cmd.exe öffnet sich und lädt treiber ohne mein zutun

fatalerror · 20.03.2015, 23:54

Hi,

ich bin leider gerade ziemlich verunsichert bezüglich meines Laptops.

Aus dem Nichts(?) öffnete sich ein Fenster mit der cmd.exe (siehe Screenshot). Dummerweise habe ich nicht schnell genug den Stecker gezogen bzw. nicht schnell genug verstanden, dass das etwas Schädliches sein könnte. Leider bin ich in dem Bereich ziemlich ahnungslos.

hxxp://www.bilder-upload.eu/show.php?file=f2b326-1426677560.jpg

Scans mit Avira Antivir und Malwarebytes ergaben nichts (Logs unten angehängt)

Ich habe dann mal in die Ereignisanzeige geschaut und es kommen in der Zeit eigentlich nur ein paar Prozesse vor, die damit zusammenhängen könnten 18.3.15 11:51:10 - 11:53:51.

hxxp://www.bilder-upload.eu/show.php?file=1cd476-1426891967.jpg

Ich würde mich sehr freuen, wenn ihr mir sagen könntet, ob das etwas Gefährliches ist und was genau durch die cmd.exe verändert wurde. Wie würdet ihr weiter vorgehen?

Vielen vielen Dank!!!

Bin nicht sicher, ob relevant, aber hier noch die Logs von Malwarebytes und Antivir:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20.03.2015
Scan Time: 23:09:08
Logfile: log malwarebytes.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.20.07
Rootkit Database: v2015.02.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: will

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 400597
Time Elapsed: 7 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 18. März 2015 14:27

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : WILL-THINK

Versionsinformationen:
BUILD.DAT : 15.0.8.650 91859 Bytes 25.02.2015 17:54:00
AVSCAN.EXE : 15.0.8.650 1014064 Bytes 05.03.2015 09:31:50
AVSCANRC.DLL : 15.0.8.650 63792 Bytes 05.03.2015 09:31:50
LUKE.DLL : 15.0.8.650 60664 Bytes 05.03.2015 09:32:14
AVSCPLR.DLL : 15.0.8.650 94456 Bytes 05.03.2015 09:31:50
REPAIR.DLL : 15.0.8.650 366328 Bytes 05.03.2015 09:31:49
REPAIR.RDF : 1.0.6.46 805594 Bytes 17.03.2015 14:35:39
AVREG.DLL : 15.0.8.650 264496 Bytes 05.03.2015 09:31:48
AVLODE.DLL : 15.0.8.650 645368 Bytes 05.03.2015 09:31:47
AVLODE.RDF : 14.0.4.54 78895 Bytes 05.12.2014 16:23:58
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:44
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:44
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:44
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:44
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:44
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:44
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:36:45
XBV00164.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00165.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00166.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00167.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00168.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00169.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00170.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00171.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00172.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00173.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00174.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00175.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00176.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00177.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00178.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00179.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00180.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00181.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00182.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00183.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00184.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:22
XBV00185.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00186.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00187.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00188.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00189.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00190.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00191.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00192.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00193.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00194.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00195.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00196.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00197.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00198.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00199.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00200.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00201.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00202.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00203.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00204.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00205.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00206.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00207.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00208.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00209.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00210.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00211.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00212.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00213.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00214.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00215.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00216.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00217.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00218.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00219.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00220.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00221.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00222.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00223.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00224.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00225.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00226.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00227.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00228.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00229.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00230.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00231.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00232.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00233.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00234.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00235.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00236.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:23
XBV00237.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00238.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00239.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00240.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00241.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00242.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00243.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00244.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00245.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00246.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00247.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00248.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00249.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00250.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00251.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00252.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00253.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00254.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00255.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:05:24
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 18:42:14
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 15:09:41
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 15:28:20
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 10:51:57
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 10:00:25
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 11:07:54
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 08:40:33
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 09:06:23
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 12:36:44
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 20:07:35
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 12:28:52
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 08:43:15
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 11:03:37
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 13:07:32
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 12:58:38
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 08:59:01
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 13:05:20
XBV00042.VDF : 8.11.213.202 3584 Bytes 05.03.2015 13:05:20
XBV00043.VDF : 8.11.213.204 2048 Bytes 05.03.2015 13:05:20
XBV00044.VDF : 8.11.213.230 40960 Bytes 05.03.2015 13:05:20
XBV00045.VDF : 8.11.214.2 29184 Bytes 05.03.2015 13:05:20
XBV00046.VDF : 8.11.214.28 25088 Bytes 05.03.2015 13:05:20
XBV00047.VDF : 8.11.214.30 14848 Bytes 05.03.2015 13:05:20
XBV00048.VDF : 8.11.214.32 3072 Bytes 05.03.2015 13:05:20
XBV00049.VDF : 8.11.214.34 2048 Bytes 06.03.2015 13:05:20
XBV00050.VDF : 8.11.214.38 39424 Bytes 06.03.2015 13:05:20
XBV00051.VDF : 8.11.214.40 6656 Bytes 06.03.2015 13:05:20
XBV00052.VDF : 8.11.214.42 4608 Bytes 06.03.2015 13:05:20
XBV00053.VDF : 8.11.214.44 5120 Bytes 06.03.2015 13:05:20
XBV00054.VDF : 8.11.214.46 23552 Bytes 06.03.2015 13:05:20
XBV00055.VDF : 8.11.214.48 3072 Bytes 06.03.2015 13:05:20
XBV00056.VDF : 8.11.214.50 25600 Bytes 06.03.2015 13:05:20
XBV00057.VDF : 8.11.214.72 2048 Bytes 06.03.2015 13:05:20
XBV00058.VDF : 8.11.214.92 48128 Bytes 06.03.2015 13:05:20
XBV00059.VDF : 8.11.214.112 12800 Bytes 06.03.2015 13:05:20
XBV00060.VDF : 8.11.214.114 2560 Bytes 06.03.2015 13:05:20
XBV00061.VDF : 8.11.214.136 32256 Bytes 06.03.2015 13:05:20
XBV00062.VDF : 8.11.214.138 2048 Bytes 06.03.2015 13:05:20
XBV00063.VDF : 8.11.214.140 2048 Bytes 07.03.2015 13:05:20
XBV00064.VDF : 8.11.214.144 34304 Bytes 07.03.2015 13:05:20
XBV00065.VDF : 8.11.214.146 2048 Bytes 07.03.2015 13:05:20
XBV00066.VDF : 8.11.214.168 33792 Bytes 07.03.2015 13:05:20
XBV00067.VDF : 8.11.214.188 71168 Bytes 08.03.2015 13:05:20
XBV00068.VDF : 8.11.214.190 2048 Bytes 08.03.2015 13:05:20
XBV00069.VDF : 8.11.214.192 2048 Bytes 08.03.2015 13:05:20
XBV00070.VDF : 8.11.214.212 2048 Bytes 08.03.2015 13:05:20
XBV00071.VDF : 8.11.214.232 28672 Bytes 08.03.2015 21:56:36
XBV00072.VDF : 8.11.214.252 69120 Bytes 09.03.2015 09:01:22
XBV00073.VDF : 8.11.215.14 3584 Bytes 09.03.2015 09:01:22
XBV00074.VDF : 8.11.215.32 7168 Bytes 09.03.2015 15:01:21
XBV00075.VDF : 8.11.215.50 12800 Bytes 09.03.2015 15:01:21
XBV00076.VDF : 8.11.215.52 5120 Bytes 09.03.2015 15:01:21
XBV00077.VDF : 8.11.215.70 17920 Bytes 09.03.2015 12:27:52
XBV00078.VDF : 8.11.215.90 2048 Bytes 09.03.2015 12:27:52
XBV00079.VDF : 8.11.215.110 2048 Bytes 09.03.2015 12:27:52
XBV00080.VDF : 8.11.215.132 29696 Bytes 09.03.2015 12:27:52
XBV00081.VDF : 8.11.215.134 11264 Bytes 09.03.2015 12:27:53
XBV00082.VDF : 8.11.215.136 11264 Bytes 09.03.2015 12:27:53
XBV00083.VDF : 8.11.215.138 12288 Bytes 10.03.2015 12:27:53
XBV00084.VDF : 8.11.215.140 35840 Bytes 10.03.2015 12:27:53
XBV00085.VDF : 8.11.215.158 6144 Bytes 10.03.2015 12:27:53
XBV00086.VDF : 8.11.215.174 5632 Bytes 10.03.2015 12:27:53
XBV00087.VDF : 8.11.215.190 8704 Bytes 10.03.2015 12:27:53
XBV00088.VDF : 8.11.215.206 19968 Bytes 10.03.2015 12:27:53
XBV00089.VDF : 8.11.215.222 12800 Bytes 10.03.2015 12:27:53
XBV00090.VDF : 8.11.215.226 2048 Bytes 10.03.2015 12:27:54
XBV00091.VDF : 8.11.215.230 14336 Bytes 10.03.2015 12:27:54
XBV00092.VDF : 8.11.215.234 26112 Bytes 10.03.2015 12:27:54
XBV00093.VDF : 8.11.215.236 11776 Bytes 10.03.2015 12:27:54
XBV00094.VDF : 8.11.215.240 22016 Bytes 11.03.2015 12:27:54
XBV00095.VDF : 8.11.215.242 2048 Bytes 11.03.2015 12:27:54
XBV00096.VDF : 8.11.215.244 2048 Bytes 11.03.2015 12:27:55
XBV00097.VDF : 8.11.216.4 7680 Bytes 11.03.2015 12:27:55
XBV00098.VDF : 8.11.216.20 12800 Bytes 11.03.2015 12:27:55
XBV00099.VDF : 8.11.216.36 19968 Bytes 11.03.2015 12:27:55
XBV00100.VDF : 8.11.216.52 2560 Bytes 11.03.2015 12:27:55
XBV00101.VDF : 8.11.216.54 22016 Bytes 11.03.2015 12:27:55
XBV00102.VDF : 8.11.216.56 8192 Bytes 11.03.2015 12:27:55
XBV00103.VDF : 8.11.216.58 4608 Bytes 11.03.2015 12:27:55
XBV00104.VDF : 8.11.216.60 16896 Bytes 11.03.2015 12:27:55
XBV00105.VDF : 8.11.216.76 14336 Bytes 11.03.2015 12:27:55
XBV00106.VDF : 8.11.216.90 30208 Bytes 11.03.2015 12:27:55
XBV00107.VDF : 8.11.216.104 5632 Bytes 12.03.2015 12:27:55
XBV00108.VDF : 8.11.216.118 6656 Bytes 12.03.2015 12:27:55
XBV00109.VDF : 8.11.216.120 24576 Bytes 12.03.2015 12:27:56
XBV00110.VDF : 8.11.216.122 16896 Bytes 12.03.2015 09:34:12
XBV00111.VDF : 8.11.216.124 2048 Bytes 12.03.2015 09:34:12
XBV00112.VDF : 8.11.216.138 16896 Bytes 12.03.2015 09:34:13
XBV00113.VDF : 8.11.216.140 2048 Bytes 12.03.2015 09:34:13
XBV00114.VDF : 8.11.216.154 3584 Bytes 12.03.2015 09:34:13
XBV00115.VDF : 8.11.216.168 2048 Bytes 12.03.2015 09:34:13
XBV00116.VDF : 8.11.216.182 70144 Bytes 12.03.2015 09:34:13
XBV00117.VDF : 8.11.216.196 2048 Bytes 13.03.2015 09:34:13
XBV00118.VDF : 8.11.216.200 46080 Bytes 13.03.2015 09:34:13
XBV00119.VDF : 8.11.216.214 11776 Bytes 13.03.2015 09:34:13
XBV00120.VDF : 8.11.216.228 4096 Bytes 13.03.2015 09:34:13
XBV00121.VDF : 8.11.216.242 2560 Bytes 13.03.2015 09:34:14
XBV00122.VDF : 8.11.216.254 2560 Bytes 13.03.2015 09:34:14
XBV00123.VDF : 8.11.217.10 7680 Bytes 13.03.2015 09:34:14
XBV00124.VDF : 8.11.217.14 2048 Bytes 13.03.2015 09:34:14
XBV00125.VDF : 8.11.217.16 24576 Bytes 13.03.2015 09:34:14
XBV00126.VDF : 8.11.217.22 17408 Bytes 13.03.2015 09:34:14
XBV00127.VDF : 8.11.217.24 2048 Bytes 13.03.2015 09:34:14
XBV00128.VDF : 8.11.217.26 2048 Bytes 13.03.2015 09:34:14
XBV00129.VDF : 8.11.217.28 15872 Bytes 13.03.2015 09:34:14
XBV00130.VDF : 8.11.217.42 84480 Bytes 14.03.2015 15:34:01
XBV00131.VDF : 8.11.217.54 2048 Bytes 14.03.2015 15:34:01
XBV00132.VDF : 8.11.217.66 2048 Bytes 14.03.2015 15:34:02
XBV00133.VDF : 8.11.217.78 19456 Bytes 14.03.2015 15:34:02
XBV00134.VDF : 8.11.217.90 71680 Bytes 15.03.2015 14:15:52
XBV00135.VDF : 8.11.217.102 2048 Bytes 15.03.2015 14:15:52
XBV00136.VDF : 8.11.217.124 6656 Bytes 15.03.2015 14:15:53
XBV00137.VDF : 8.11.217.136 76800 Bytes 16.03.2015 08:27:00
XBV00138.VDF : 8.11.217.146 3584 Bytes 16.03.2015 14:27:00
XBV00139.VDF : 8.11.217.156 3584 Bytes 16.03.2015 14:27:00
XBV00140.VDF : 8.11.217.166 4096 Bytes 16.03.2015 14:27:00
XBV00141.VDF : 8.11.217.176 12288 Bytes 16.03.2015 14:27:00
XBV00142.VDF : 8.11.217.186 13312 Bytes 16.03.2015 20:27:01
XBV00143.VDF : 8.11.217.188 24064 Bytes 16.03.2015 20:27:01
XBV00144.VDF : 8.11.217.194 7680 Bytes 16.03.2015 20:27:01
XBV00145.VDF : 8.11.217.198 31232 Bytes 16.03.2015 08:35:37
XBV00146.VDF : 8.11.217.208 13824 Bytes 16.03.2015 08:35:37
XBV00147.VDF : 8.11.217.216 7680 Bytes 16.03.2015 08:35:37
XBV00148.VDF : 8.11.217.224 2048 Bytes 17.03.2015 08:35:37
XBV00149.VDF : 8.11.217.232 23552 Bytes 17.03.2015 08:35:37
XBV00150.VDF : 8.11.217.240 7168 Bytes 17.03.2015 08:35:37
XBV00151.VDF : 8.11.217.242 9216 Bytes 17.03.2015 14:35:37
XBV00152.VDF : 8.11.217.244 13824 Bytes 17.03.2015 14:35:37
XBV00153.VDF : 8.11.217.252 4608 Bytes 17.03.2015 14:35:37
XBV00154.VDF : 8.11.218.4 10240 Bytes 17.03.2015 14:35:37
XBV00155.VDF : 8.11.218.6 12800 Bytes 17.03.2015 14:35:37
XBV00156.VDF : 8.11.218.16 14848 Bytes 17.03.2015 20:35:37
XBV00157.VDF : 8.11.218.20 2048 Bytes 17.03.2015 20:35:37
XBV00158.VDF : 8.11.218.28 4096 Bytes 17.03.2015 08:20:52
XBV00159.VDF : 8.11.218.30 25600 Bytes 17.03.2015 08:20:53
XBV00160.VDF : 8.11.218.32 2048 Bytes 17.03.2015 08:20:53
XBV00161.VDF : 8.11.218.34 18432 Bytes 17.03.2015 08:20:53
XBV00162.VDF : 8.11.218.38 26112 Bytes 18.03.2015 08:20:53
XBV00163.VDF : 8.11.218.46 4096 Bytes 18.03.2015 08:20:53
LOCAL000.VDF : 8.11.218.46 124750336 Bytes 18.03.2015 08:21:04
Engineversion : 8.3.30.2
AEVDF.DLL : 8.3.1.6 133992 Bytes 22.08.2014 09:20:45
AESCRIPT.DLL : 8.2.2.58 560248 Bytes 17.03.2015 14:35:36
AESCN.DLL : 8.3.2.2 139456 Bytes 10.08.2014 12:36:36
AESBX.DLL : 8.2.20.34 1615784 Bytes 04.03.2015 14:59:01
AERDL.DLL : 8.2.1.20 731040 Bytes 11.02.2015 15:57:12
AEPACK.DLL : 8.4.0.62 793456 Bytes 20.02.2015 20:05:25
AEOFFICE.DLL : 8.3.1.14 354216 Bytes 12.03.2015 12:27:51
AEMOBILE.DLL : 8.1.7.0 281456 Bytes 12.03.2015 12:27:52
AEHEUR.DLL : 8.1.4.1578 8137584 Bytes 08.03.2015 13:05:20
AEHELP.DLL : 8.3.1.0 278728 Bytes 28.05.2014 14:45:12
AEGEN.DLL : 8.1.7.40 456608 Bytes 01.01.2015 15:27:49
AEEXP.DLL : 8.4.2.70 255904 Bytes 09.02.2015 07:38:04
AEEMU.DLL : 8.1.3.4 399264 Bytes 10.08.2014 12:36:31
AEDROID.DLL : 8.4.3.116 1050536 Bytes 12.03.2015 12:27:52
AECORE.DLL : 8.3.4.0 243624 Bytes 01.01.2015 15:27:48
AEBB.DLL : 8.1.2.0 60448 Bytes 10.08.2014 12:36:31
AVWINLL.DLL : 15.0.8.650 25904 Bytes 05.03.2015 09:31:42
AVPREF.DLL : 15.0.8.650 52016 Bytes 05.03.2015 09:31:48
AVREP.DLL : 15.0.8.650 221432 Bytes 05.03.2015 09:31:48
AVARKT.DLL : 15.0.8.650 227120 Bytes 05.03.2015 09:31:43
AVEVTLOG.DLL : 15.0.8.650 183600 Bytes 05.03.2015 09:31:45
SQLITE3.DLL : 15.0.8.650 455472 Bytes 05.03.2015 09:32:19
AVSMTP.DLL : 15.0.8.650 79096 Bytes 05.03.2015 09:31:50
NETNT.DLL : 15.0.8.650 15152 Bytes 05.03.2015 09:32:14
RCIMAGE.DLL : 15.0.8.650 4864816 Bytes 05.03.2015 09:31:42
RCTEXT.DLL : 15.0.8.650 75056 Bytes 05.03.2015 09:31:42

