x19a8 VSS - ok
14:32:26.0366 0x19a8 VSTXRAID - ok
14:32:26.0369 0x19a8 vwifibus - ok
14:32:26.0377 0x19a8 vwififlt - ok
14:32:26.0382 0x19a8 vwifimp - ok
14:32:26.0385 0x19a8 W32Time - ok
14:32:26.0397 0x19a8 [ 244BA3FE721EAF5377634A4A39EB323D, A009894399149AC3442462DDB44C31E5E7012B43489E8458D48E30485763D0B9 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
14:32:26.0417 0x19a8 w3logsvc - ok
14:32:26.0433 0x19a8 [ 1C62EBBF82DE40E65B1B34D384C96403, 4BF2C51CBDD2E15669ECD6402E9DC243378D989FB0322AA41CC938766BED63FD ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:32:26.0465 0x19a8 W3SVC - ok
14:32:26.0481 0x19a8 [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
14:32:26.0521 0x19a8 WaaSMedicSvc - ok
14:32:26.0525 0x19a8 WacomPen - ok
14:32:26.0541 0x19a8 [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll
14:32:26.0577 0x19a8 WalletService - ok
14:32:26.0581 0x19a8 wanarp - ok
14:32:26.0585 0x19a8 wanarpv6 - ok
14:32:26.0593 0x19a8 [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
14:32:26.0617 0x19a8 WarpJITSvc - ok
14:32:26.0633 0x19a8 [ 1C62EBBF82DE40E65B1B34D384C96403, 4BF2C51CBDD2E15669ECD6402E9DC243378D989FB0322AA41CC938766BED63FD ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:32:26.0665 0x19a8 WAS - ok
14:32:26.0673 0x19a8 wbengine - ok
14:32:26.0677 0x19a8 WbioSrvc - ok
14:32:26.0689 0x19a8 [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
14:32:26.0705 0x19a8 wcifs - ok
14:32:26.0713 0x19a8 Wcmsvc - ok
14:32:26.0717 0x19a8 wcncsvc - ok
14:32:26.0725 0x19a8 [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
14:32:26.0745 0x19a8 wcnfs - ok
14:32:26.0749 0x19a8 [ 9BD1C97BAED4B916C95D4E107B3D9812, 722456319EBA63AC6EB21B6A99F4FC928F58AA972DF227EDF0982BC51F4DE86D ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
14:32:26.0765 0x19a8 WdBoot - ok
14:32:26.0769 0x19a8 Wdf01000 - ok
14:32:26.0781 0x19a8 [ D25D9930BFD78A09B8FD4A7504C6F57A, 9D94BC1368A73B06312ED9016482534EA64F7005C85AAB240ED619FDD19E7F4C ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
14:32:26.0809 0x19a8 WdFilter - ok
14:32:26.0817 0x19a8 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
14:32:26.0845 0x19a8 WdiServiceHost - ok
14:32:26.0849 0x19a8 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
14:32:26.0877 0x19a8 WdiSystemHost - ok
14:32:26.0885 0x19a8 wdiwifi - ok
14:32:26.0889 0x19a8 [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
14:32:26.0901 0x19a8 WdmCompanionFilter - ok
14:32:26.0909 0x19a8 [ 54E97FEADEEFF973797EB878DC0D2850, A7ABD9E8B94DA19328BB9BF498D64603C6147BE998C40A6F0F8C2E0716CBFC95 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:32:26.0925 0x19a8 WdNisDrv - ok
14:32:26.0933 0x19a8 WdNisSvc - ok
14:32:26.0941 0x19a8 [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:32:26.0969 0x19a8 WebClient - ok
14:32:26.0977 0x19a8 [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
14:32:27.0009 0x19a8 Wecsvc - ok
14:32:27.0017 0x19a8 [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
14:32:27.0041 0x19a8 WEPHOSTSVC - ok
14:32:27.0049 0x19a8 [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
14:32:27.0073 0x19a8 wercplsupport - ok
14:32:27.0081 0x19a8 WerSvc - ok
14:32:27.0097 0x19a8 [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
14:32:27.0141 0x19a8 WFDSConMgrSvc - ok
14:32:27.0145 0x19a8 WFPLWFS - ok
14:32:27.0153 0x19a8 [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
14:32:27.0177 0x19a8 WiaRpc - ok
14:32:27.0181 0x19a8 WIMMount - ok
14:32:27.0185 0x19a8 WinDefend - ok
14:32:27.0201 0x19a8 WindowsTrustedRT - ok
14:32:27.0205 0x19a8 [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
14:32:27.0225 0x19a8 WindowsTrustedRTProxy - ok
14:32:27.0229 0x19a8 WinHttpAutoProxySvc - ok
14:32:27.0237 0x19a8 WinMad - ok
14:32:27.0245 0x19a8 Winmgmt - ok
14:32:27.0253 0x19a8 [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
14:32:27.0277 0x19a8 WinNat - ok
14:32:27.0333 0x19a8 [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
14:32:27.0445 0x19a8 WinRM - ok
14:32:27.0461 0x19a8 [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
14:32:27.0485 0x19a8 WINUSB - ok
14:32:27.0489 0x19a8 WinVerbs - ok
14:32:27.0493 0x19a8 wisvc - ok
14:32:27.0501 0x19a8 WlanSvc - ok
14:32:27.0505 0x19a8 wlidsvc - ok
14:32:27.0541 0x19a8 [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
14:32:27.0609 0x19a8 wlpasvc - ok
14:32:27.0617 0x19a8 WmiAcpi - ok
14:32:27.0629 0x19a8 wmiApSrv - ok
14:32:27.0637 0x19a8 WMPNetworkSvc - ok
14:32:27.0649 0x19a8 [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
14:32:27.0673 0x19a8 Wof - ok
14:32:27.0729 0x19a8 [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
14:32:27.0801 0x19a8 workfolderssvc - ok
14:32:27.0813 0x19a8 WpcMonSvc - ok
14:32:27.0821 0x19a8 WPDBusEnum - ok
14:32:27.0825 0x19a8 [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:32:27.0841 0x19a8 WpdUpFltr - ok
14:32:27.0849 0x19a8 [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll
14:32:27.0885 0x19a8 WpnService - ok
14:32:27.0893 0x19a8 [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
14:32:27.0925 0x19a8 WpnUserService - ok
14:32:27.0933 0x19a8 ws2ifsl - ok
14:32:27.0945 0x19a8 [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll
14:32:27.0977 0x19a8 wscsvc - ok
14:32:27.0981 0x19a8 WSearch - ok
14:32:27.0989 0x19a8 wuauserv - ok
14:32:27.0997 0x19a8 [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
14:32:28.0017 0x19a8 WudfPf - ok
14:32:28.0025 0x19a8 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:32:28.0049 0x19a8 WUDFRd - ok
14:32:28.0089 0x19a8 [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
14:32:28.0161 0x19a8 WwanSvc - ok
14:32:28.0173 0x19a8 [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
14:32:28.0193 0x19a8 xbgm - ok
14:32:28.0221 0x19a8 [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
14:32:28.0281 0x19a8 XblAuthManager - ok
14:32:28.0317 0x19a8 [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
14:32:28.0385 0x19a8 XblGameSave - ok
14:32:28.0389 0x19a8 xboxgip - ok
14:32:28.0397 0x19a8 [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
14:32:28.0425 0x19a8 XboxGipSvc - ok
14:32:28.0453 0x19a8 [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
14:32:28.0529 0x19a8 XboxNetApiSvc - ok
14:32:28.0537 0x19a8 [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
14:32:28.0557 0x19a8 xinputhid - ok
14:32:28.0561 0x19a8 ================ Scan global ===============================
14:32:28.0573 0x19a8 [ Global ] - ok
14:32:28.0577 0x19a8 ================ Scan MBR ==================================
14:32:28.0577 0x19a8 [ A2CC2DB843A17BDD7414F0ED5E4FDD21 ] \Device\Harddisk0\DR0
14:32:28.0673 0x19a8 \Device\Harddisk0\DR0 - ok
14:32:28.0673 0x19a8 ================ Scan VBR ==================================
14:32:28.0673 0x19a8 [ B2606AB0598BCE8D94328D24F2A16446 ] \Device\Harddisk0\DR0\Partition1
14:32:28.0673 0x19a8 \Device\Harddisk0\DR0\Partition1 - ok
14:32:28.0677 0x19a8 [ 5289D4D71FB58748BBC6C016001A5A69 ] \Device\Harddisk0\DR0\Partition2
14:32:28.0681 0x19a8 \Device\Harddisk0\DR0\Partition2 - ok
14:32:28.0681 0x19a8 [ 3B3A08A958A13C8C63D47B47692B6774 ] \Device\Harddisk0\DR0\Partition3
14:32:28.0685 0x19a8 \Device\Harddisk0\DR0\Partition3 - ok
14:32:28.0685 0x19a8 ================ Scan generic autorun ======================
14:32:28.0685 0x19a8 SecurityHealth - ok
14:32:28.0693 0x19a8 [ 3870A4FB83F82357713AB8DB9ED1FEBD, D1669E3E066E23D69BD4E4D4ECF7D8F0247BBD2C9E69B572273715EC18FDC0C4 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