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, Q:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +APPL,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Mittwoch, 18. März 2015 14:27

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, Q

'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
c:\windows\lastgood\system32\nvapi64.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvd3dumx.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvfbc64.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvifr64.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvinfo.pb
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvinitx.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvoglshim64.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvoglv64.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvumdshimx.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\nvwgf2umx.dll
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\drivers\nvlddmkm.sys
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\drivers\nvpciflt.sys
[HINWEIS] Die Datei ist nicht sichtbar.
c:\windows\lastgood\system32\drivers
[HINWEIS] Das Verzeichnis ist nicht sichtbar.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'ibmpmsvc.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '162' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'upeksvr.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcPrfMgrSvc.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'btwdins.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'CAMMUTE.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPKNRSVC.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'vcamsvc.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'lvvsst.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'NitroPDFDriverService2x64.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'pg_ctl.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPHKSVC.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'ULCDRSvr.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'WebUpdateSvc4.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'mini_WMCore.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'ZeroConfigService.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcSvc.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'MICMUTE.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPHKLOAD.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '206' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcDeskBandHlpr.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'SvcGuiHlpr.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'TpShocks.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'TpKnrres.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'Greenshot.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'RCIMGDIR.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'iusb3mon.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'MobileAccess.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'pcee4.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'virtscrl.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'tpnumlkd.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPONSCR.EXE' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPLpr.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'RunDll32.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtStackServer.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'SCHTASK.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'casino.exe' - '146' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll64.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'PokerStars.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'gameutil1.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'PokerStarsBr.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'PokerStarsBr.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'PokerStarsBr.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'FMAPP.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSCNotify.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'MacheenService.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'VIPAppService.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'PrivacyIconClient.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskmgr.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'PokerTracker4.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'PokerTrackerHud4.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'postgres.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '32' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2096' Dateien ).

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <Windows7_OS>
Beginne mit der Suche in 'Q:\' <Lenovo_Recovery>

Ende des Suchlaufs: Mittwoch, 18. März 2015 15:09
Benötigte Zeit: 42:16 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

77463 Verzeichnisse wurden überprüft
1359740 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1359740 Dateien ohne Befall
10485 Archive wurden durchsucht
0 Warnungen
13 Hinweise
1276799 Objekte wurden beim Rootkitscan durchsucht
13 Versteckte Objekte wurden gefunden

schrauber · 21.03.2015, 01:57

Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

fatalerror · 21.03.2015, 11:15

Vielen Dank für die schnelle Antwort!

Die beiden Files waren im Downloadordner, nicht auf dem Desktop (aber vermutlich unwichtig)
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by will (administrator) on WILL-THINK on 21-03-2015 11:06:22
Running from C:\Users\will\Downloads
Loaded Profiles: will & postgres (Available profiles: will & postgres)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Data Perceptions / PowerProgrammer) C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Lenovo) C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Tilt Breaker\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
() C:\Program Files (x86)\Tilt Breaker\rundll64.exe
() C:\Program Files (x86)\Tilt Breaker\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [64608 2012-05-30] (Lenovo)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-20] (Greenshot)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-07] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [MobileAccess] => C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [155864 2013-04-17] (Lenovo)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-30] (Google Inc.)
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\MountPoints2: {e12005c8-3ab5-11e2-aac9-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-30] (Google Inc.)
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\RunOnce: [Lenovo.ShowBand] => C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe /show
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\RunOnce: [] => [X]
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\MountPoints2: {e12005c8-3ab5-11e2-aac9-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-05] (NVIDIA Corporation)
IFEO\ACF.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\bwincom.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\casino.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\EmpirePokerMaster.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\FullTiltPoker.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\FullTiltPokerEU.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\FullTiltUK.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\Gamebookers.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\MainClient.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\mppoker.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\PartyGaming.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\PMU.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\PokerStars.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\WPT.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1349373112-78878798-3739382671-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deGI519
SearchScopes: HKU\S-1-5-21-1349373112-78878798-3739382671-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deGI519
SearchScopes: HKU\S-1-5-21-1349373112-78878798-3739382671-1003 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
SearchScopes: HKU\S-1-5-21-1349373112-78878798-3739382671-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-1349373112-78878798-3739382671-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-1349373112-78878798-3739382671-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5A717EF3-4720-4536-AF7F-0B199AB123D5}: [NameServer] 195.230.105.134 195.230.105.135

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-11-30]

Chrome: 
=======
CHR Profile: C:\Users\will\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-13]
CHR Extension: (Google Drive) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-13]
CHR Extension: (YouTube) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-13]
CHR Extension: (Google Search) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-13]
CHR Extension: (Avira Browser Safety) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-13]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [32480 2013-04-17] (Macheen)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-07] (NVIDIA Corporation)
R2 postgresql-x64-9.0; C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe [110592 2014-04-09] (PostgreSQL Global Development Group) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [49648 2015-01-15] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 WebUpdate4; C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [278800 2013-01-16] (Data Perceptions / PowerProgrammer)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [655400 2012-02-03] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-22] (MCCI Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-21 11:06 - 2015-03-21 11:06 - 00027722 _____ () C:\Users\will\Downloads\FRST.txt
2015-03-21 11:05 - 2015-03-21 11:06 - 00000000 ____D () C:\FRST
2015-03-21 11:05 - 2015-03-21 11:05 - 02095616 _____ (Farbar) C:\Users\will\Downloads\FRST64.exe
2015-03-20 23:38 - 2015-03-20 23:39 - 00000000 ____D () C:\Users\will\Desktop\mined hands zoom märz 15
2015-03-18 14:34 - 2015-03-21 11:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-18 14:33 - 2015-03-18 14:33 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-18 14:33 - 2015-03-18 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-18 14:33 - 2015-03-18 14:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-18 14:33 - 2015-03-18 14:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-18 14:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-18 14:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-18 14:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-18 14:31 - 2015-03-18 14:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\will\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-18 11:59 - 2015-03-18 11:59 - 00423785 _____ () C:\Users\will\Desktop\wtf.dib
2015-03-18 11:53 - 2015-03-18 11:53 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-03-18 11:53 - 2015-03-18 11:53 - 00000000 ____D () C:\Windows\system32\NV
2015-03-18 11:53 - 2015-03-18 11:53 - 00000000 ____D () C:\Users\will\AppData\Local\NVIDIA
2015-03-18 11:53 - 2015-02-05 10:16 - 31893704 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 24557768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 20989664 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 19972512 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 18518392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 17258696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 16890288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 14034224 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 13945976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 13045960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-18 11:53 - 2015-02-05 10:16 - 11398960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 11336944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 04292424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 04012744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 02876688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434520.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 01556680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434520.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00963784 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00934600 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00923848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00900240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-03-16 13:17 - 2015-03-16 13:18 - 00000000 ____D () C:\Users\will\Desktop\Neuer Ordner (3)
2015-03-14 22:27 - 2015-03-15 00:48 - 00000000 ____D () C:\Users\will\Desktop\Neuer Ordner
2015-03-12 13:30 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-12 13:30 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-12 13:30 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-12 13:30 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-12 13:30 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-12 13:30 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-12 13:30 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-12 13:30 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-12 13:30 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-12 13:30 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-12 13:30 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-12 13:30 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-12 13:30 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-12 13:30 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-12 13:30 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-12 13:30 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-12 13:30 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-12 13:30 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-12 13:30 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-12 13:30 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-12 13:30 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-12 13:30 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-12 13:30 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-12 13:30 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-12 13:30 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-12 13:30 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-12 13:30 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-12 13:30 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-12 13:30 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-12 13:30 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-12 13:30 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-12 13:30 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-12 13:30 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-12 13:30 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-12 13:30 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-12 13:30 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-12 13:29 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-12 13:29 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-12 13:29 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-12 13:29 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-12 13:29 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-12 13:29 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-12 13:29 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-12 13:29 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-12 13:29 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-12 13:29 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-12 13:29 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-12 13:29 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-12 13:29 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-12 13:29 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-12 13:29 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-12 13:29 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-12 13:29 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-12 13:29 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-12 13:29 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-12 13:29 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-12 13:29 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-12 13:29 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-12 13:29 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-12 13:29 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-12 13:29 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-12 13:29 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-12 13:29 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-12 13:29 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-12 13:29 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-12 13:29 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-12 13:29 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-12 13:29 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-12 13:29 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-12 13:29 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-12 13:29 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-12 13:29 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-12 13:29 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-12 13:29 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-12 13:29 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-12 13:29 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-12 13:29 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-12 13:29 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-12 13:29 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-12 13:29 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-12 13:29 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-12 13:29 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-12 13:29 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-12 13:29 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-12 13:29 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-12 13:29 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-12 13:29 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-12 13:29 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-12 13:29 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-12 13:29 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-12 13:29 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-12 13:29 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-12 13:29 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-12 13:29 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-12 13:29 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-12 13:29 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-12 13:29 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-12 13:29 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-12 13:29 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-12 13:29 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-12 13:29 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-12 13:29 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-12 13:29 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-12 13:29 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-12 13:29 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-12 13:29 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-12 13:29 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 13:29 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-12 13:29 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-12 13:29 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-12 13:29 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-12 13:29 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-12 13:29 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-03 21:54 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:54 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:54 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:54 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-26 00:45 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 00:45 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-19 14:10 - 2015-02-19 14:11 - 00000000 ____D () C:\Users\will\Desktop\echsen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-21 11:04 - 2013-01-04 22:55 - 00000000 ____D () C:\Users\will\AppData\Roaming\Nitro PDF
2015-03-21 11:04 - 2012-11-30 07:33 - 02077698 _____ () C:\Windows\WindowsUpdate.log
2015-03-21 11:02 - 2012-11-30 07:34 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-21 11:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-21 11:01 - 2009-07-14 05:51 - 00165756 _____ () C:\Windows\setupact.log
2015-03-21 10:57 - 2012-11-30 16:14 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-03-21 10:57 - 2012-11-30 16:14 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-03-21 10:57 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-21 10:55 - 2014-05-23 15:21 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2015-03-21 10:34 - 2012-11-30 07:34 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-21 10:24 - 2014-11-03 19:00 - 00000000 ____D () C:\Users\will\AppData\Local\PokerStars.UK
2015-03-21 09:50 - 2009-07-14 05:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-21 09:50 - 2009-07-14 05:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-20 00:54 - 2013-01-04 17:27 - 00000000 ____D () C:\Users\will\AppData\Local\MobileAccess
2015-03-19 09:43 - 2013-01-15 16:46 - 00000000 ____D () C:\Users\postgres
2015-03-19 09:43 - 2010-11-21 04:47 - 00551862 _____ () C:\Windows\PFRO.log
2015-03-18 11:53 - 2014-02-11 17:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-18 11:53 - 2014-02-11 17:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-18 11:53 - 2014-02-11 17:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-18 11:53 - 2012-11-30 07:28 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-15 10:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-15 09:39 - 2013-01-04 17:27 - 00000000 ____D () C:\Users\will
2015-03-15 09:39 - 2009-07-14 05:45 - 00320584 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-15 09:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-15 09:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-15 09:21 - 2013-08-14 19:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-15 09:15 - 2013-01-21 14:05 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-12 13:31 - 2013-04-15 17:00 - 00000000 ____D () C:\Program Files (x86)\Tilt Breaker
2015-03-12 13:29 - 2013-04-15 17:00 - 00002268 _____ () C:\Windows\System32\Tasks\TiltBreaker
2015-03-09 10:51 - 2014-11-04 11:01 - 00000000 ____D () C:\Program Files (x86)\Full Tilt UK
2015-03-09 00:35 - 2013-04-15 17:00 - 00000000 ____D () C:\Users\will\AppData\Local\TiltBreaker
2015-03-05 10:31 - 2013-05-06 11:32 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-05 10:31 - 2013-03-20 11:37 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-05 10:31 - 2013-03-20 11:37 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-04 09:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-03 12:10 - 2014-11-04 11:01 - 00000000 ____D () C:\Users\will\AppData\Local\FullTilt UK
2015-02-28 08:36 - 2013-08-08 09:03 - 00000000 ____D () C:\Users\will\AppData\Local\Greenshot
2015-02-25 08:41 - 2013-04-15 17:00 - 00001972 _____ () C:\Users\Public\Desktop\Configure Tilt Breaker.lnk
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-20 09:02 - 2013-01-15 16:22 - 00000000 ____D () C:\Program Files (x86)\PokerStars

==================== Files in the root of some directories =======

2013-01-15 16:46 - 2013-01-15 16:46 - 0069226 _____ () C:\Program Files (x86)\hminstalllog.txt
2015-01-26 21:28 - 2015-01-26 21:28 - 0007607 _____ () C:\Users\will\AppData\Local\Resmon.ResmonCfg
2014-10-25 19:21 - 2014-10-25 19:21 - 54051224 _____ () C:\Users\will\AppData\Local\TempFullTiltPokerEuSetup.exe
2014-11-04 10:39 - 2014-11-04 10:39 - 51027168 _____ () C:\Users\will\AppData\Local\TempFullTiltUkSetup.exe
2014-05-20 16:57 - 2014-05-16 21:32 - 0031922 _____ () C:\Users\will\AppData\Local\Temppt4TempNonAsciiFile
2014-05-18 11:21 - 2014-05-18 11:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-01-14 21:38 - 2013-01-14 21:38 - 0004931 _____ () C:\ProgramData\flwjycbm.bab
2014-04-25 11:26 - 2014-05-18 10:44 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-01-04 17:29 - 2014-01-16 10:10 - 0000313 _____ () C:\ProgramData\LastUpdate.xml
2014-10-26 13:29 - 2014-10-26 13:29 - 0004951 _____ () C:\ProgramData\lrbivjdu.eai

Some content of TEMP:
====================
C:\Users\will\AppData\Local\Temp\avgnt.exe
C:\Users\will\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\will\AppData\Local\Temp\TiltBreakerSetup_1.787.1.0_0.exe
C:\Users\will\AppData\Local\Temp\TiltBreakerSetup_1.790.1.0_0.exe
C:\Users\will\AppData\Local\Temp\TiltBreakerSetup_1.792.1.0_0.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 10:40

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by will at 2015-03-21 11:06:43
Running from C:\Users\will\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

24hPoker (HKLM-x32\...\24hPoker (Poker)) (Version: 16.6.2.11243 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.72.00 - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Betfair.com Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Betfair.com Poker) (Version:  - )
Betfair.com Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Betfair.com Poker) (Version:  - )
Boylepoker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\boylepoker) (Version:  - )
Boylepoker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\boylepoker) (Version:  - )
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
bwin Poker (HKLM-x32\...\bwincomPoker) (Version:  - bwincom)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{517FAF1E-3045-49DE-8079-107C2851389E}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.392 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.32 - )
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)
Full Tilt UK (HKLM-x32\...\{31967082-7E6A-42A3-9740-6F9065509BD6}) (Version: 5.22.51.WIN.FullTilt.UK - )
Gala Casino Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Gala Casino Poker) (Version:  - )
Gala Casino Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Gala Casino Poker) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.1.5.2643 (HKLM\...\Greenshot_is1) (Version: 1.1.5.2643 - Greenshot)
Holdem Manager (HKLM-x32\...\HoldemManager) (Version:  - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Mobile Access (HKLM-x32\...\{4DD171A1-70FB-48EE-8844-98A7AA4C8DCC}) (Version: 3.2.30417.1301 - Lenovo)
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0027 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0020.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.1.1.0 - Ericsson AB)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)
PokerJuice (HKLM-x32\...\PokerJuice) (Version: 1.1.24 - Pokerjuice ApS)
PokerJuice (x32 Version: 1.1.24 - Pokerjuice ApS) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version:  - )
PostgreSQL 9.0  (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
ProPokerTools Odds Oracle 2.2.7 (HKLM\...\5992-1726-3179-3433) (Version: 2.2.7 - ProPokerTools)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.1.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.34.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo)
Tilt Breaker (HKLM-x32\...\Tilt Breaker) (Version:  - )
Titan Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Titan Poker) (Version:  - )
Titan Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Titan Poker) (Version:  - )
Unibet (HKLM-x32\...\unibetpoker (Poker)) (Version: 16.6.2.11243 - )
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {276BB629-0199-42BF-BAC6-BC90F1E8D19B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {2CE61EA3-8367-4FF4-A9EB-260BEA30B8C6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {361D271E-0CA4-4E86-9A1C-4FA94E7BC674} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {7B081EB6-5600-4F79-AADF-C66BF383D857} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7F452686-DE07-4D63-84D8-1D7B65417FA1} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-15] (Lenovo Group Limited)
Task: {87F6F9F9-C663-4C70-965E-91B20D563A71} - System32\Tasks\{D52DB24F-08D2-488F-9247-3BFED14AB565} => pcalua.exe -a "C:\Users\will\Downloads\Win64_15338 (1).exe" -d C:\Users\will\Downloads
Task: {9617293C-8EDB-4EE6-9BE4-1E5596597BC6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {9DBFFE45-F5F5-4D6B-8105-346F005DC893} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-01-15] ()
Task: {DEDE3A73-2DCF-4B3A-B2B9-BB2E092640A7} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {E189D715-D336-4134-BE7B-A5EA793C9D02} - System32\Tasks\TiltBreaker => Rundll32.exe /startup
Task: {F2B717F4-1F1A-40CE-929B-DD780FE04DD9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {F5187D26-0CA5-4C6D-84CB-4091AB02304C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-02-11 17:14 - 2015-02-05 10:16 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-22 21:04 - 2014-04-09 10:23 - 00218624 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll
2014-05-22 21:04 - 2012-08-14 13:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll
2012-11-30 07:29 - 2012-05-15 22:32 - 00103936 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-03-11 14:17 - 2015-03-11 14:17 - 00106616 _____ () C:\Program Files (x86)\Tilt Breaker\TiltBreakerLib64.dll
2012-11-30 07:27 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-11 17:17 - 2015-02-04 21:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-11 14:17 - 2015-03-11 14:17 - 03699320 _____ () C:\Program Files (x86)\Tilt Breaker\rundll32.exe
2015-03-11 14:17 - 2015-03-11 14:17 - 00182392 _____ () C:\Program Files (x86)\Tilt Breaker\rundll64.exe
2012-11-30 07:29 - 2011-08-02 04:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2012-11-30 07:29 - 2011-08-02 04:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2012-11-30 07:27 - 2011-07-13 10:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2012-05-30 17:32 - 2012-05-30 17:32 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2014-02-11 17:14 - 2015-02-05 10:16 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-11 14:17 - 2015-03-11 14:17 - 00566392 _____ () C:\Program Files (x86)\Tilt Breaker\TiltBreakerLib.dll
2011-10-04 07:41 - 2011-10-04 07:41 - 00570947 _____ () C:\Program Files (x86)\Tilt Breaker\sqlite3.dll
2012-11-30 07:25 - 2012-02-21 04:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-03-14 10:36 - 2015-03-07 07:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libglesv2.dll
2015-03-14 10:36 - 2015-03-07 07:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libegl.dll
2015-03-14 10:36 - 2015-03-07 07:13 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1349373112-78878798-3739382671-500 - Administrator - Disabled)
Gast (S-1-5-21-1349373112-78878798-3739382671-501 - Limited - Disabled)
postgres (S-1-5-21-1349373112-78878798-3739382671-1003 - Limited - Enabled) => C:\Users\postgres
will (S-1-5-21-1349373112-78878798-3739382671-1001 - Administrator - Enabled) => C:\Users\will

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2015 11:03:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x174c
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (03/21/2015 11:01:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 10:59:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xb1c
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (03/21/2015 10:57:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x2100
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (03/21/2015 10:57:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x32a0
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (03/21/2015 10:56:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x20d0
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (03/21/2015 10:56:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x34c8
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (03/21/2015 09:43:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:52:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: casino.exe, Version: 11.2.36.0, Zeitstempel: 0x50bf1588
Name des fehlerhaften Moduls: nvssd450.dll, Version: 0.0.0.0, Zeitstempel: 0x46ff1d16
Ausnahmecode: 0x40000015
Fehleroffset: 0x000ec90f
ID des fehlerhaften Prozesses: 0x12d4
Startzeit der fehlerhaften Anwendung: 0xcasino.exe0
Pfad der fehlerhaften Anwendung: casino.exe1
Pfad des fehlerhaften Moduls: casino.exe2
Berichtskennung: casino.exe3