14:32:28.0705 0x19a8 BLEServicesCtrl - ok
14:32:28.0729 0x19a8 [ 29DFA4FC734C5328FFC9FEF4F71D23A0, B15F3395472A4109346196851331254BDDB6B022B7112E3D3496B5B800F6F38A ] C:\Windows\system32\igfxtray.exe
14:32:28.0749 0x19a8 IgfxTray - ok
14:32:28.0757 0x19a8 [ 08593F82008D1524079C7CEA3D7F28F4, D6FF1875593D2BFFC137F9AD91C7A77916B83631B1D0BB97FF826F77D139B892 ] C:\WINDOWS\system32\TpShocks.exe
14:32:28.0781 0x19a8 TpShocks - ok
14:32:28.0793 0x19a8 [ 4E2FED41009B0D4E10F0121290C2EE7A, A8D1267F185439D41DA3D2486B2AEF9EE4A90362C01CB863615F44FC80EE3EC9 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
14:32:28.0809 0x19a8 LENOVO.TPKNRRES - ok
14:32:28.0889 0x19a8 [ 5CA53785B469303CC02CDB44E7410F12, 2302D64E1ECB3592DD83C3E74425F273A2628589C1FD1B0269DC319256D75E76 ] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe
14:32:29.0029 0x19a8 Enhanced Performance Keyboard - detected UnsignedFile.Multi.Generic ( 1 )
14:32:29.0029 0x19a8 Detect skipped due to KSN trusted
14:32:29.0029 0x19a8 Enhanced Performance Keyboard - ok
14:32:29.0113 0x19a8 [ C8BD6D2BD6D52259C2A672A86AA26A51, B790812B7B2A6BBEAD46E78D97358F7135386BDA8C95C8E936BE55286C8492D7 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
14:32:29.0205 0x19a8 Lenovo Registration - ok
14:32:29.0245 0x19a8 [ E504BAAC3857F20F1D9F20EAED5E0637, 2C527925FF7EBD9F2D41E21420958A07524310F81DD1921A414D74430E13531D ] C:\Program Files (x86)\Integrated Camera\monitor.exe
14:32:29.0317 0x19a8 Integrated Camera_Monitor - detected UnsignedFile.Multi.Generic ( 1 )
14:32:29.0317 0x19a8 Detect skipped due to KSN trusted
14:32:29.0317 0x19a8 Integrated Camera_Monitor - ok
14:32:29.0325 0x19a8 [ 505844B5C97F8CF519DB0CF2A2E6AE1B, 57F112DA9374050D5EA3E67C6654CD29F9CC3A1B43371DA4FF423FF5682A25BB ] C:\Program Files (x86)\Mindjet\MindManager 15\MMReminderService.exe
14:32:29.0337 0x19a8 MMReminderService - ok
14:32:29.0365 0x19a8 [ CFE242C34F6DBAF1135D666A44E478C8, 46CE13A60ED54BD9C10A92042584863B623E62AE610CAE3F6AB6BFF945401317 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
14:32:29.0405 0x19a8 Cisco AnyConnect Secure Mobility Agent for Windows - ok
14:32:29.0821 0x19a8 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:32:30.0325 0x19a8 OneDriveSetup - ok
14:32:30.0353 0x19a8 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
14:32:30.0388 0x19a8 WAB Migrate - ok
14:32:30.0788 0x19a8 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:32:31.0212 0x19a8 OneDriveSetup - ok
14:32:31.0244 0x19a8 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
14:32:31.0272 0x19a8 WAB Migrate - ok
14:32:31.0312 0x19a8 [ 0E5FABACD6FC0C7D1766FF6A86F90F9A, 0E524FE27A4307ED8499A1C0D4DF1F7354BE6862085D368433F8DF7028D13803 ] C:\Users\Maren\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:32:31.0352 0x19a8 OneDrive - ok
14:32:31.0356 0x19a8 Skype - ok
14:32:31.0452 0x19a8 [ 0F07A461077941DDA25C45622C80ACD8, BF7D2F3AD62E0C653CE74D8245F1182831FE64B7FD37C81DA99581413E35E30F ] C:\Program Files (x86)\tubcloud\tubcloud.exe
14:32:31.0592 0x19a8 tubcloud - detected UnsignedFile.Multi.Generic ( 1 )
14:32:31.0592 0x19a8 Detect skipped due to KSN trusted
14:32:31.0592 0x19a8 tubcloud - ok
14:32:31.0640 0x19a8 [ 62305D013F4E1538FA071846BD62FF52, E3DE76A994F2CCF17F443EFC928532FA6114469BC2C4B21D43B1DCE677D5D112 ] C:\Users\Maren\AppData\Local\FluxSoftware\Flux\flux.exe
14:32:31.0688 0x19a8 f.lux - ok
14:32:32.0108 0x19a8 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:32:32.0544 0x19a8 OneDriveSetup - ok
14:32:32.0576 0x19a8 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
14:32:32.0612 0x19a8 WAB Migrate - ok
14:32:32.0624 0x19a8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.13.17134.1 ), 0x62100 ( disabled : updated )
14:32:32.0624 0x19a8 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
14:32:32.0624 0x19a8 Win FW state via NFP2: enabled ( trusted )
14:32:32.0680 0x19a8 ============================================================
14:32:32.0680 0x19a8 Scan finished
14:32:32.0680 0x19a8 ============================================================
14:32:32.0688 0x1bf4 Detected object count: 0
14:32:32.0688 0x1bf4 Actual detected object count: 0
|
|
08.08.2018, 13:55
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Komisches Verhalten und Funde nach Schriftart-Installation - Virus? Adware/Junkware/Toolbars entfernen
__________________Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ |
|
08.08.2018, 15:01
| #19 |
| | Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-07.3
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-08-2018
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 19
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\predm
Deleted C:\Users\Maren\AppData\Local\globalUpdate
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\MaxPower
Deleted HKCU\Software\InstalledBrowserExtensions
Deleted HKLM\Software\Wow6432Node\InstalledBrowserExtensions
Deleted HKLM\Software\InstalledBrowserExtensions
Deleted HKCU\Software\Wnkey
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\omiga-plus.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\isearch.omiga-plus.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\shoppingate.info
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\inst.shoppingate.info
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2986 octets] - [08/08/2018 15:58:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
08.08.2018, 21:32
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Komisches Verhalten und Funde nach Schriftart-Installation - Virus? adwcleaner bitte zwecks Kontrolle wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.08.2018, 09:40
| #21 |
| | Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-07.3
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-10-2018
# Duration: 00:00:13
# OS: Windows 10 Pro
# Scanned: 41764
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [2986 octets] - [08/08/2018 15:58:49]
AdwCleaner[C00].txt - [2925 octets] - [08/08/2018 16:00:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
|
|
10.08.2018, 09:41
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Komisches Verhalten und Funde nach Schriftart-Installation - Virus? Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.08.2018, 09:59
| #23 |
| | Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
durchgeführt von Maren (Administrator) auf MARENS-PC (10-08-2018 10:58:08)
Gestartet von C:\Users\Maren\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Geladene Profile: Maren (Verfügbare Profile: Maren & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.165 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(tubIT - IT Service Center Technische Universität Berli) C:\Program Files (x86)\tubCloud\tubcloud.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(f.lux Software LLC) C:\Users\Maren\AppData\Local\FluxSoftware\Flux\flux.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes) C:\Users\Maren\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\adwcleaner_7.2.2 (1).exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\Maren\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [410608 2016-11-23] ()
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [384344 2014-02-17] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295768 2014-05-29] (Lenovo Group Limited)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719968 2014-02-20] (SunplusIT, Inc.)