Error: (03/20/2015 09:53:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/21/2015 11:01:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/21/2015 09:43:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/20/2015 07:20:25 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (03/20/2015 09:53:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/19/2015 09:43:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/18/2015 09:15:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/17/2015 07:01:17 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (03/17/2015 09:30:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/16/2015 02:18:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (03/16/2015 10:42:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/21/2015 11:03:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011deunknown0.0.0.000000000c00000050000000000000000174c01d063be48903b8dD:\FRST64.exeunknown87808193-cfb1-11e4-b309-74e543c704cf

Error: (03/21/2015 11:01:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2015 10:59:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011deunknown0.0.0.000000000c00000050000000000000000b1c01d063bda7e08238D:\FRST64.exeunknowne5b5847d-cfb0-11e4-9a8a-74e543c704cf

Error: (03/21/2015 10:57:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011deunknown0.0.0.000000000c00000050000000000000000210001d063bd75a07826D:\FRST64.exeunknownb3838ccb-cfb0-11e4-9a8a-74e543c704cf

Error: (03/21/2015 10:57:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011deunknown0.0.0.000000000c0000005000000000000000032a001d063bd6550a9b1D:\FRST64.exeunknowna33ac351-cfb0-11e4-9a8a-74e543c704cf

Error: (03/21/2015 10:56:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011deunknown0.0.0.000000000c0000005000000000000000020d001d063bd597b0275D:\FRST64.exeunknown976eb929-cfb0-11e4-9a8a-74e543c704cf

Error: (03/21/2015 10:56:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011deunknown0.0.0.000000000c0000005000000000000000034c801d063bd4c1343a5D:\FRST64.exeunknown8aefb011-cfb0-11e4-9a8a-74e543c704cf

Error: (03/21/2015 09:43:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:52:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: casino.exe11.2.36.050bf1588nvssd450.dll0.0.0.046ff1d1640000015000ec90f12d401d062eb790f2e61C:\Poker\Boylepoker\casino.exeC:\Poker\Boylepoker\nvssd450.dllc24093c7-cee6-11e4-ab59-74e543c704cf

Error: (03/20/2015 09:53:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-03-15 14:40:53.975
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-15 14:40:52.883
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-25 15:33:00.338
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-25 15:32:59.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-05 11:22:26.207
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-05 11:22:25.060
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-03 12:36:49.825
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-03 12:36:48.673
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 12:15:11.239
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-30 15:57:20.450
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Percentage of memory in use: 18%
Total physical RAM: 16080.79 MB
Available physical RAM: 13074.57 MB
Total Pagefile: 32159.77 MB
Available Pagefile: 24836.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:34.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Elements) (Fixed) (Total:298.09 GB) (Free:184.03 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:1.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 54B82B8B)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 00061ADE)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 21.03.2015, 21:15

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

fatalerror · 21.03.2015, 22:31

Vielen Dank.

Als ich Malwarebytes Anti-Rootkit installieren wollte, kam folgende Meldung

Ich habe auf "nein" geklickt und bin weiter den Anleitungen gefolgt. Hier sind die Logs von Malwarebytes Anti-Rootkit und TDSSKiller. Letzterer moniert postgresql-x64-9.0 (UnsignedFile.Multi.Generic). PostgreSQL nutze ich allerdings schon sehr lange auf diesem Computer.

Die Logs sind scheinbar zu groß für das Forum. Deshalb habe ich sie angehängt.

schrauber · 22.03.2015, 11:31

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

fatalerror · 22.03.2015, 12:53

Alles klar. Vielen Dank für die schnelle Antwort. Hier die Logs:

Code:

ATTFilter

21:49:05.0706 0x0398  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:49:11.0812 0x0398  ============================================================
21:49:11.0812 0x0398  Current date / time: 2015/03/21 21:49:11.0812
21:49:11.0812 0x0398  SystemInfo:
21:49:11.0812 0x0398  
21:49:11.0812 0x0398  OS Version: 6.1.7601 ServicePack: 1.0
21:49:11.0813 0x0398  Product type: Workstation
21:49:11.0813 0x0398  ComputerName: WILL-THINK
21:49:11.0813 0x0398  UserName: will
21:49:11.0813 0x0398  Windows directory: C:\Windows
21:49:11.0813 0x0398  System windows directory: C:\Windows
21:49:11.0813 0x0398  Running under WOW64
21:49:11.0813 0x0398  Processor architecture: Intel x64
21:49:11.0813 0x0398  Number of processors: 4
21:49:11.0813 0x0398  Page size: 0x1000
21:49:11.0813 0x0398  Boot type: Normal boot
21:49:11.0813 0x0398  ============================================================
21:49:11.0907 0x0398  KLMD registered as C:\Windows\system32\drivers\91920987.sys
21:49:12.0004 0x0398  System UUID: {7296B3DA-AF65-F0A1-15CD-B3439A4EFD61}
21:49:12.0355 0x0398  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:49:12.0356 0x0398  Drive \Device\Harddisk1\DR2 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:49:12.0400 0x0398  ============================================================
21:49:12.0400 0x0398  \Device\Harddisk0\DR0:
21:49:12.0401 0x0398  MBR partitions:
21:49:12.0401 0x0398  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
21:49:12.0401 0x0398  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x190DD000
21:49:12.0401 0x0398  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x193CB800, BlocksNum 0x1B58000
21:49:12.0401 0x0398  \Device\Harddisk1\DR2:
21:49:12.0401 0x0398  MBR partitions:
21:49:12.0401 0x0398  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542E2B0
21:49:12.0401 0x0398  ============================================================
21:49:12.0403 0x0398  C: <-> \Device\Harddisk0\DR0\Partition2
21:49:12.0403 0x0398  Q: <-> \Device\Harddisk0\DR0\Partition3
21:49:12.0463 0x0398  D: <-> \Device\Harddisk1\DR2\Partition1
21:49:12.0463 0x0398  ============================================================
21:49:12.0463 0x0398  Initialize success
21:49:12.0463 0x0398  ============================================================
21:49:15.0918 0xb348  ============================================================
21:49:15.0918 0xb348  Scan started
21:49:15.0918 0xb348  Mode: Manual; 
21:49:15.0918 0xb348  ============================================================
21:49:15.0918 0xb348  KSN ping started
21:49:25.0944 0xb348  KSN ping finished: true
21:49:26.0616 0xb348  ================ Scan system memory ========================
21:49:26.0616 0xb348  System memory - ok
21:49:26.0616 0xb348  ================ Scan services =============================
21:49:26.0648 0xb348  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:49:26.0653 0xb348  1394ohci - ok
21:49:26.0672 0xb348  [ 1F305C858E7B5E537C9B783D46243A7A, 0DA7B31949C48FB42DBF61EC71ACCFD1CEB3B6135DC3FA0FEC4A9DE25A1405BA ] 5U877           C:\Windows\system32\DRIVERS\5U877.sys
21:49:26.0676 0xb348  5U877 - ok
21:49:26.0686 0xb348  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:49:26.0692 0xb348  ACPI - ok
21:49:26.0695 0xb348  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:49:26.0696 0xb348  AcpiPmi - ok
21:49:26.0703 0xb348  [ 2540FC407E5CCBEEB981755A3B6AFF58, 352520A8E601DEEE45928918216D86775C33E21144F09B807C3E459434062088 ] AcPrfMgrSvc     C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
21:49:26.0706 0xb348  AcPrfMgrSvc - ok
21:49:26.0712 0xb348  [ 5463D786E083B8D50CF44FFF0926CECA, DC9F9D1618B9E604B3AA8685A929B36CEE7847238D4D64B2E0A1B0E4FDC0F3A2 ] AcSvc           C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
21:49:26.0716 0xb348  AcSvc - ok
21:49:26.0720 0xb348  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:49:26.0722 0xb348  AdobeARMservice - ok
21:49:26.0732 0xb348  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:49:26.0739 0xb348  adp94xx - ok
21:49:26.0747 0xb348  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:49:26.0752 0xb348  adpahci - ok
21:49:26.0758 0xb348  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:49:26.0761 0xb348  adpu320 - ok
21:49:26.0766 0xb348  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:49:26.0767 0xb348  AeLookupSvc - ok
21:49:26.0777 0xb348  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:49:26.0785 0xb348  AFD - ok
21:49:26.0788 0xb348  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:49:26.0790 0xb348  agp440 - ok
21:49:26.0793 0xb348  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:49:26.0795 0xb348  ALG - ok
21:49:26.0799 0xb348  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:49:26.0800 0xb348  aliide - ok
21:49:26.0802 0xb348  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:49:26.0803 0xb348  amdide - ok
21:49:26.0807 0xb348  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:49:26.0808 0xb348  AmdK8 - ok
21:49:26.0811 0xb348  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:49:26.0813 0xb348  AmdPPM - ok
21:49:26.0817 0xb348  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:49:26.0819 0xb348  amdsata - ok
21:49:26.0824 0xb348  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:49:26.0827 0xb348  amdsbs - ok
21:49:26.0830 0xb348  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:49:26.0831 0xb348  amdxata - ok
21:49:26.0843 0xb348  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:49:26.0848 0xb348  AntiVirSchedulerService - ok
21:49:26.0857 0xb348  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:49:26.0863 0xb348  AntiVirService - ok
21:49:26.0866 0xb348  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
21:49:26.0868 0xb348  AppID - ok
21:49:26.0871 0xb348  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:49:26.0872 0xb348  AppIDSvc - ok
21:49:26.0876 0xb348  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:49:26.0878 0xb348  Appinfo - ok
21:49:26.0883 0xb348  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:49:26.0887 0xb348  AppMgmt - ok
21:49:26.0890 0xb348  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:49:26.0892 0xb348  arc - ok
21:49:26.0896 0xb348  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:49:26.0898 0xb348  arcsas - ok
21:49:26.0909 0xb348  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:49:26.0910 0xb348  aspnet_state - ok
21:49:26.0913 0xb348  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:49:26.0914 0xb348  AsyncMac - ok
21:49:26.0917 0xb348  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:49:26.0918 0xb348  atapi - ok
21:49:26.0931 0xb348  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:49:26.0940 0xb348  AudioEndpointBuilder - ok
21:49:26.0953 0xb348  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:49:26.0961 0xb348  AudioSrv - ok
21:49:26.0966 0xb348  [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:49:26.0968 0xb348  avgntflt - ok
21:49:26.0972 0xb348  [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:49:26.0974 0xb348  avipbb - ok
21:49:26.0977 0xb348  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:49:26.0978 0xb348  avkmgr - ok
21:49:26.0983 0xb348  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:49:26.0985 0xb348  AxInstSV - ok
21:49:26.0995 0xb348  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:49:27.0001 0xb348  b06bdrv - ok
21:49:27.0008 0xb348  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:49:27.0013 0xb348  b57nd60a - ok
21:49:27.0019 0xb348  [ F01759FA97126CC69DFA85CEDA0717A1, 5B23B61562349D13311B7FCF783BDC9439698DACA5724B83B3568121497C7FC8 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
21:49:27.0022 0xb348  bcbtums - ok
21:49:27.0026 0xb348  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:49:27.0028 0xb348  BDESVC - ok
21:49:27.0030 0xb348  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:49:27.0031 0xb348  Beep - ok
21:49:27.0045 0xb348  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:49:27.0055 0xb348  BFE - ok
21:49:27.0071 0xb348  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:49:27.0082 0xb348  BITS - ok
21:49:27.0085 0xb348  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:49:27.0086 0xb348  blbdrive - ok
21:49:27.0090 0xb348  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:49:27.0092 0xb348  bowser - ok
21:49:27.0095 0xb348  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:49:27.0095 0xb348  BrFiltLo - ok
21:49:27.0098 0xb348  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:49:27.0099 0xb348  BrFiltUp - ok
21:49:27.0103 0xb348  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:49:27.0106 0xb348  Browser - ok
21:49:27.0112 0xb348  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:49:27.0117 0xb348  Brserid - ok
21:49:27.0120 0xb348  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:49:27.0121 0xb348  BrSerWdm - ok
21:49:27.0124 0xb348  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:49:27.0125 0xb348  BrUsbMdm - ok
21:49:27.0127 0xb348  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:49:27.0128 0xb348  BrUsbSer - ok
21:49:27.0132 0xb348  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:49:27.0133 0xb348  BthEnum - ok
21:49:27.0136 0xb348  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:49:27.0138 0xb348  BTHMODEM - ok
21:49:27.0142 0xb348  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:49:27.0144 0xb348  BthPan - ok
21:49:27.0155 0xb348  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:49:27.0163 0xb348  BTHPORT - ok
21:49:27.0167 0xb348  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:49:27.0169 0xb348  bthserv - ok
21:49:27.0172 0xb348  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:49:27.0174 0xb348  BTHUSB - ok
21:49:27.0185 0xb348  [ 3AFF6DC496B8A8D12C867E3FC7C86FAC, 72541F7F9AF6278B8F19F2DBCCADC4FF47171866E04FB5A1010D9AFDF69F7D11 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
21:49:27.0194 0xb348  btwampfl - ok
21:49:27.0200 0xb348  [ 336BBA0909B3636AB7D06A71D7B1C0DC, 3BC7593272101C340681A9909F9215580F8942DA54E9B251E3AC35B8D39D9B89 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
21:49:27.0203 0xb348  btwaudio - ok
21:49:27.0209 0xb348  [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
21:49:27.0212 0xb348  btwavdt - ok
21:49:27.0231 0xb348  [ 26A80D7ACA49E03A403806418B5FED46, 52539FC9F5796002FD66393C759393717E3E242392B2E9039AD12B6D973B78BD ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
21:49:27.0244 0xb348  btwdins - ok
21:49:27.0248 0xb348  [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
21:49:27.0249 0xb348  btwl2cap - ok
21:49:27.0252 0xb348  [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
21:49:27.0253 0xb348  btwrchid - ok
21:49:27.0257 0xb348  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:49:27.0259 0xb348  cdfs - ok
21:49:27.0263 0xb348  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:49:27.0266 0xb348  cdrom - ok
21:49:27.0270 0xb348  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:49:27.0272 0xb348  CertPropSvc - ok
21:49:27.0275 0xb348  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:49:27.0276 0xb348  circlass - ok
21:49:27.0284 0xb348  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:49:27.0289 0xb348  CLFS - ok
21:49:27.0295 0xb348  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:49:27.0297 0xb348  clr_optimization_v2.0.50727_32 - ok
21:49:27.0301 0xb348  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:49:27.0303 0xb348  clr_optimization_v2.0.50727_64 - ok
21:49:27.0312 0xb348  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:49:27.0313 0xb348  clr_optimization_v4.0.30319_32 - ok
21:49:27.0317 0xb348  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:49:27.0320 0xb348  clr_optimization_v4.0.30319_64 - ok
21:49:27.0322 0xb348  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:49:27.0323 0xb348  CmBatt - ok
21:49:27.0326 0xb348  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:49:27.0327 0xb348  cmdide - ok
21:49:27.0336 0xb348  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
21:49:27.0343 0xb348  CNG - ok
21:49:27.0346 0xb348  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:49:27.0347 0xb348  Compbatt - ok
21:49:27.0350 0xb348  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:49:27.0351 0xb348  CompositeBus - ok
21:49:27.0354 0xb348  COMSysApp - ok
21:49:27.0376 0xb348  [ EB726E02074FDC44EBE97E01A2660AA6, D4C64BF00D71BB7A3DB429EF8B648056067A3FE857F72DD9CE4944A1359BE05D ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:49:27.0381 0xb348  cphs - ok
21:49:27.0384 0xb348  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:49:27.0385 0xb348  crcdisk - ok
21:49:27.0392 0xb348  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:49:27.0396 0xb348  CryptSvc - ok
21:49:27.0407 0xb348  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:49:27.0416 0xb348  CSC - ok
21:49:27.0428 0xb348  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:49:27.0438 0xb348  CscService - ok
21:49:27.0450 0xb348  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:49:27.0457 0xb348  DcomLaunch - ok
21:49:27.0464 0xb348  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:49:27.0469 0xb348  defragsvc - ok
21:49:27.0473 0xb348  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:49:27.0475 0xb348  DfsC - ok
21:49:27.0481 0xb348  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:49:27.0487 0xb348  Dhcp - ok
21:49:27.0490 0xb348  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:49:27.0491 0xb348  discache - ok
21:49:27.0494 0xb348  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:49:27.0496 0xb348  Disk - ok
21:49:27.0499 0xb348  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:49:27.0501 0xb348  dmvsc - ok
21:49:27.0506 0xb348  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:49:27.0509 0xb348  Dnscache - ok
21:49:27.0515 0xb348  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:49:27.0520 0xb348  dot3svc - ok
21:49:27.0528 0xb348  [ 9597BCB69286FF017DB1A0FB8144408D, B477E4E7C3B49A77075B3165079E29FF1908C81E2BCCB930B47DCCF7DA5C417C ] DozeSvc         C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
21:49:27.0533 0xb348  DozeSvc - ok
21:49:27.0538 0xb348  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:49:27.0541 0xb348  DPS - ok
21:49:27.0543 0xb348  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:49:27.0544 0xb348  drmkaud - ok
21:49:27.0561 0xb348  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:49:27.0575 0xb348  DXGKrnl - ok
21:49:27.0578 0xb348  [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64         C:\Windows\system32\DRIVERS\DzHDD64.sys
21:49:27.0579 0xb348  DzHDD64 - ok
21:49:27.0587 0xb348  [ 03F4C5C12FC1C69F838DA723475EF650, 7D80623ED1060F904AF85B87620DF8DC153504FABC0E447C1D3A07D0372D7B9F ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
21:49:27.0592 0xb348  e1cexpress - ok
21:49:27.0597 0xb348  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:49:27.0599 0xb348  EapHost - ok
21:49:27.0651 0xb348  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:49:27.0696 0xb348  ebdrv - ok
21:49:27.0702 0xb348  [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis       C:\Windows\system32\Drivers\wwuss64.sys
21:49:27.0703 0xb348  ecnssndis - ok
21:49:27.0706 0xb348  [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr   C:\Windows\system32\Drivers\wwussf64.sys
21:49:27.0707 0xb348  ecnssndisfltr - ok
21:49:27.0710 0xb348  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
21:49:27.0712 0xb348  EFS - ok
21:49:27.0724 0xb348  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:49:27.0735 0xb348  ehRecvr - ok
21:49:27.0739 0xb348  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:49:27.0741 0xb348  ehSched - ok
21:49:27.0751 0xb348  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:49:27.0759 0xb348  elxstor - ok
21:49:27.0763 0xb348  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:49:27.0763 0xb348  ErrDev - ok
21:49:27.0773 0xb348  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:49:27.0779 0xb348  EventSystem - ok
21:49:27.0792 0xb348  [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:49:27.0801 0xb348  EvtEng - ok
21:49:27.0807 0xb348  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:49:27.0810 0xb348  exfat - ok
21:49:27.0816 0xb348  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:49:27.0819 0xb348  fastfat - ok
21:49:27.0832 0xb348  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:49:27.0843 0xb348  Fax - ok
21:49:27.0846 0xb348  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:49:27.0847 0xb348  fdc - ok
21:49:27.0850 0xb348  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:49:27.0851 0xb348  fdPHost - ok
21:49:27.0854 0xb348  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:49:27.0855 0xb348  FDResPub - ok
21:49:27.0858 0xb348  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:49:27.0860 0xb348  FileInfo - ok
21:49:27.0863 0xb348  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:49:27.0864 0xb348  Filetrace - ok
21:49:27.0867 0xb348  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:49:27.0868 0xb348  flpydisk - ok
21:49:27.0874 0xb348  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:49:27.0879 0xb348  FltMgr - ok
21:49:27.0899 0xb348  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:49:27.0916 0xb348  FontCache - ok
21:49:27.0920 0xb348  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:49:27.0921 0xb348  FontCache3.0.0.0 - ok
21:49:27.0924 0xb348  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:49:27.0926 0xb348  FsDepends - ok
21:49:27.0929 0xb348  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:49:27.0930 0xb348  Fs_Rec - ok
21:49:27.0936 0xb348  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:49:27.0939 0xb348  fvevol - ok
21:49:27.0943 0xb348  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:49:27.0944 0xb348  gagp30kx - ok
21:49:27.0959 0xb348  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:49:27.0970 0xb348  gpsvc - ok
21:49:27.0975 0xb348  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:27.0976 0xb348  gupdate - ok
21:49:27.0980 0xb348  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:27.0981 0xb348  gupdatem - ok
21:49:27.0986 0xb348  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:49:27.0990 0xb348  gusvc - ok
21:49:27.0993 0xb348  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:49:27.0994 0xb348  hcw85cir - ok
21:49:28.0001 0xb348  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:49:28.0006 0xb348  HdAudAddService - ok
21:49:28.0011 0xb348  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:49:28.0013 0xb348  HDAudBus - ok
21:49:28.0016 0xb348  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:49:28.0017 0xb348  HidBatt - ok
21:49:28.0021 0xb348  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:49:28.0023 0xb348  HidBth - ok
21:49:28.0026 0xb348  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:49:28.0028 0xb348  HidIr - ok
21:49:28.0031 0xb348  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:49:28.0033 0xb348  hidserv - ok
21:49:28.0036 0xb348  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:49:28.0037 0xb348  HidUsb - ok
21:49:28.0041 0xb348  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:49:28.0043 0xb348  hkmsvc - ok
21:49:28.0049 0xb348  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:49:28.0053 0xb348  HomeGroupListener - ok
21:49:28.0058 0xb348  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:49:28.0062 0xb348  HomeGroupProvider - ok
21:49:28.0066 0xb348  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:49:28.0068 0xb348  HpSAMD - ok
21:49:28.0080 0xb348  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:49:28.0092 0xb348  HTTP - ok
21:49:28.0095 0xb348  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:49:28.0096 0xb348  hwpolicy - ok
21:49:28.0100 0xb348  [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc      C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
21:49:28.0103 0xb348  HyperW7Svc - ok
21:49:28.0107 0xb348  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:49:28.0109 0xb348  i8042prt - ok
21:49:28.0121 0xb348  [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
21:49:28.0128 0xb348  iaStor - ok
21:49:28.0137 0xb348  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:49:28.0143 0xb348  iaStorV - ok
21:49:28.0146 0xb348  [ 72B253CDBCAA10E88AAD0BA39CC83BCD, 95FDC0E622C215D912607DDFC3D703AE0D9505960F98A418F44B7A9FA675B996 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
21:49:28.0148 0xb348  IBMPMDRV - ok
21:49:28.0150 0xb348  [ 4925FFB084C9AD02E8EEF01FB18BF5AC, B08CC31F9DB444C7A3E1DE0B294A573A6F58F440D9ADF4062835320129E10FD0 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
21:49:28.0152 0xb348  IBMPMSVC - ok
21:49:28.0168 0xb348  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:49:28.0180 0xb348  idsvc - ok
21:49:28.0183 0xb348  IEEtwCollectorService - ok
21:49:28.0340 0xb348  [ B9857625DF8B539ABCB90E15B5716568, 99393C74D6C5BB1D3B7399C628DEF47641563A3A1118988597091B0735805F06 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:49:28.0463 0xb348  igfx - ok