HKLM-x32\...\Run: [MMReminderService] => C:\Program Files (x86)\Mindjet\MindManager 15\MMReminderService.exe [115552 2014-09-04] (Mindjet)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1319936 2018-03-17] (Cisco Systems, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\Run: [tubcloud] => C:\Program Files (x86)\tubcloud\tubcloud.exe [4410882 2018-02-13] (tubIT - IT Service Center Technische Universität Berli)
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\Run: [f.lux] => C:\Users\Maren\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{94808385-853F-4816-9837-0B4BCF8F0B7F}: [DhcpNameServer] 130.149.7.7 193.174.75.142
Tcpip\..\Interfaces\{b31df9c8-eac3-4e78-86a8-9c7c21860314}: [DhcpNameServer] 130.149.7.7 130.149.1.70
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-4183359354-3205262827-2780192169-1000 -> DefaultScope {802A26EE-FEF8-4490-A82B-CC9DFAF9A9F6} URL =
SearchScopes: HKU\S-1-5-21-4183359354-3205262827-2780192169-1000 -> {802A26EE-FEF8-4490-A82B-CC9DFAF9A9F6} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-26] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-26] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files (x86)\Mindjet\MindManager 15\Mm8InternetExplorer.dll [2014-09-04] (Mindjet)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Maren\AppData\Roaming\Mozilla\Firefox\Profiles\QL3k87nI.default [2015-01-09]
FF Extension: (Avira Browser Safety) - C:\Users\Maren\AppData\Roaming\Mozilla\Firefox\Profiles\QL3k87nI.default\Extensions\abs@avira.com [2015-01-09] [Legacy] [ist nicht signiert]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-26] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default [2018-08-07]
CHR Extension: (Slides) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-01]
CHR Extension: (Docs) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-01]
CHR Extension: (Google Drive) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-05]
CHR Extension: (YouTube) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Google Search) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Sheets) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-01]
CHR Extension: (Avira Browser Safety) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-06-01]
CHR Extension: (MindMap) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdaeohpmcenmffofpikllphdhlkkocfa [2016-04-06]
CHR Extension: (Google Docs Offline) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-01]
CHR Extension: (Citavi Picker) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2018-06-01]
CHR Extension: (Gmail) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522928 2018-06-30] (Microsoft Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2016-11-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197464 2014-05-29] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 osrss; C:\WINDOWS\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61936 2014-06-11] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [316400 2014-06-11] (Lenovo Group Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-06-19] (Malwarebytes)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [191208 2018-08-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [114920 2018-08-08] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [48360 2018-08-08] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102632 2018-08-10] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3530176 2018-03-06] (Intel Corporation)
R3 phidmice; C:\WINDOWS\system32\DRIVERS\phidmice.sys [33048 2016-07-11] ()
R3 pmouself; C:\WINDOWS\system32\DRIVERS\pmouself.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
R3 pvendrlf; C:\WINDOWS\system32\DRIVERS\pvendrlf.sys [15032 2016-07-11] (TPMX Electronics Ltd.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74120 2018-03-17] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-08-08 15:56 - 2018-08-08 16:00 - 000000000 ____D C:\AdwCleaner
2018-08-08 14:03 - 2018-08-08 15:57 - 000359508 _____ C:\TDSSKiller.3.1.0.17_08.08.2018_14.03.37_log.txt
2018-08-07 13:52 - 2016-09-23 13:16 - 000000109 _____ C:\Users\Maren\Desktop\Online PDF Tools.url
2018-08-07 13:40 - 2018-08-07 13:40 - 000001090 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-08-07 13:40 - 2018-08-07 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-08-07 13:40 - 2018-08-07 13:40 - 000000000 ____D C:\Program Files\VS Revo Group
2018-08-07 10:42 - 2018-08-07 10:42 - 000002508 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-07 10:09 - 2018-08-07 10:10 - 000071034 _____ C:\Users\Maren\Downloads\FRST.txt
2018-08-07 10:09 - 2018-08-07 10:10 - 000056345 _____ C:\Users\Maren\Downloads\Addition.txt
2018-08-07 10:08 - 2018-08-10 10:58 - 000000000 ____D C:\FRST
2018-08-07 10:08 - 2018-08-07 10:08 - 002412544 _____ (Farbar) C:\Users\Maren\Downloads\FRST64.exe
2018-08-07 10:07 - 2018-08-07 10:07 - 001773056 _____ (Farbar) C:\Users\Maren\Downloads\FRST.exe
2018-08-07 10:07 - 2018-08-07 10:07 - 001773056 _____ (Farbar) C:\Users\Maren\Downloads\FRST (1).exe
2018-08-07 09:52 - 2018-08-10 08:42 - 000102632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-08-07 09:52 - 2018-08-08 16:01 - 000048360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-08-07 09:52 - 2018-08-08 16:00 - 000114920 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-08-07 09:52 - 2018-08-07 09:52 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-08-07 09:52 - 2018-08-07 09:52 - 000191208 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-08-07 09:52 - 2018-08-07 09:52 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-07 09:52 - 2018-08-07 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-07 09:52 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-08-07 09:51 - 2018-08-07 09:51 - 078906944 _____ (Malwarebytes ) C:\Users\Maren\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.6223.exe
2018-08-07 09:51 - 2018-08-07 09:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-07 09:51 - 2018-08-07 09:51 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-07 09:43 - 2018-08-07 09:43 - 000000000 ____D C:\Users\Maren\Downloads\TS Recommended Apps
2018-08-07 09:43 - 2018-08-07 09:43 - 000000000 ____D C:\Users\Maren\AppData\Roaming\Opera Software
2018-08-07 09:43 - 2018-08-07 09:43 - 000000000 ____D C:\Users\Maren\AppData\Local\Opera Software
2018-08-07 09:40 - 2018-08-07 09:40 - 000000000 ____D C:\WINDOWS\Tasks\360Disabled
2018-08-07 09:39 - 2018-08-07 13:42 - 000000000 ____D C:\ProgramData\360Quarant
2018-08-07 09:38 - 2018-08-07 14:48 - 000000000 ____D C:\360SANDBOX
2018-08-07 09:38 - 2018-08-07 09:39 - 000000000 ____D C:\Users\Maren\AppData\Roaming\360DrvMgr
2018-08-07 09:36 - 2018-08-07 09:37 - 078508616 _____ C:\Users\Maren\Downloads\360TS_Setup.exe
2018-08-07 09:36 - 2018-08-07 09:36 - 001531456 _____ (Qihoo 360 Technology Co. Ltd.) C:\Users\Maren\Downloads\360TS_Setup_Mini.exe
2018-08-07 09:13 - 2018-08-07 09:13 - 000026479 _____ C:\Users\Maren\Downloads\Mona-Lite.zip
2018-08-07 09:09 - 2018-08-07 09:09 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-08-06 09:08 - 2018-08-06 09:08 - 000070153 _____ C:\Users\Maren\Downloads\peer assessment form.xlsx
2018-08-03 11:09 - 2018-08-03 11:09 - 005708736 _____ (Cisco Systems, Inc.) C:\Users\Maren\Downloads\anyconnect-win-4.6.00362-core-vpn-webdeploy-k9 (1).exe
2018-08-03 10:59 - 2018-08-03 10:59 - 000051935 _____ C:\Users\Maren\Desktop\MNCCC Results.pdf
2018-08-02 10:13 - 2018-08-02 10:13 - 000000000 ____D C:\Users\Maren\.cisco
2018-08-01 16:49 - 2018-08-01 16:49 - 000038977 _____ C:\Users\Maren\Desktop\Results CC July 2018.pdf
2018-08-01 16:25 - 2018-08-06 09:13 - 000038114 _____ C:\Users\Maren\Desktop\Results TMC July.pdf
2018-08-01 10:37 - 2018-08-01 10:37 - 000000000 ____D C:\Users\Maren\AppData\Local\Cisco
2018-08-01 10:37 - 2018-08-01 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2018-08-01 10:37 - 2018-08-01 10:37 - 000000000 ____D C:\ProgramData\Cisco
2018-08-01 10:37 - 2018-08-01 10:37 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-08-01 10:37 - 2018-03-17 22:10 - 000262096 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2018-08-01 10:06 - 2018-08-01 10:06 - 005708736 _____ (Cisco Systems, Inc.) C:\Users\Maren\Downloads\anyconnect-win-4.6.00362-core-vpn-webdeploy-k9.exe
2018-08-01 10:05 - 2018-08-01 10:05 - 000000000 ____D C:\Users\Maren\OpenVPN
2018-08-01 10:02 - 2018-08-01 10:02 - 001540104 _____ (CHIP Digital GmbH) C:\Users\Maren\Downloads\OpenVPN - CHIP-Installer.exe
2018-07-26 11:26 - 2018-07-26 11:26 - 000131686 _____ C:\Users\Maren\Desktop\Ausschreibung EIM_2018_04.pdf