21:49:28.0475 0xb348  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:49:28.0476 0xb348  iirsp - ok
21:49:28.0492 0xb348  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:49:28.0504 0xb348  IKEEXT - ok
21:49:28.0510 0xb348  [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:49:28.0511 0xb348  intaud_WaveExtensible - ok
21:49:28.0567 0xb348  [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:49:28.0617 0xb348  IntcAzAudAddService - ok
21:49:28.0627 0xb348  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:49:28.0633 0xb348  IntcDAud - ok
21:49:28.0645 0xb348  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:49:28.0654 0xb348  Intel(R) Capability Licensing Service Interface - ok
21:49:28.0658 0xb348  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:49:28.0659 0xb348  intelide - ok
21:49:28.0663 0xb348  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:49:28.0664 0xb348  intelppm - ok
21:49:28.0668 0xb348  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:49:28.0671 0xb348  IPBusEnum - ok
21:49:28.0674 0xb348  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:49:28.0676 0xb348  IpFilterDriver - ok
21:49:28.0686 0xb348  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:49:28.0695 0xb348  iphlpsvc - ok
21:49:28.0699 0xb348  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:49:28.0701 0xb348  IPMIDRV - ok
21:49:28.0705 0xb348  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:49:28.0707 0xb348  IPNAT - ok
21:49:28.0710 0xb348  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:49:28.0711 0xb348  IRENUM - ok
21:49:28.0714 0xb348  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:49:28.0715 0xb348  isapnp - ok
21:49:28.0721 0xb348  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:49:28.0726 0xb348  iScsiPrt - ok
21:49:28.0729 0xb348  [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:49:28.0730 0xb348  iusb3hcs - ok
21:49:28.0737 0xb348  [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:49:28.0743 0xb348  iusb3hub - ok
21:49:28.0757 0xb348  [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:49:28.0769 0xb348  iusb3xhc - ok
21:49:28.0773 0xb348  [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
21:49:28.0774 0xb348  iwdbus - ok
21:49:28.0779 0xb348  [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:49:28.0782 0xb348  jhi_service - ok
21:49:28.0786 0xb348  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:49:28.0787 0xb348  kbdclass - ok
21:49:28.0790 0xb348  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:49:28.0791 0xb348  kbdhid - ok
21:49:28.0794 0xb348  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
21:49:28.0795 0xb348  KeyIso - ok
21:49:28.0799 0xb348  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:49:28.0801 0xb348  KSecDD - ok
21:49:28.0805 0xb348  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:49:28.0808 0xb348  KSecPkg - ok
21:49:28.0811 0xb348  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:49:28.0812 0xb348  ksthunk - ok
21:49:28.0820 0xb348  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:49:28.0826 0xb348  KtmRm - ok
21:49:28.0830 0xb348  [ 3BE0319D6F9D5A0C4DDD037E0E19FFD4, 587F5FF690A40DD5F3F59CF8FA8FC8691846633462EB8220367F5193F5401CBE ] l36wgps         C:\Windows\system32\DRIVERS\l36wgps64.sys
21:49:28.0832 0xb348  l36wgps - ok
21:49:28.0839 0xb348  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:49:28.0844 0xb348  LanmanServer - ok
21:49:28.0848 0xb348  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:49:28.0852 0xb348  LanmanWorkstation - ok
21:49:28.0856 0xb348  [ 4A0235E9822B220339E34D8C122BB6D1, 75FE0158F4123E3252F543FED3F622547F32EE15B1ABA16C8D23405B6BAEBCE5 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
21:49:28.0857 0xb348  LENOVO.CAMMUTE - ok
21:49:28.0861 0xb348  [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
21:49:28.0863 0xb348  LENOVO.MICMUTE - ok
21:49:28.0865 0xb348  [ 93921A19D885755B9751C3744DBCB8FD, A1A59DE5819D2C4D4CEA4917DAB569925928165177F0B081D5C03BD6D7EFE3D2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
21:49:28.0867 0xb348  LENOVO.TPKNRSVC - ok
21:49:28.0872 0xb348  [ 79F99A4D59825839B7E563B4BCF52C5E, 3D7B1F292A36E8E4109557B880603B7BEB512457CC495F591DCE44EC34AA0E39 ] LENOVO.TVTVCAM  C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
21:49:28.0875 0xb348  LENOVO.TVTVCAM - ok
21:49:28.0879 0xb348  [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
21:49:28.0882 0xb348  Lenovo.VIRTSCRLSVC - ok
21:49:28.0885 0xb348  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:49:28.0887 0xb348  lltdio - ok
21:49:28.0894 0xb348  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:49:28.0899 0xb348  lltdsvc - ok
21:49:28.0902 0xb348  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:49:28.0903 0xb348  lmhosts - ok
21:49:28.0909 0xb348  [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:49:28.0913 0xb348  LMS - ok
21:49:28.0923 0xb348  [ 25F003B378E831514587DC6155781227, 7E68BED3721B9B917DDF215E572EEC4D1B30805CB8C274222450F65AA6B9D945 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
21:49:28.0928 0xb348  LSCWinService - ok
21:49:28.0933 0xb348  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:49:28.0935 0xb348  LSI_FC - ok
21:49:28.0939 0xb348  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:49:28.0941 0xb348  LSI_SAS - ok
21:49:28.0945 0xb348  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:49:28.0947 0xb348  LSI_SAS2 - ok
21:49:28.0950 0xb348  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:49:28.0953 0xb348  LSI_SCSI - ok
21:49:28.0958 0xb348  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:49:28.0960 0xb348  luafv - ok
21:49:28.0964 0xb348  [ FD998B716E1EBFE1174098FB9AA08635, FE010E7E3E583C3F3EC8D602B43C98CB91D047ED87E82B8D472E9C7391938E82 ] MacheenService  C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
21:49:28.0965 0xb348  MacheenService - ok
21:49:28.0968 0xb348  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:49:28.0969 0xb348  MBAMProtector - ok
21:49:29.0001 0xb348  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:49:29.0027 0xb348  MBAMScheduler - ok
21:49:29.0045 0xb348  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:49:29.0059 0xb348  MBAMService - ok
21:49:29.0065 0xb348  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:49:29.0067 0xb348  MBAMSwissArmy - ok
21:49:29.0070 0xb348  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:49:29.0071 0xb348  MBAMWebAccessControl - ok
21:49:29.0080 0xb348  [ 62732AF9512B911C330ACBBDBCC2F284, CBF2D4D21F96465FD693E2F3052675D1D7F23BE86098D08EF22E52D94E8C95E4 ] Mbm3CBus        C:\Windows\system32\DRIVERS\Mbm3CBus.sys
21:49:29.0087 0xb348  Mbm3CBus - ok
21:49:29.0095 0xb348  [ BDC2D259CA9CFCED092B3B0B8557322D, A2C50A5BAE7B3AB0C1D8057FD15DFAB3F8B653A8A8B78572926B9CCEE032A8EA ] Mbm3DevMt       C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
21:49:29.0102 0xb348  Mbm3DevMt - ok
21:49:29.0105 0xb348  [ E55689A5E9349182C24312EFC9DF09FB, 6FD98B61C764215402625412E9E3F214020257C09F25C3B21C70AA46EC39019D ] Mbm3mdfl        C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
21:49:29.0106 0xb348  Mbm3mdfl - ok
21:49:29.0116 0xb348  [ FC1059C857D7B1083086BE04DB5EE09C, BF55702BBB6A0152F63A30E0897C42ED3F51CC1AD78C49F3589D423591C031E8 ] Mbm3Mdm         C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
21:49:29.0123 0xb348  Mbm3Mdm - ok
21:49:29.0127 0xb348  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:49:29.0129 0xb348  Mcx2Svc - ok
21:49:29.0132 0xb348  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:49:29.0133 0xb348  megasas - ok
21:49:29.0139 0xb348  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:49:29.0144 0xb348  MegaSR - ok
21:49:29.0147 0xb348  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:49:29.0149 0xb348  MEIx64 - ok
21:49:29.0152 0xb348  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:49:29.0154 0xb348  MMCSS - ok
21:49:29.0157 0xb348  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:49:29.0158 0xb348  Modem - ok
21:49:29.0161 0xb348  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:49:29.0162 0xb348  monitor - ok
21:49:29.0165 0xb348  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:49:29.0167 0xb348  mouclass - ok
21:49:29.0169 0xb348  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:49:29.0170 0xb348  mouhid - ok
21:49:29.0174 0xb348  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:49:29.0176 0xb348  mountmgr - ok
21:49:29.0181 0xb348  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:49:29.0183 0xb348  mpio - ok
21:49:29.0187 0xb348  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:49:29.0189 0xb348  mpsdrv - ok
21:49:29.0204 0xb348  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:49:29.0217 0xb348  MpsSvc - ok
21:49:29.0222 0xb348  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:49:29.0225 0xb348  MRxDAV - ok
21:49:29.0230 0xb348  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:49:29.0232 0xb348  mrxsmb - ok
21:49:29.0239 0xb348  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:49:29.0244 0xb348  mrxsmb10 - ok
21:49:29.0248 0xb348  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:49:29.0251 0xb348  mrxsmb20 - ok
21:49:29.0254 0xb348  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:49:29.0255 0xb348  msahci - ok
21:49:29.0259 0xb348  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:49:29.0262 0xb348  msdsm - ok
21:49:29.0266 0xb348  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:49:29.0269 0xb348  MSDTC - ok
21:49:29.0274 0xb348  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:49:29.0275 0xb348  Msfs - ok
21:49:29.0278 0xb348  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:49:29.0279 0xb348  mshidkmdf - ok
21:49:29.0281 0xb348  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:49:29.0282 0xb348  msisadrv - ok
21:49:29.0287 0xb348  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:49:29.0290 0xb348  MSiSCSI - ok
21:49:29.0292 0xb348  msiserver - ok
21:49:29.0295 0xb348  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:49:29.0296 0xb348  MSKSSRV - ok
21:49:29.0298 0xb348  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:49:29.0299 0xb348  MSPCLOCK - ok
21:49:29.0301 0xb348  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:49:29.0302 0xb348  MSPQM - ok
21:49:29.0310 0xb348  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:49:29.0316 0xb348  MsRPC - ok
21:49:29.0320 0xb348  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:49:29.0321 0xb348  mssmbios - ok
21:49:29.0324 0xb348  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:49:29.0325 0xb348  MSTEE - ok
21:49:29.0329 0xb348  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:49:29.0330 0xb348  MTConfig - ok
21:49:29.0334 0xb348  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:49:29.0336 0xb348  Mup - ok
21:49:29.0342 0xb348  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:49:29.0346 0xb348  MyWiFiDHCPDNS - ok
21:49:29.0356 0xb348  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:49:29.0365 0xb348  napagent - ok
21:49:29.0372 0xb348  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:49:29.0377 0xb348  NativeWifiP - ok
21:49:29.0395 0xb348  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:49:29.0409 0xb348  NDIS - ok
21:49:29.0413 0xb348  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:49:29.0414 0xb348  NdisCap - ok
21:49:29.0417 0xb348  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:49:29.0418 0xb348  NdisTapi - ok
21:49:29.0421 0xb348  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:49:29.0422 0xb348  Ndisuio - ok
21:49:29.0428 0xb348  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:49:29.0431 0xb348  NdisWan - ok
21:49:29.0434 0xb348  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:49:29.0436 0xb348  NDProxy - ok
21:49:29.0439 0xb348  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:49:29.0440 0xb348  NetBIOS - ok
21:49:29.0446 0xb348  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:49:29.0450 0xb348  NetBT - ok
21:49:29.0453 0xb348  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
21:49:29.0454 0xb348  Netlogon - ok
21:49:29.0462 0xb348  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:49:29.0468 0xb348  Netman - ok
21:49:29.0478 0xb348  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:49:29.0481 0xb348  NetMsmqActivator - ok
21:49:29.0485 0xb348  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:49:29.0487 0xb348  NetPipeActivator - ok
21:49:29.0496 0xb348  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:49:29.0502 0xb348  netprofm - ok
21:49:29.0507 0xb348  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:49:29.0509 0xb348  NetTcpActivator - ok
21:49:29.0513 0xb348  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:49:29.0515 0xb348  NetTcpPortSharing - ok
21:49:29.0685 0xb348  [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
21:49:29.0844 0xb348  NETwNs64 - ok
21:49:29.0859 0xb348  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:49:29.0860 0xb348  nfrd960 - ok
21:49:29.0866 0xb348  [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
21:49:29.0870 0xb348  NitroDriverReadSpool2 - ok
21:49:29.0877 0xb348  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:49:29.0882 0xb348  NlaSvc - ok
21:49:29.0885 0xb348  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:49:29.0886 0xb348  Npfs - ok
21:49:29.0889 0xb348  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:49:29.0891 0xb348  nsi - ok
21:49:29.0893 0xb348  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:49:29.0894 0xb348  nsiproxy - ok
21:49:29.0924 0xb348  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:49:29.0948 0xb348  Ntfs - ok
21:49:29.0952 0xb348  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:49:29.0953 0xb348  Null - ok
21:49:30.0159 0xb348  [ 23FDD36706F27B9BAECE11E6C1804F00, 999F7C22C1FF24B17BF4767FA701863F3F9D7483AA200A7DE709DE272DA45DC0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:49:30.0352 0xb348  nvlddmkm - ok
21:49:30.0396 0xb348  [ E024300408694566DDF65AB5E004F880, EE3B7863F993952308BFD8E4BB39F4D107BC94C0B97ED2A5BAAB8F4C9A6A67D0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:49:30.0423 0xb348  NvNetworkService - ok
21:49:30.0428 0xb348  [ 98B1C3093E7012691882111DB7978103, 94396175E50ADF087FE06167B9AF676ADB7C6629D5A8736EA7BC4AAD4F88AB47 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
21:49:30.0429 0xb348  nvpciflt - ok
21:49:30.0434 0xb348  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:49:30.0437 0xb348  nvraid - ok
21:49:30.0442 0xb348  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:49:30.0445 0xb348  nvstor - ok
21:49:30.0462 0xb348  [ D80BAD4DF433124BAAF4ED975723B387, 915DD9AF4A87B6C823DA8992BAAED0E06210E712CE8E7F940D2E8B8D345A6113 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:49:30.0475 0xb348  nvsvc - ok
21:49:30.0480 0xb348  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:49:30.0483 0xb348  nv_agp - ok
21:49:30.0486 0xb348  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:49:30.0488 0xb348  ohci1394 - ok
21:49:30.0495 0xb348  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:49:30.0501 0xb348  p2pimsvc - ok
21:49:30.0510 0xb348  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:49:30.0517 0xb348  p2psvc - ok
21:49:30.0521 0xb348  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:49:30.0523 0xb348  Parport - ok
21:49:30.0528 0xb348  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:49:30.0530 0xb348  partmgr - ok
21:49:30.0535 0xb348  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:49:30.0539 0xb348  PcaSvc - ok
21:49:30.0544 0xb348  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:49:30.0547 0xb348  pci - ok
21:49:30.0550 0xb348  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:49:30.0551 0xb348  pciide - ok
21:49:30.0557 0xb348  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:49:30.0561 0xb348  pcmcia - ok
21:49:30.0564 0xb348  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:49:30.0565 0xb348  pcw - ok
21:49:30.0577 0xb348  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:49:30.0587 0xb348  PEAUTH - ok
21:49:30.0611 0xb348  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:49:30.0631 0xb348  PeerDistSvc - ok
21:49:30.0652 0xb348  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:49:30.0654 0xb348  PerfHost - ok
21:49:30.0659 0xb348  [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE          C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
21:49:30.0660 0xb348  PHCORE - ok
21:49:30.0683 0xb348  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:49:30.0704 0xb348  pla - ok
21:49:30.0714 0xb348  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:49:30.0720 0xb348  PlugPlay - ok
21:49:30.0724 0xb348  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:49:30.0725 0xb348  PNRPAutoReg - ok
21:49:30.0732 0xb348  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:49:30.0736 0xb348  PNRPsvc - ok
21:49:30.0747 0xb348  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:49:30.0755 0xb348  PolicyAgent - ok
21:49:30.0761 0xb348  [ 97409FF50403E1E83E3455BEB2E258D3, C16D10CC41820C34E3C9BACB06285E57B7656AA9F6D6D15CD79A19DBAA046771 ] postgresql-x64-9.0 C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
21:49:30.0764 0xb348  postgresql-x64-9.0 - ok
21:49:30.0768 0xb348  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
21:49:30.0772 0xb348  Power - ok
21:49:30.0800 0xb348  [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
21:49:30.0824 0xb348  Power Manager DBC Service - ok
21:49:30.0829 0xb348  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:49:30.0831 0xb348  PptpMiniport - ok
21:49:30.0835 0xb348  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:49:30.0836 0xb348  Processor - ok
21:49:30.0842 0xb348  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:49:30.0846 0xb348  ProfSvc - ok
21:49:30.0848 0xb348  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:49:30.0850 0xb348  ProtectedStorage - ok
21:49:30.0853 0xb348  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
21:49:30.0854 0xb348  psadd - ok
21:49:30.0858 0xb348  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:49:30.0861 0xb348  Psched - ok
21:49:30.0866 0xb348  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:49:30.0869 0xb348  PSI_SVC_2 - ok
21:49:30.0896 0xb348  [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc        C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
21:49:30.0920 0xb348  PwmEWSvc - ok
21:49:30.0947 0xb348  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:49:30.0968 0xb348  ql2300 - ok
21:49:30.0973 0xb348  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:49:30.0976 0xb348  ql40xx - ok
21:49:30.0982 0xb348  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:49:30.0986 0xb348  QWAVE - ok
21:49:30.0989 0xb348  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:49:30.0991 0xb348  QWAVEdrv - ok
21:49:30.0993 0xb348  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:49:30.0994 0xb348  RasAcd - ok
21:49:30.0998 0xb348  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:49:30.0999 0xb348  RasAgileVpn - ok
21:49:31.0003 0xb348  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:49:31.0006 0xb348  RasAuto - ok
21:49:31.0010 0xb348  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:49:31.0012 0xb348  Rasl2tp - ok
21:49:31.0020 0xb348  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:49:31.0025 0xb348  RasMan - ok
21:49:31.0030 0xb348  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:49:31.0032 0xb348  RasPppoe - ok
21:49:31.0035 0xb348  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:49:31.0037 0xb348  RasSstp - ok
21:49:31.0044 0xb348  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:49:31.0049 0xb348  rdbss - ok
21:49:31.0052 0xb348  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:49:31.0053 0xb348  rdpbus - ok
21:49:31.0055 0xb348  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:49:31.0056 0xb348  RDPCDD - ok
21:49:31.0062 0xb348  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:49:31.0065 0xb348  RDPDR - ok
21:49:31.0067 0xb348  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:49:31.0068 0xb348  RDPENCDD - ok
21:49:31.0071 0xb348  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:49:31.0072 0xb348  RDPREFMP - ok
21:49:31.0077 0xb348  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:49:31.0081 0xb348  RDPWD - ok
21:49:31.0086 0xb348  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:49:31.0090 0xb348  rdyboost - ok
21:49:31.0095 0xb348  [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:49:31.0098 0xb348  RegSrvc - ok
21:49:31.0102 0xb348  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:49:31.0104 0xb348  RemoteAccess - ok
21:49:31.0109 0xb348  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:49:31.0112 0xb348  RemoteRegistry - ok
21:49:31.0117 0xb348  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:49:31.0120 0xb348  RFCOMM - ok
21:49:31.0124 0xb348  [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc          C:\Windows\system32\DRIVERS\risdxc64.sys
21:49:31.0126 0xb348  risdxc - ok
21:49:31.0129 0xb348  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:49:31.0131 0xb348  RpcEptMapper - ok
21:49:31.0134 0xb348  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:49:31.0135 0xb348  RpcLocator - ok
21:49:31.0145 0xb348  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:49:31.0152 0xb348  RpcSs - ok
21:49:31.0155 0xb348  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:49:31.0157 0xb348  rspndr - ok
21:49:31.0160 0xb348  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:49:31.0160 0xb348  s3cap - ok
21:49:31.0163 0xb348  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
21:49:31.0164 0xb348  SamSs - ok
21:49:31.0168 0xb348  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:49:31.0170 0xb348  sbp2port - ok
21:49:31.0175 0xb348  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:49:31.0179 0xb348  SCardSvr - ok
21:49:31.0182 0xb348  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:49:31.0183 0xb348  scfilter - ok
21:49:31.0202 0xb348  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:49:31.0218 0xb348  Schedule - ok
21:49:31.0223 0xb348  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:49:31.0224 0xb348  SCPolicySvc - ok
21:49:31.0229 0xb348  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:49:31.0233 0xb348  SDRSVC - ok
21:49:31.0235 0xb348  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:49:31.0236 0xb348  secdrv - ok
21:49:31.0239 0xb348  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:49:31.0241 0xb348  seclogon - ok
21:49:31.0245 0xb348  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:49:31.0247 0xb348  SENS - ok
21:49:31.0250 0xb348  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:49:31.0252 0xb348  SensrSvc - ok
21:49:31.0255 0xb348  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:49:31.0256 0xb348  Serenum - ok
21:49:31.0261 0xb348  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:49:31.0263 0xb348  Serial - ok
21:49:31.0265 0xb348  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:49:31.0267 0xb348  sermouse - ok
21:49:31.0274 0xb348  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:49:31.0277 0xb348  SessionEnv - ok
21:49:31.0280 0xb348  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:49:31.0281 0xb348  sffdisk - ok
21:49:31.0283 0xb348  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:49:31.0284 0xb348  sffp_mmc - ok
21:49:31.0287 0xb348  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:49:31.0288 0xb348  sffp_sd - ok
21:49:31.0290 0xb348  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:49:31.0291 0xb348  sfloppy - ok
21:49:31.0299 0xb348  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:49:31.0305 0xb348  SharedAccess - ok
21:49:31.0313 0xb348  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:49:31.0319 0xb348  ShellHWDetection - ok
21:49:31.0324 0xb348  [ 7AC6FBFC13ABA3F15B05986412D10E10, B93E0E18C9883BAE7238389B8E2E3D66CB925BD62B293625FF8B6C3AF4501EC8 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys
21:49:31.0327 0xb348  Shockprf - ok
21:49:31.0329 0xb348  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:49:31.0331 0xb348  SiSRaid2 - ok
21:49:31.0334 0xb348  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:49:31.0336 0xb348  SiSRaid4 - ok
21:49:31.0339 0xb348  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:49:31.0341 0xb348  Smb - ok
21:49:31.0344 0xb348  smihlp2 - ok
21:49:31.0349 0xb348  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:49:31.0351 0xb348  SNMPTRAP - ok
21:49:31.0353 0xb348  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:49:31.0354 0xb348  spldr - ok
21:49:31.0365 0xb348  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:49:31.0374 0xb348  Spooler - ok
21:49:31.0429 0xb348  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:49:31.0479 0xb348  sppsvc - ok
21:49:31.0486 0xb348  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:49:31.0488 0xb348  sppuinotify - ok
21:49:31.0497 0xb348  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:49:31.0504 0xb348  srv - ok
21:49:31.0513 0xb348  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:49:31.0519 0xb348  srv2 - ok
21:49:31.0525 0xb348  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:49:31.0528 0xb348  srvnet - ok
21:49:31.0533 0xb348  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:49:31.0536 0xb348  SSDPSRV - ok
21:49:31.0541 0xb348  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:49:31.0543 0xb348  SstpSvc - ok
21:49:31.0546 0xb348  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:49:31.0547 0xb348  stexstor - ok
21:49:31.0558 0xb348  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:49:31.0567 0xb348  stisvc - ok
21:49:31.0571 0xb348  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:49:31.0572 0xb348  storflt - ok
21:49:31.0575 0xb348  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:49:31.0577 0xb348  StorSvc - ok
21:49:31.0580 0xb348  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:49:31.0581 0xb348  storvsc - ok
21:49:31.0589 0xb348  [ 1DF68711507D486946FCB58BDE5FE2FF, 2B89E4939466BA3F5715E6831675F3456533D6E45A12D6C13210BAC29AF9A844 ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:49:31.0590 0xb348  SUService - ok
21:49:31.0593 0xb348  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:49:31.0594 0xb348  swenum - ok
21:49:31.0604 0xb348  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:49:31.0612 0xb348  swprv - ok
21:49:31.0622 0xb348  [ 883D2880144FD3ED9F1C04B5B5B9B562, 17C582DE9E614F3AFF76ED808358E1006A5AAFEDAE155F6FB527A1AEE3AFF3EF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:49:31.0629 0xb348  SynTP - ok
21:49:31.0658 0xb348  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:49:31.0681 0xb348  SysMain - ok
21:49:31.0686 0xb348  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:49:31.0689 0xb348  TabletInputService - ok
21:49:31.0696 0xb348  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:49:31.0701 0xb348  TapiSrv - ok
21:49:31.0705 0xb348  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:49:31.0707 0xb348  TBS - ok
21:49:31.0740 0xb348  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:49:31.0767 0xb348  Tcpip - ok
21:49:31.0803 0xb348  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:49:31.0827 0xb348  TCPIP6 - ok
21:49:31.0833 0xb348  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:49:31.0834 0xb348  tcpipreg - ok
21:49:31.0838 0xb348  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:49:31.0839 0xb348  TDPIPE - ok
21:49:31.0841 0xb348  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:49:31.0842 0xb348  TDTCP - ok
21:49:31.0846 0xb348  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:49:31.0849 0xb348  tdx - ok
21:49:31.0852 0xb348  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:49:31.0854 0xb348  TermDD - ok
21:49:31.0868 0xb348  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:49:31.0879 0xb348  TermService - ok
21:49:31.0883 0xb348  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:49:31.0885 0xb348  Themes - ok
21:49:31.0889 0xb348  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:49:31.0890 0xb348  THREADORDER - ok
21:49:31.0893 0xb348  [ BC148E3415BF8A9DE83364966F75044F, 0F4604753E8202A7CA0F0C2E08983911327E0E44E453CE91B9B9A80A5554EC16 ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys
21:49:31.0894 0xb348  TPDIGIMN - ok
21:49:31.0897 0xb348  [ BBD91008BEC4A2BA5D383BC9A15D6F9E, 6A61E05F2189CB586440E0D5CB0126282459EAE9F29C9DD2D6E4583D230BF29E ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe
21:49:31.0900 0xb348  TPHDEXLGSVC - ok
21:49:31.0904 0xb348  [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
21:49:31.0907 0xb348  TPHKLOAD - ok
21:49:31.0911 0xb348  [ 046A7B412E4E6C4A7B426441E143F0F2, 8E42A888087A4DE20828652049D54955806986422C6A67C7A42499A0FB1CA1E2 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
21:49:31.0913 0xb348  TPHKSVC - ok
21:49:31.0917 0xb348  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:49:31.0918 0xb348  TPM - ok
21:49:31.0921 0xb348  [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
21:49:31.0922 0xb348  TPPWRIF - ok
21:49:31.0926 0xb348  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:49:31.0929 0xb348  TrkWks - ok
21:49:31.0934 0xb348  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:49:31.0937 0xb348  TrustedInstaller - ok
21:49:31.0942 0xb348  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:49:31.0943 0xb348  tssecsrv - ok
21:49:31.0946 0xb348  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:49:31.0948 0xb348  TsUsbFlt - ok
21:49:31.0951 0xb348  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:49:31.0952 0xb348  TsUsbGD - ok
21:49:31.0956 0xb348  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:49:31.0958 0xb348  tunnel - ok
21:49:31.0961 0xb348  [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C          C:\Windows\system32\DRIVERS\Tvti2c.sys
21:49:31.0963 0xb348  TVTI2C - ok
21:49:31.0965 0xb348  [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd        C:\Windows\system32\DRIVERS\tvtvcamd.sys
21:49:31.0967 0xb348  tvtvcamd - ok
21:49:31.0970 0xb348  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:49:31.0972 0xb348  uagp35 - ok
21:49:31.0979 0xb348  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:49:31.0984 0xb348  udfs - ok
21:49:31.0989 0xb348  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:49:31.0991 0xb348  UI0Detect - ok
21:49:31.0995 0xb348  [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
21:49:31.0997 0xb348  UleadBurningHelper - ok
21:49:32.0000 0xb348  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:49:32.0002 0xb348  uliagpkx - ok
21:49:32.0005 0xb348  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:49:32.0006 0xb348  umbus - ok
21:49:32.0009 0xb348  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:49:32.0010 0xb348  UmPass - ok
21:49:32.0015 0xb348  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:49:32.0019 0xb348  UmRdpService - ok
21:49:32.0028 0xb348  [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:49:32.0034 0xb348  UNS - ok
21:49:32.0042 0xb348  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:49:32.0049 0xb348  upnphost - ok
21:49:32.0054 0xb348  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:49:32.0056 0xb348  usbaudio - ok
21:49:32.0060 0xb348  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:49:32.0062 0xb348  usbccgp - ok
21:49:32.0066 0xb348  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:49:32.0068 0xb348  usbcir - ok
21:49:32.0071 0xb348  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:49:32.0073 0xb348  usbehci - ok
21:49:32.0081 0xb348  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:49:32.0086 0xb348  usbhub - ok
21:49:32.0089 0xb348  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:49:32.0090 0xb348  usbohci - ok
21:49:32.0093 0xb348  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:49:32.0094 0xb348  usbprint - ok
21:49:32.0098 0xb348  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:49:32.0100 0xb348  USBSTOR - ok
21:49:32.0103 0xb348  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:49:32.0104 0xb348  usbuhci - ok
21:49:32.0109 0xb348  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:49:32.0113 0xb348  usbvideo - ok
21:49:32.0116 0xb348  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:49:32.0118 0xb348  UxSms - ok
21:49:32.0121 0xb348  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
21:49:32.0122 0xb348  VaultSvc - ok
21:49:32.0125 0xb348  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:49:32.0126 0xb348  vdrvroot - ok
21:49:32.0137 0xb348  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:49:32.0146 0xb348  vds - ok
21:49:32.0149 0xb348  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:49:32.0150 0xb348  vga - ok
21:49:32.0153 0xb348  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:49:32.0154 0xb348  VgaSave - ok
21:49:32.0160 0xb348  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:49:32.0164 0xb348  vhdmp - ok
21:49:32.0166 0xb348  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:49:32.0167 0xb348  viaide - ok
21:49:32.0171 0xb348  [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService   C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
21:49:32.0173 0xb348  VIPAppService - ok
21:49:32.0178 0xb348  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:49:32.0182 0xb348  vmbus - ok
21:49:32.0185 0xb348  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:49:32.0186 0xb348  VMBusHID - ok
21:49:32.0190 0xb348  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:49:32.0191 0xb348  volmgr - ok
21:49:32.0199 0xb348  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:49:32.0205 0xb348  volmgrx - ok
21:49:32.0212 0xb348  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:49:32.0217 0xb348  volsnap - ok
21:49:32.0222 0xb348  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:49:32.0225 0xb348  vsmraid - ok
21:49:32.0252 0xb348  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:49:32.0276 0xb348  VSS - ok
21:49:32.0281 0xb348  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:49:32.0282 0xb348  vwifibus - ok
21:49:32.0285 0xb348  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:49:32.0286 0xb348  vwififlt - ok
21:49:32.0289 0xb348  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:49:32.0290 0xb348  vwifimp - ok
21:49:32.0298 0xb348  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:49:32.0304 0xb348  W32Time - ok
21:49:32.0309 0xb348  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:49:32.0310 0xb348  WacomPen - ok
21:49:32.0314 0xb348  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:49:32.0316 0xb348  WANARP - ok
21:49:32.0318 0xb348  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:49:32.0320 0xb348  Wanarpv6 - ok
21:49:32.0341 0xb348  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:49:32.0360 0xb348  WatAdminSvc - ok
21:49:32.0386 0xb348  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:49:32.0408 0xb348  wbengine - ok
21:49:32.0415 0xb348  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:49:32.0419 0xb348  WbioSrvc - ok
21:49:32.0427 0xb348  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:49:32.0434 0xb348  wcncsvc - ok
21:49:32.0437 0xb348  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:49:32.0439 0xb348  WcsPlugInService - ok
21:49:32.0441 0xb348  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:49:32.0442 0xb348  Wd - ok
21:49:32.0457 0xb348  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:49:32.0468 0xb348  Wdf01000 - ok
21:49:32.0473 0xb348  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:49:32.0476 0xb348  WdiServiceHost - ok
21:49:32.0479 0xb348  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:49:32.0481 0xb348  WdiSystemHost - ok
21:49:32.0487 0xb348  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:49:32.0492 0xb348  WebClient - ok
21:49:32.0500 0xb348  [ 507D80C0ACCC3B4FC123BD99D0AF3F97, 09AF6BBAFEA01B0A108C2EFE019F3D8ACA89C2C9D2DEB5F7E83F4E9971BAD338 ] WebUpdate4      C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
21:49:32.0504 0xb348  WebUpdate4 - ok
21:49:32.0510 0xb348  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:49:32.0515 0xb348  Wecsvc - ok
21:49:32.0519 0xb348  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:49:32.0522 0xb348  wercplsupport - ok
21:49:32.0525 0xb348  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:49:32.0528 0xb348  WerSvc - ok
21:49:32.0531 0xb348  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:49:32.0532 0xb348  WfpLwf - ok
21:49:32.0534 0xb348  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:49:32.0535 0xb348  WIMMount - ok
21:49:32.0537 0xb348  WinDefend - ok
21:49:32.0541 0xb348  WinHttpAutoProxySvc - ok
21:49:32.0550 0xb348  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:49:32.0554 0xb348  Winmgmt - ok
21:49:32.0587 0xb348  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
21:49:32.0617 0xb348  WinRM - ok
21:49:32.0623 0xb348  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
21:49:32.0624 0xb348  WinUsb - ok
21:49:32.0641 0xb348  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:49:32.0654 0xb348  Wlansvc - ok
21:49:32.0658 0xb348  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:49:32.0660 0xb348  wlcrasvc - ok
21:49:32.0696 0xb348  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:49:32.0729 0xb348  wlidsvc - ok
21:49:32.0734 0xb348  WMCoreService - ok
21:49:32.0737 0xb348  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:49:32.0738 0xb348  WmiAcpi - ok
21:49:32.0745 0xb348  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:49:32.0748 0xb348  wmiApSrv - ok
21:49:32.0752 0xb348  WMPNetworkSvc - ok
21:49:32.0756 0xb348  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:49:32.0757 0xb348  WPCSvc - ok
21:49:32.0762 0xb348  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:49:32.0765 0xb348  WPDBusEnum - ok
21:49:32.0768 0xb348  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:49:32.0769 0xb348  ws2ifsl - ok
21:49:32.0773 0xb348  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:49:32.0776 0xb348  wscsvc - ok
21:49:32.0778 0xb348  WSearch - ok
21:49:32.0819 0xb348  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:49:32.0856 0xb348  wuauserv - ok
21:49:32.0862 0xb348  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:49:32.0864 0xb348  WudfPf - ok
21:49:32.0870 0xb348  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:49:32.0873 0xb348  WUDFRd - ok
21:49:32.0877 0xb348  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:49:32.0880 0xb348  wudfsvc - ok
21:49:32.0886 0xb348  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:49:32.0891 0xb348  WwanSvc - ok
21:49:32.0898 0xb348  [ 747DA6EE261B3760201D7738E0FD59B8, B32F8CB8F112FA1C067AEE1615882C6FAFAB671347A44E37C4B476DF3DC7B430 ] WwanUsbServ     C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
21:49:32.0902 0xb348  WwanUsbServ - ok
21:49:32.0947 0xb348  [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:49:32.0984 0xb348  ZeroConfigService - ok
21:49:32.0993 0xb348  ================ Scan global ===============================
21:49:32.0996 0xb348  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:49:33.0002 0xb348  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:49:33.0010 0xb348  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:49:33.0016 0xb348  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:49:33.0024 0xb348  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:49:33.0029 0xb348  [ Global ] - ok
21:49:33.0030 0xb348  ================ Scan MBR ==================================
21:49:33.0031 0xb348  [ 705D35B546D81DCED3CD1F931CCB07ED ] \Device\Harddisk0\DR0
21:49:33.0108 0xb348  \Device\Harddisk0\DR0 - ok
21:49:33.0110 0xb348  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
21:49:33.0115 0xb348  \Device\Harddisk1\DR2 - ok
21:49:33.0116 0xb348  ================ Scan VBR ==================================
21:49:33.0117 0xb348  [ B5B43437C04F6EEF589300D433D64A87 ] \Device\Harddisk0\DR0\Partition1
21:49:33.0118 0xb348  \Device\Harddisk0\DR0\Partition1 - ok
21:49:33.0119 0xb348  [ DD96E4E79F20B2BADBE7FD27252456D5 ] \Device\Harddisk0\DR0\Partition2
21:49:33.0120 0xb348  \Device\Harddisk0\DR0\Partition2 - ok
21:49:33.0121 0xb348  [ 19191C7AA2D63FA6431A219C069E77B0 ] \Device\Harddisk0\DR0\Partition3
21:49:33.0122 0xb348  \Device\Harddisk0\DR0\Partition3 - ok
21:49:33.0124 0xb348  [ F1192BD8A99063C5E8D01E8850DEF1EA ] \Device\Harddisk1\DR2\Partition1
21:49:33.0169 0xb348  \Device\Harddisk1\DR2\Partition1 - ok
21:49:33.0170 0xb348  ================ Scan generic autorun ======================
21:49:33.0170 0xb348  SynTPEnh - ok
21:49:33.0190 0xb348  [ CA169D8C33B5C7D38F146146D635BB5A, 0F7C021BD92ECFF8FEE5D1D1F5920E85B53C1DE7874F21CEBCF9E9F2BD0590BF ] C:\Windows\system32\TpShocks.exe
21:49:33.0204 0xb348  TpShocks - ok
21:49:33.0213 0xb348  [ 98D545CE59F64C2C4D005A4A61BB0835, 22EEE378BF46A12E910429DECA5D68E38319A6BC20FEF3E2D7BC450D9141658A ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
21:49:33.0219 0xb348  LENOVO.TPKNRRES - ok
21:49:33.0224 0xb348  [ 3D0AA1C5F67BAC9ED036FB6C815562C6, 6563601CAFA7BC11DD6FD666195C0DA58E646D685C6F5063081086C96F8A9F43 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
21:49:33.0226 0xb348  AcWin7Hlpr - ok
21:49:33.0236 0xb348  [ A56AC97C6C72141B334763CD3C77C76F, 57BB0DAC3463A0CEAB74052EC04EA1B6F3F757DFBCA00143C34360EC6BC69A06 ] C:\Program Files\Greenshot\Greenshot.exe
21:49:33.0243 0xb348  Greenshot - ok
21:49:33.0248 0xb348  [ 2C8518B622C6429480507F24C21B6223, BA2FF253A3F6C53F4C24903DF406FFB37121792A49E29A5A58E753E62321C312 ] C:\Windows\system32\igfxtray.exe
21:49:33.0252 0xb348  IgfxTray - ok
21:49:33.0259 0xb348  [ 2700358647B5F0253756BF41564586E1, 859ECC17AAADCDAB6ED96FEC372522B69C44C50B7781F29B2B0EAAF13FD0C803 ] C:\Windows\system32\hkcmd.exe
21:49:33.0266 0xb348  HotKeysCmds - ok
21:49:33.0274 0xb348  [ 8D42A43CE49736478BF6FCE9DD3383CB, 7D1A7D4CAF468815BD8BFD324E60956F8A7B12E9714A0064742F403474C03E44 ] C:\Windows\system32\igfxpers.exe