2018-07-26 10:57 - 2018-07-06 13:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-26 10:57 - 2018-07-06 09:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-26 10:57 - 2018-07-06 09:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-26 10:57 - 2018-07-06 09:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-26 10:56 - 2018-07-06 16:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-26 10:56 - 2018-07-06 16:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-26 10:56 - 2018-07-06 16:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-26 10:56 - 2018-07-06 16:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-26 10:56 - 2018-07-06 16:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-26 10:56 - 2018-07-06 16:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-26 10:56 - 2018-07-06 16:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-26 10:56 - 2018-07-06 16:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-26 10:56 - 2018-07-06 16:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-26 10:56 - 2018-07-06 16:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-26 10:56 - 2018-07-06 16:15 - 002266520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-07-26 10:56 - 2018-07-06 16:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-26 10:56 - 2018-07-06 15:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-26 10:56 - 2018-07-06 15:53 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2018-07-26 10:56 - 2018-07-06 15:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-26 10:56 - 2018-07-06 15:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-26 10:56 - 2018-07-06 15:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-26 10:56 - 2018-07-06 15:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-26 10:56 - 2018-07-06 15:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-26 10:56 - 2018-07-06 15:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-26 10:56 - 2018-07-06 15:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-26 10:56 - 2018-07-06 15:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-26 10:56 - 2018-07-06 15:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-26 10:56 - 2018-07-06 15:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-26 10:56 - 2018-07-06 15:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-26 10:56 - 2018-07-06 15:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-26 10:56 - 2018-07-06 14:12 - 001539000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-07-26 10:56 - 2018-07-06 14:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-26 10:56 - 2018-07-06 13:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-26 10:56 - 2018-07-06 13:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-26 10:56 - 2018-07-06 13:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-26 10:56 - 2018-07-06 13:53 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2018-07-26 10:56 - 2018-07-06 13:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-26 10:56 - 2018-07-06 13:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-26 10:56 - 2018-07-06 13:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-26 10:56 - 2018-07-06 13:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-26 10:56 - 2018-07-06 13:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-26 10:56 - 2018-07-06 13:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-26 10:56 - 2018-07-06 13:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-26 10:56 - 2018-07-06 13:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-26 10:56 - 2018-07-06 09:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-26 10:56 - 2018-07-06 09:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-26 10:56 - 2018-07-06 09:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-26 10:56 - 2018-07-06 09:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-26 10:56 - 2018-07-06 09:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-26 10:56 - 2018-07-06 09:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-26 10:56 - 2018-07-06 09:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-26 10:56 - 2018-07-06 09:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-26 10:56 - 2018-07-06 09:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-26 10:56 - 2018-07-06 09:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-26 10:56 - 2018-07-06 09:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-26 10:56 - 2018-07-06 09:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-26 10:56 - 2018-07-06 09:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-26 10:56 - 2018-07-06 09:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-26 10:56 - 2018-07-06 09:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-26 10:56 - 2018-07-06 09:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-26 10:56 - 2018-07-06 09:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-26 10:56 - 2018-07-06 09:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-26 10:56 - 2018-07-06 09:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-26 10:56 - 2018-07-06 09:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-26 10:56 - 2018-07-06 09:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-26 10:56 - 2018-07-06 09:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-26 10:56 - 2018-07-06 09:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-26 10:56 - 2018-07-06 09:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-26 10:56 - 2018-07-06 09:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-26 10:56 - 2018-07-06 09:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-26 10:56 - 2018-07-06 09:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-26 10:56 - 2018-07-06 09:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-26 10:56 - 2018-07-06 09:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-26 10:56 - 2018-07-06 09:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-26 10:56 - 2018-07-06 09:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-26 10:56 - 2018-07-06 09:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-26 10:56 - 2018-07-06 09:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-26 10:56 - 2018-07-06 09:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-26 10:56 - 2018-07-06 09:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-26 10:56 - 2018-07-06 09:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-26 10:56 - 2018-07-06 09:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-26 10:56 - 2018-07-06 09:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-26 10:56 - 2018-07-06 09:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-26 10:56 - 2018-07-06 09:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-26 10:56 - 2018-07-06 09:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-26 10:56 - 2018-07-06 09:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-26 10:56 - 2018-07-06 09:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-26 10:56 - 2018-07-06 09:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-26 10:56 - 2018-07-06 08:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-26 10:56 - 2018-07-06 08:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-26 10:56 - 2018-07-06 08:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-26 10:56 - 2018-07-06 08:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-07-26 10:56 - 2018-07-06 08:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-26 10:56 - 2018-07-06 08:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-26 10:56 - 2018-07-06 08:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-26 10:56 - 2018-07-06 08:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-26 10:56 - 2018-07-06 08:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-26 10:56 - 2018-07-06 08:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-26 10:56 - 2018-07-06 08:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-26 10:56 - 2018-07-06 08:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-26 10:56 - 2018-07-06 07:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-26 10:56 - 2018-06-29 06:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-26 10:56 - 2018-05-20 13:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-08-10 10:57 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-10 10:46 - 2018-07-05 10:41 - 000004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9ADD2EDD-582D-4A4C-A6FF-618930A502CB}
2018-08-10 10:42 - 2018-06-05 09:33 - 000000000 ____D C:\Users\Maren\tubCloud
2018-08-10 10:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-10 08:52 - 2015-12-15 11:35 - 000000000 ____D C:\Users\Maren\AppData\Local\Comms
2018-08-10 08:41 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-10 08:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-10 08:41 - 2016-04-07 13:35 - 000000000 ____D C:\Users\Maren\AppData\Local\tubCloud
2018-08-10 08:40 - 2016-09-28 03:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-10 08:40 - 2015-10-13 10:01 - 000000000 __SHD C:\Users\Maren\IntelGraphicsProfiles
2018-08-08 16:05 - 2018-07-05 10:41 - 001961334 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-08 16:05 - 2018-04-12 18:14 - 000819490 _____ C:\WINDOWS\system32\perfh007.dat
2018-08-08 16:05 - 2018-04-12 18:14 - 000176236 _____ C:\WINDOWS\system32\perfc007.dat
2018-08-08 16:05 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-08 16:00 - 2018-07-05 10:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-08 16:00 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-08 16:00 - 2016-09-28 03:51 - 000000000 ____D C:\ProgramData\Synaptics
2018-08-08 12:07 - 2014-10-13 06:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-07 15:10 - 2018-07-05 10:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-07 13:50 - 2015-01-09 11:27 - 000000000 ____D C:\Program Files (x86)\Google
2018-08-07 13:45 - 2014-10-13 07:02 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-08-07 11:02 - 2018-06-01 15:16 - 000000000 ____D C:\Users\Maren\AppData\Local\Packages
2018-08-07 10:42 - 2018-07-05 11:05 - 000002594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-07 10:42 - 2018-07-05 11:05 - 000002590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-07 10:42 - 2018-07-05 11:05 - 000002569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-07 10:42 - 2018-07-05 11:05 - 000002547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-08-07 10:42 - 2018-07-05 11:05 - 000002544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-07 10:42 - 2018-07-05 11:05 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-07 10:42 - 2018-07-05 11:05 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-07 10:42 - 2018-07-05 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2018-08-07 10:30 - 2018-07-05 10:30 - 000424264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-03 09:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-08-03 09:56 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-03 09:37 - 2018-07-05 10:58 - 000000000 ____D C:\ProgramData\Packages
2018-08-02 10:13 - 2018-07-05 10:35 - 000000000 ____D C:\Users\Maren
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-26 18:23 - 2018-04-12 18:18 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-26 18:23 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-26 18:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-26 18:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-26 18:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-26 11:02 - 2015-10-14 11:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-26 11:01 - 2015-10-14 11:56 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-26 10:58 - 2018-07-05 10:41 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4183359354-3205262827-2780192169-1000
2018-07-26 10:58 - 2018-07-05 10:35 - 000002398 _____ C:\Users\Maren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-26 10:58 - 2015-10-13 10:03 - 000000000 ___RD C:\Users\Maren\OneDrive
2018-07-26 10:52 - 2014-10-13 07:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-26 10:46 - 2018-06-01 10:43 - 000002171 _____ C:\Users\Maren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-09-01 10:18 - 2014-09-01 10:18 - 000001248 _____ () C:\Users\Maren\AppData\Roaming\XAPBH
2015-01-09 12:02 - 2015-01-09 12:02 - 000301608 _____ (VuuPC Limited) C:\Users\Maren\AppData\Local\nslA2EB.tmp
Einige Dateien in TEMP:
====================
2018-08-07 09:43 - 2018-08-07 09:43 - 001853440 _____ (Opera Software) C:\Users\Maren\AppData\Local\Temp\Opera_installer_2018874335484.dll
2018-08-07 09:43 - 2018-08-07 09:43 - 001853440 _____ (Opera Software) C:\Users\Maren\AppData\Local\Temp\Opera_installer_2018874335562.dll
2018-08-07 09:43 - 2018-08-07 09:43 - 001853440 _____ (Opera Software) C:\Users\Maren\AppData\Local\Temp\Opera_installer_2018874337871.dll
2018-08-07 09:43 - 2018-08-07 09:43 - 001853440 _____ (Opera Software) C:\Users\Maren\AppData\Local\Temp\Opera_installer_2018874337949.dll
2018-08-07 09:43 - 2018-08-07 09:43 - 001853440 _____ (Opera Software) C:\Users\Maren\AppData\Local\Temp\Opera_installer_2018874343114.dll
2018-08-07 09:43 - 2018-08-07 09:43 - 001853440 _____ (Opera Software) C:\Users\Maren\AppData\Local\Temp\Opera_installer_2018874353766.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-07-05 10:30
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.08.2018
durchgeführt von Maren (10-08-2018 10:58:46)
Gestartet von C:\Users\Maren\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Pro Version 1803 17134.165 (X64) (2018-07-05 08:41:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4183359354-3205262827-2780192169-500 - Administrator - Disabled)
Conny (S-1-5-21-4183359354-3205262827-2780192169-1002 - Administrator - Enabled)
DefaultAccount (S-1-5-21-4183359354-3205262827-2780192169-503 - Limited - Disabled)
Gast (S-1-5-21-4183359354-3205262827-2780192169-501 - Limited - Disabled)
Maren (S-1-5-21-4183359354-3205262827-2780192169-1000 - Administrator - Enabled) => C:\Users\Maren
WDAGUtilityAccount (S-1-5-21-4183359354-3205262827-2780192169-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.51.01 - )
ATLAS.ti (HKLM-x32\...\{F1F3E0FB-5468-4D2E-B09C-F0D166F2A097}) (Version: 7.5.12.0 - ATLAS.ti Scientific Software Development GmbH)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.6.00362 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{511F072A-BBE3-4BE8-92BF-6C497DB76179}) (Version: 4.6.00362 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.5.0.7 - Swiss Academic Software)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.16 - NCH Software)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DisplayLink Core Software (HKLM\...\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}) (Version: 7.5.54609.0 - DisplayLink Corp.)
Efficient Elements for presentations - Standard Edition (HKLM-x32\...\{3BE2353C-8010-4641-978F-33DC1D65024E}) (Version: 2.1.3100.1 - Efficient Elements GmbH)
f.lux (HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\Flux) (Version: - f.lux Software LLC)
Foxit PhantomPDF Standard (HKLM-x32\...\{86848256-DF08-4F3D-A32D-37151AA16510}) (Version: 7.3.4.311 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.41 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{78091D68-706D-4893-B287-9F1DFB24F7AF}) (Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{18ec79fd-8f83-4e12-bfa5-80c9872cc56b}) (Version: 20.40.0 - Intel Corporation)
KONICA MINOLTA Universal PCL (HKLM\...\KONICA MINOLTA Universal PCL) (Version: - KONICA MINOLTA)
KONICA MINOLTA Universal PCL5 (HKLM\...\KONICA MINOLTA Universal PCL5) (Version: - KONICA MINOLTA)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.11 - )
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.20 - Lenovo Group Limited)
Lenovo QuickDisplay (HKLM\...\{ADEEC90C-A033-4596-ACA1-97327055F9CB}) (Version: 1.2.6.0 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.3 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.9126.2259 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mindjet MindManager 15 (HKLM-x32\...\{EF825A4F-DB90-4942-AF8E-3859BEE4B28D}) (Version: 15.0.160 - Mindjet)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7509 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics)
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
tubCloud (HKLM-x32\...\tubCloud) (Version: 2.3.3.1 - tubIT - IT Service Center Technische Universität Berli)
Universal PS x64 Multi-Lingual driver (HKLM\...\{A59333D1-C58A-4978-9835-F1C47521AF0C}) (Version: 2.51.6.0 - KONICA MINOLTA)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-Treiberpaket - Intel (e1dexpress) Net (03/13/2014 12.11.77.1) (HKLM\...\0E9686B99C91E380CCB49060633DCDE5ED79DE7E) (Version: 03/13/2014 12.11.77.1 - Intel)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC (11/15/2013 12.8.10.1005) (HKLM\...\D25E6F494D3225DFE05884186452E2C79AF2E506) (Version: 11/15/2013 12.8.10.1005 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System (04/07/2014 18.0.7.40) (HKLM\...\FB2627FE59EA6DAD058B4A4C82647DC162F8723D) (Version: 04/07/2014 18.0.7.40 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/07/2014 18.0.7.40) (HKLM\...\5879A8A324E612CD4CB110632BF1186381FA46F0) (Version: 04/07/2014 18.0.7.40 - Synaptics)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\tubCloud\shellext\OCOverlays_x64.dll [2018-02-13] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\tubCloud\shellext\OCOverlays_x64.dll [2018-02-13] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\tubCloud\shellext\OCOverlays_x64.dll [2018-02-13] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\tubCloud\shellext\OCOverlays_x64.dll [2018-02-13] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\tubCloud\shellext\OCOverlays_x64.dll [2018-02-13] (ownCloud Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\tubCloud\shellext\OCContextMenu_x64.dll [2018-02-13] (ownCloud Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-23] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06C8EBBF-4318-409E-9091-52A3068C0792} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {08C86B3A-3ED9-485A-943F-D31F9EA813C1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {10D7A6A9-7F02-400C-9679-2BAC3219AB18} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1500F7F9-F12A-4F52-BFCD-7ABE98013134} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {216F3877-796F-41B7-8731-5216C29D217C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {2D9DEEBE-6D7F-439E-8E7A-D47132E483A1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32453644-476E-4589-A25E-509843473D4E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {43039C55-D9FC-44AB-9D14-5AF3626497DF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {466F0375-5D6A-44B6-8CEB-5BB1EBF4056E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4B764C63-3BE2-4204-BB5A-29E30708AFCF} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {4F5019ED-9766-4389-BF46-4B493BC253D1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5203615E-B77E-49C1-ABA9-BE4E96225096} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {522A78EC-47FE-4547-8B27-A37B4BA3BE09} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-07-26] (Microsoft Corporation)
Task: {5EAF4052-3B67-41FD-8E61-BEE3EA17914A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {66146000-6C08-410F-A5C4-41AB3A76C2C6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-26] (Microsoft Corporation)
Task: {66511542-EBA3-4AE7-940F-4C845DB8E342} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {69EF209B-FBFB-41EB-9A8C-C73A1B21F1E5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {6AC5441D-AA42-4481-A54A-CF8D9256D37F} - System32\Tasks\XAPBH => C:\Users\Maren\AppData\Roaming\XAPBH.exe <==== ACHTUNG
Task: {70F56458-73E3-4C0C-BB6E-9CC05B54FBD8} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {73299B27-5488-4201-827C-D1B0A844F094} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {802901A7-DCAE-4DE3-9877-BB4C3F082F3B} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {838A9490-A03B-4F24-A1EC-9B7BB786D06F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {8586ACD4-DD9C-4FFD-9CF3-E4AA0F9DAF66} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {86D4781B-9E87-4AC8-BB6F-2E2458A0F0E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {88064B24-61C7-4C59-AC1D-434070278B56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8830008A-47B6-4DFE-A126-EE8710DD2F5E} - System32\Tasks\TVT\Lenovo QuickDisplay Agent => C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe [2014-03-26] (Lenovo Corporation)
Task: {88AC9A65-C6DC-4A7B-8AAA-ED04B3BAD7E6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {8F86F9C7-A92F-4EB4-9A04-ECB17DC80DE3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9035CF05-B292-43DC-A4BA-8CFC2265B32A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {93064AA4-3A3A-4686-A9EF-356626707892} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-26] (Microsoft Corporation)
Task: {9604AF26-8D01-4386-80B1-5046EE606AC9} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9AAB0C2D-F5AC-4775-876F-4B81ABE398F1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D36979E-8C3F-4DAC-839B-9401355D4A05} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9ED19A99-E0F9-4BF9-90E3-36D7999E1992} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-19] (Realtek Semiconductor)
Task: {A7E86528-57E9-487A-8957-E105C950844E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-19] (Realtek Semiconductor)
Task: {A98E3A25-C070-4B66-887C-307CECC064CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B40D3645-B937-4926-BD21-B585BE823DF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B44916B3-F421-47EC-9A3F-A21AA836F1C4} - \PMTask -> Keine Datei <==== ACHTUNG
Task: {B4A5CA0F-004B-437E-AE69-7F3E04BADBF1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC6390FC-6DD2-448D-8F72-3574B0E7C95F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {BE8A6704-C3F3-482D-A377-D0CDE2DD77B6} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {C274E1B9-3050-41EE-A0CE-240B37052C42} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CA4EE7F2-25F4-4A89-9E42-3B1DD8DCF07D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation)
Task: {CC257394-E6D2-4FD4-A25B-FC2B2D79DCD1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D0F06F54-DB5A-4DFD-BA45-34B8AE6211FE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {D121D24F-4C0E-4B2E-8FC7-BABA98A1AD87} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD9B4A57-C1C4-4218-AED5-5C51808A5BDF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E174044A-BA32-4993-B3D1-077DE49A510D} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {E29829ED-F8B2-43A0-B4B5-B5D4A269FCA0} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {E2A6B180-B23B-4A94-AB99-4EF177A68A78} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E64F1332-4C3A-4085-9B61-BDF5A8F78CE7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E79AB04D-3C79-4CE6-A07D-8CBEF9114C3D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB8CE054-F96D-4EA8-9F7C-8FC5D25C0254} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F2B00796-43CC-4B57-AC35-9CD5403FE52E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-26] (Microsoft Corporation)
Task: {F4760AB2-FAD7-4ABC-A2A8-8D67BAB646A7} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-19] (Realtek Semiconductor)
Task: {F9B000F6-C114-4749-8BAC-A537FDE3A055} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-04-26] (Lenovo)
Task: {FB400723-1134-422B-84B3-722C4FC78F48} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FFB27EEE-61A6-4067-A35C-361AC3F20357} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\XAPBH.job => C:\Users\Maren\AppData\Roaming\XAPBH.exe <==== ACHTUNG
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Maren\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-08-07 09:52 - 2018-06-18 13:32 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-07 09:52 - 2018-07-03 12:59 - 002535120 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-11-23 01:41 - 2016-11-23 01:41 - 000410608 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-02-13 14:56 - 2018-02-13 14:56 - 000061952 _____ () C:\Program Files (x86)\tubCloud\shellext\OCUtil_x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-26 10:56 - 2018-07-06 08:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-26 10:51 - 2018-07-26 10:51 - 032597504 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-07-26 10:51 - 2018-07-26 10:51 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-26 10:51 - 2018-07-26 10:51 - 006373376 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-06-01 10:51 - 2018-06-01 10:52 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-06-01 10:49 - 2018-06-01 10:50 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-26 10:51 - 2018-07-26 10:51 - 008903680 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-06-01 10:51 - 2018-06-01 10:52 - 000117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18061.11811.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2018-07-26 10:53 - 2018-07-26 10:53 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-26 10:53 - 2018-07-26 10:53 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-26 10:53 - 2018-07-26 10:53 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-26 10:53 - 2018-07-26 10:53 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-30 15:20 - 2018-07-30 15:21 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-30 15:20 - 2018-07-30 15:21 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-04 09:54 - 2018-06-04 09:55 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-26 10:53 - 2018-07-26 10:53 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-07-26 10:53 - 2018-07-26 10:53 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-06-04 09:54 - 2018-06-04 09:55 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-06-04 09:54 - 2018-06-04 09:55 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-26 10:53 - 2018-07-26 10:53 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-07-30 15:20 - 2018-07-30 15:21 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-26 10:53 - 2018-07-26 10:53 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-30 15:20 - 2018-07-30 15:20 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-06-04 09:54 - 2018-06-04 09:55 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 10:53 - 2018-07-26 10:53 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-30 15:20 - 2018-07-30 15:21 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-30 15:20 - 2018-07-30 15:21 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-08-01 10:00 - 2018-08-01 10:00 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-08-01 10:00 - 2018-08-01 10:00 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-01 10:00 - 2018-08-01 10:00 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-08-01 10:00 - 2018-08-01 10:00 - 001399960 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-07-26 10:54 - 2018-07-26 10:54 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2018-03-17 22:55 - 2018-03-17 22:55 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system.dll
2018-03-17 22:55 - 2018-03-17 22:55 - 000062464 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time.dll
2018-03-17 22:56 - 2018-03-17 22:56 - 000108032 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread.dll
2018-03-17 22:56 - 2018-03-17 22:56 - 000043008 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono.dll
2018-03-17 22:56 - 2018-03-17 22:56 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-13 07:02 - 2011-08-02 20:58 - 002201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-10-13 07:02 - 2011-08-02 20:58 - 002085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-10-13 06:49 - 2013-12-03 23:36 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-02-13 15:09 - 2018-02-13 15:09 - 002476197 _____ () C:\Program Files (x86)\tubCloud\libtubcloudsync.dll
2017-07-06 16:56 - 2017-07-06 16:56 - 001304278 _____ () C:\Program Files (x86)\tubCloud\libstdc++-6.dll
2017-07-06 19:34 - 2017-07-06 19:34 - 000045475 _____ () C:\Program Files (x86)\tubCloud\libqt5keychain.dll
2017-07-06 16:03 - 2017-07-06 16:03 - 000085026 _____ () C:\Program Files (x86)\tubCloud\zlib1.dll
2018-02-13 15:08 - 2018-02-13 15:08 - 001531190 _____ () C:\Program Files (x86)\tubCloud\libocsync.dll
2017-07-06 16:56 - 2017-07-06 16:56 - 000097898 _____ () C:\Program Files (x86)\tubCloud\libgcc_s_sjlj-1.dll
2017-07-06 17:47 - 2017-07-06 17:47 - 000362986 _____ () C:\Program Files (x86)\tubCloud\libharfbuzz-0.dll
2017-07-06 16:09 - 2017-07-06 16:09 - 000207141 _____ () C:\Program Files (x86)\tubCloud\libpng16-16.dll
2017-07-06 16:16 - 2017-07-06 16:16 - 000486390 _____ () C:\Program Files (x86)\tubCloud\libfreetype-6.dll
2017-07-06 16:07 - 2017-07-06 16:07 - 000151691 _____ () C:\Program Files (x86)\tubCloud\libpcre16-0.dll
2017-07-06 16:25 - 2017-07-06 16:25 - 001418957 _____ () C:\Program Files (x86)\tubCloud\icuuc56.dll
2017-07-06 16:25 - 2017-07-06 16:25 - 002449109 _____ () C:\Program Files (x86)\tubCloud\icui18n56.dll
2017-07-06 16:12 - 2017-07-06 16:12 - 000350652 _____ () C:\Program Files (x86)\tubCloud\libjpeg-8.dll
2017-07-06 17:47 - 2017-07-06 17:47 - 000339690 _____ () C:\Program Files (x86)\tubCloud\libwebp-5.dll
2017-07-06 16:48 - 2017-07-06 16:48 - 001174014 _____ () C:\Program Files (x86)\tubCloud\libxml2-2.dll
2017-07-06 17:40 - 2017-07-06 17:40 - 000231124 _____ () C:\Program Files (x86)\tubCloud\libxslt-1.dll
2017-07-06 16:20 - 2017-07-06 16:20 - 000710321 _____ () C:\Program Files (x86)\tubCloud\libsqlite3-0.dll
2017-07-06 16:25 - 2017-07-06 16:25 - 025058941 _____ () C:\Program Files (x86)\tubCloud\icudata56.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 15:46 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Maren\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\drew-coffman-98466-unsplash.jpg
DNS Servers: 130.149.7.7 - 130.149.1.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "LENOVO.TPKNRRES"
HKLM\...\StartupApproved\Run: => "Enhanced Performance Keyboard"
HKLM\...\StartupApproved\Run32: => "MMReminderService"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4183359354-3205262827-2780192169-1000\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{57ADEDE4-AFD1-446D-B782-ABFC0A2EC7A2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{566C246B-EF9A-4B8F-AF3B-9768FEDEB204}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{DE092898-2F5E-4B6E-A49E-B91184C81834}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{074CCEBC-BB57-4CEF-B994-C85B5A98FC1B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{DE328730-43B4-4EDC-995D-F9D9C5E7EE56}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{78DC54A1-5C64-46AD-837F-48F15808F47D}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6E99A903-C18D-497F-8A91-DF1AF8290048}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{E6B686C9-5A9B-412C-A708-10D29D2442C5}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{141248F0-8C47-419E-9274-2C251DFA6F69}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B9C2E4E5-6C1F-4504-9784-E296CDAF1D66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0C099BAA-4BEC-40C3-B2F5-BEB26277D4FC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{79CE32FF-0511-4EA5-9CAC-DE3595F836E9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B65D17F8-4CD0-4B1C-89E5-0E4F48453842}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{28632315-E061-4DE3-B716-64EDEB079FCB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
07-08-2018 13:43:43 Revo Uninstaller's restore point - Avira
07-08-2018 13:44:13 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
07-08-2018 13:45:26 Revo Uninstaller's restore point - Adobe AIR
07-08-2018 13:46:13 Revo Uninstaller's restore point - Avira Antivirus
07-08-2018 13:47:51 Revo Uninstaller's restore point - Evernote v. 5.0.1
07-08-2018 13:48:02 Removed Evernote v. 5.0.1
07-08-2018 13:48:46 Revo Uninstaller's restore point - HQPro-Video 1.6V09.01
07-08-2018 13:49:30 Revo Uninstaller's restore point - Google Chrome
07-08-2018 13:50:31 Revo Uninstaller's restore point - Java 8 Update 40
07-08-2018 13:50:42 Removed Java 8 Update 40
07-08-2018 13:51:39 Revo Uninstaller's restore point - Movie Wizard
07-08-2018 13:52:20 Revo Uninstaller's restore point - PDF24 Creator 8.4.2
08-08-2018 12:07:19 Revo Uninstaller's restore point - Avira
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/10/2018 10:41:21 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Marens-PC)
Description: httphttp-2147467263
Error: (08/10/2018 10:07:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/10/2018 10:07:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/10/2018 10:07:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/10/2018 10:07:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/10/2018 10:07:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/10/2018 10:07:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (08/10/2018 10:07:21 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (08/10/2018 10:37:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/10/2018 10:25:40 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/10/2018 09:45:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/10/2018 09:19:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/10/2018 08:43:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/10/2018 08:40:53 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/10/2018 08:40:53 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/10/2018 08:40:52 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2018-08-10 10:57:45.998
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-10 10:57:45.613
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-10 10:56:32.133
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-10 10:55:57.584
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-10 10:55:57.267
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-10 10:55:50.619
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-10 10:55:50.581
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-08-10 10:55:50.193
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 7895.79 MB
Verfügbarer physikalischer RAM: 4645.55 MB
Summe virtueller Speicher: 15831.79 MB
Verfügbarer virtueller Speicher: 12377.19 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:143.01 GB) (Free:62.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:16.2 GB) (Free:5.04 GB) NTFS
\\?\Volume{c23d87cf-5293-11e4-99af-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:0.92 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 167.7 GB) (Disk ID: 605BF25A)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=143 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=7 GB) - (Type=84)
==================== Ende von Addition.txt ============================
|
|
10.08.2018, 10:23
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Komisches Verhalten und Funde nach Schriftart-Installation - Virus? Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Maren\AppData\Roaming\XAPBH.exe
C:\WINDOWS\Tasks\360Disabled
C:\ProgramData\360Quarant
C:\360SANDBOX
C:\Users\Maren\AppData\Roaming\360DrvMgr
C:\Users\Maren\Downloads\360TS_Setup.exe
C:\Users\Maren\AppData\Local\nslA2EB.tmp
C:\Users\Maren\Downloads\360TS_Setup_Mini.exe
FF Extension: (Avira Browser Safety) - C:\Users\Maren\AppData\Roaming\Mozilla\Firefox\Profiles\QL3k87nI.default\Extensions\abs@avira.com [2015-01-09] [Legacy] [ist nicht signiert]
CHR Extension: (Avira Browser Safety) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-06-01]
Task: {06C8EBBF-4318-409E-9091-52A3068C0792} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {32453644-476E-4589-A25E-509843473D4E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {4F5019ED-9766-4389-BF46-4B493BC253D1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5203615E-B77E-49C1-ABA9-BE4E96225096} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6AC5441D-AA42-4481-A54A-CF8D9256D37F} - System32\Tasks\XAPBH => C:\Users\Maren\AppData\Roaming\XAPBH.exe <==== ACHTUNG
Task: {73299B27-5488-4201-827C-D1B0A844F094} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {838A9490-A03B-4F24-A1EC-9B7BB786D06F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {86D4781B-9E87-4AC8-BB6F-2E2458A0F0E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {88064B24-61C7-4C59-AC1D-434070278B56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9035CF05-B292-43DC-A4BA-8CFC2265B32A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B40D3645-B937-4926-BD21-B585BE823DF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B44916B3-F421-47EC-9A3F-A21AA836F1C4} - \PMTask -> Keine Datei <==== ACHTUNG
Task: {DD9B4A57-C1C4-4218-AED5-5C51808A5BDF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\XAPBH.job => C:\Users\Maren\AppData\Roaming\XAPBH.exe <==== ACHTUNG
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.08.2018, 10:50
| #25 |
| | Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.08.2018
durchgeführt von Maren (10-08-2018 11:36:08) Run:1
Gestartet von C:\Users\Maren\Downloads
Geladene Profile: Maren (Verfügbare Profile: Maren & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Maren\AppData\Roaming\XAPBH.exe
C:\WINDOWS\Tasks\360Disabled
C:\ProgramData\360Quarant
C:\360SANDBOX
C:\Users\Maren\AppData\Roaming\360DrvMgr
C:\Users\Maren\Downloads\360TS_Setup.exe
C:\Users\Maren\AppData\Local\nslA2EB.tmp
C:\Users\Maren\Downloads\360TS_Setup_Mini.exe
FF Extension: (Avira Browser Safety) - C:\Users\Maren\AppData\Roaming\Mozilla\Firefox\Profiles\QL3k87nI.default\Extensions\abs@avira.com [2015-01-09] [Legacy] [ist nicht signiert]
CHR Extension: (Avira Browser Safety) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-06-01]
Task: {06C8EBBF-4318-409E-9091-52A3068C0792} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {32453644-476E-4589-A25E-509843473D4E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {4F5019ED-9766-4389-BF46-4B493BC253D1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5203615E-B77E-49C1-ABA9-BE4E96225096} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6AC5441D-AA42-4481-A54A-CF8D9256D37F} - System32\Tasks\XAPBH => C:\Users\Maren\AppData\Roaming\XAPBH.exe <==== ACHTUNG
Task: {73299B27-5488-4201-827C-D1B0A844F094} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {838A9490-A03B-4F24-A1EC-9B7BB786D06F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {86D4781B-9E87-4AC8-BB6F-2E2458A0F0E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {88064B24-61C7-4C59-AC1D-434070278B56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9035CF05-B292-43DC-A4BA-8CFC2265B32A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B40D3645-B937-4926-BD21-B585BE823DF9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B44916B3-F421-47EC-9A3F-A21AA836F1C4} - \PMTask -> Keine Datei <==== ACHTUNG
Task: {DD9B4A57-C1C4-4218-AED5-5C51808A5BDF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\XAPBH.job => C:\Users\Maren\AppData\Roaming\XAPBH.exe <==== ACHTUNG
emptytemp:
*****************
"C:\Users\Maren\AppData\Roaming\XAPBH.exe" => nicht gefunden
C:\WINDOWS\Tasks\360Disabled => erfolgreich verschoben
C:\ProgramData\360Quarant => erfolgreich verschoben
C:\360SANDBOX => erfolgreich verschoben
C:\Users\Maren\AppData\Roaming\360DrvMgr => erfolgreich verschoben
C:\Users\Maren\Downloads\360TS_Setup.exe => erfolgreich verschoben
C:\Users\Maren\AppData\Local\nslA2EB.tmp => erfolgreich verschoben
C:\Users\Maren\Downloads\360TS_Setup_Mini.exe => erfolgreich verschoben
C:\Users\Maren\AppData\Roaming\Mozilla\Firefox\Profiles\QL3k87nI.default\Extensions\abs@avira.com => erfolgreich verschoben
C:\Users\Maren\AppData\Roaming\Mozilla\Firefox\Profiles\QL3k87nI.default\Extensions\abs@avira.com => Pfad erfolgreich entfernt
CHR Extension: (Avira Browser Safety) - C:\Users\Maren\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-06-01] => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06C8EBBF-4318-409E-9091-52A3068C0792}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06C8EBBF-4318-409E-9091-52A3068C0792}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32453644-476E-4589-A25E-509843473D4E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32453644-476E-4589-A25E-509843473D4E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F5019ED-9766-4389-BF46-4B493BC253D1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F5019ED-9766-4389-BF46-4B493BC253D1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5203615E-B77E-49C1-ABA9-BE4E96225096}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5203615E-B77E-49C1-ABA9-BE4E96225096}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6AC5441D-AA42-4481-A54A-CF8D9256D37F}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC5441D-AA42-4481-A54A-CF8D9256D37F}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\XAPBH => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XAPBH" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73299B27-5488-4201-827C-D1B0A844F094}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73299B27-5488-4201-827C-D1B0A844F094}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{838A9490-A03B-4F24-A1EC-9B7BB786D06F}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{838A9490-A03B-4F24-A1EC-9B7BB786D06F}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86D4781B-9E87-4AC8-BB6F-2E2458A0F0E2}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86D4781B-9E87-4AC8-BB6F-2E2458A0F0E2}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88064B24-61C7-4C59-AC1D-434070278B56}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88064B24-61C7-4C59-AC1D-434070278B56}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9035CF05-B292-43DC-A4BA-8CFC2265B32A}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9035CF05-B292-43DC-A4BA-8CFC2265B32A}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B40D3645-B937-4926-BD21-B585BE823DF9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B40D3645-B937-4926-BD21-B585BE823DF9}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B44916B3-F421-47EC-9A3F-A21AA836F1C4}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B44916B3-F421-47EC-9A3F-A21AA836F1C4}" => erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PMTask => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD9B4A57-C1C4-4218-AED5-5C51808A5BDF}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9B4A57-C1C4-4218-AED5-5C51808A5BDF}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => erfolgreich entfernt
C:\WINDOWS\Tasks\XAPBH.job => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52397404 B
Java, Flash, Steam htmlcache => 714 B
Windows/system/drivers => 35567013 B
Edge => 9084239 B
Chrome => 636401683 B
Firefox => 0 B
Opera => 29042188 B
Temp, IE cache, history, cookies, recent:
Default => 12846 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 246204 B
LocalService => 0 B
NetworkService => 12846 B
NetworkService => 0 B
Maren => 73658078 B
DefaultAppPool => 12846 B
RecycleBin => 33123285 B
EmptyTemp: => 836.8 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:36:49 ====
|
|
10.08.2018, 10:56
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Komisches Verhalten und Funde nach Schriftart-Installation - Virus? Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.08.2018, 13:26
| #27 |
| | Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 10.08.18
Scan-Zeit: 12:57
Protokolldatei: 1ed8ef7e-9c8c-11e8-b30d-28d244e3644c.json
Administrator: Ja
-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.391
Version des Aktualisierungspakets: 1.0.6285
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.165)
CPU: x64
Dateisystem: NTFS
Benutzer: Marens-PC\Maren
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 343497
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 1 Min., 29 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter 13:00:55 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu (1).exe=2.0.22.0
# EOSSerial=
# end=init
# utc_time=2018-08-10 11:00:55
# local_time=2018-08-10 13:00:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=10.0.17134 NT
13:01:34 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu (1).exe=2.0.22.0
# EOSSerial=1e59d30ec601734f927e35a6515f172a
# end=init
# utc_time=2018-08-10 11:01:34
# local_time=2018-08-10 13:01:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=10.0.17134 NT
13:01:42 Updating
13:01:42 Update Init
13:01:44 Update Download
13:02:45 esets_scanner_reload returned 0
13:02:45 g_uiModuleBuild: 38336
13:02:45 Update Finalize
13:02:45 Call m_esets_charon_send
13:02:45 Call m_esets_charon_destroy
13:02:46 Updated modules version: 38336
13:02:56 Call m_esets_charon_setup_create
13:02:56 Call m_esets_charon_create
13:02:56 m_esets_charon_create OK
13:02:56 Call m_esets_charon_start_send_thread
13:02:56 Call m_esets_charon_setup_set
13:02:56 m_esets_charon_setup_set OK
13:02:56 Scanner engine: 38336
14:24:17 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu (1).exe=2.0.22.0
# EOSSerial=1e59d30ec601734f927e35a6515f172a
# engine=38336
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2018-08-10 12:24:17
# local_time=2018-08-10 14:24:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=10.0.17134 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10354177 10414219 0 0
# scanned=233628
# found=3
# cleaned=0
# scan_time=3611
sh=117B708AA171989B1C23FF89FD01EE49CA792876 ft=1 fh=0000000000000000 vn="Win32/VOPackage.BS eventuell unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Maren\AppData\Local\nslA2EB.tmp.xBAD"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Maren\AppData\Roaming\XAPBH"
sh=945DA8205D6036E69DF80BF0C682E53C084BB446 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Maren\Downloads\OpenVPN - CHIP-Installer.exe"
14:24:18 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Maren\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
14:24:18 Call m_esets_charon_send
14:24:18 Call m_esets_charon_destroy
Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Malwarebytes Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamtray.exe Windows Defender MSASCuiL.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
10.08.2018, 13:40
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Komisches Verhalten und Funde nach Schriftart-Installation - Virus? Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Maren\AppData\Roaming\XAPBH
C:\Users\Maren\Downloads\*CHIP-Installer.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.08.2018, 14:30
| #29 |
| | Komisches Verhalten und Funde nach Schriftart-Installation - Virus?Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.08.2018
durchgeführt von Maren (10-08-2018 15:27:47) Run:2
Gestartet von C:\Users\Maren\Downloads
Geladene Profile: Maren (Verfügbare Profile: Maren & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Maren\AppData\Roaming\XAPBH
C:\Users\Maren\Downloads\*CHIP-Installer.exe
emptytemp:
*****************
C:\Users\Maren\AppData\Roaming\XAPBH => erfolgreich verschoben
=========== "C:\Users\Maren\Downloads\*CHIP-Installer.exe" ==========
C:\Users\Maren\Downloads\OpenVPN - CHIP-Installer.exe => erfolgreich verschoben
========= Ende -> "C:\Users\Maren\Downloads\*CHIP-Installer.exe" ========
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10633613 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 34976 B
Edge => 27809141 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 910 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Maren => 3429693 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 47.5 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 15:27:57 ====
|
|
10.08.2018, 20:45
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Komisches Verhalten und Funde nach Schriftart-Installation - Virus? So du kleine Schnute  dann sind wir (fast) fertig. Ein letzter Hinweis zu CHIP noch: Lesestoff:chip.de / CHIP-Installer Keine Downloads mehr von CHIP.de! Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Komisches Verhalten und Funde nach Schriftart-Installation - Virus? |
| avdevprot, bildschirm, c:\windows, code, cursor, explorer, files, gen, gratis, installiert, internet, internet explorer, malwarebytes, microsoft, nichts, office, office 365, programme, quarantäne, recovery, schriftart, system32, verhalten, virus, virus?, web, windowsapps, öffnen |
Linear-Darstellung