fatalerror · 22.03.2015, 12:55

Code:

ATTFilter

21:49:33.0281 0xb348  Persistence - ok
21:49:33.0499 0xb348  [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:49:33.0681 0xb348  RTHDVCPL - ok
21:49:33.0713 0xb348  [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:49:33.0730 0xb348  RtHDVBg_Dolby - ok
21:49:33.0770 0xb348  [ C08AF3D7162084119A3089D40240E592, B68F51E176A1193496108E60999C96656A166B7868A6C403B329AA2DBA3EAFD2 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:49:33.0803 0xb348  NvBackend - ok
21:49:33.0807 0xb348  [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
21:49:33.0809 0xb348  RotateImage - ok
21:49:33.0815 0xb348  [ 6BA8D86746935498D64CB5CF6286F2EB, E47D1DEE39451428344233DB15412BCB486C4F6FE1D0426F20AA4C6245387926 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:49:33.0819 0xb348  USB3MON - ok
21:49:33.0823 0xb348  [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:49:33.0826 0xb348  IMSS - ok
21:49:33.0827 0xb348  PWMTRV - ok
21:49:33.0843 0xb348  [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:49:33.0856 0xb348  Adobe ARM - ok
21:49:33.0861 0xb348  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
21:49:33.0864 0xb348  Intel AppUp(SM) center - ok
21:49:33.0931 0xb348  [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
21:49:33.0990 0xb348  Lenovo Registration - ok
21:49:34.0009 0xb348  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:49:34.0018 0xb348  avgnt - ok
21:49:34.0022 0xb348  [ 0360ACCC97132C5051189C9D9370309E, 113CE9B2B7FE1E0C6A0937E05E157BC98C7142F01E1D1EAA2A905A8D6B8E967D ] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
21:49:34.0025 0xb348  MobileAccess - ok
21:49:34.0035 0xb348  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
21:49:34.0042 0xb348  Dolby Home Theater v4 - ok
21:49:34.0063 0xb348  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:49:34.0093 0xb348  Sidebar - ok
21:49:34.0098 0xb348  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:49:34.0100 0xb348  mctadmin - ok
21:49:34.0120 0xb348  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:49:34.0134 0xb348  Sidebar - ok
21:49:34.0138 0xb348  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:49:34.0139 0xb348  mctadmin - ok
21:49:34.0142 0xb348  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:49:34.0143 0xb348  swg - ok
21:49:34.0162 0xb348  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:49:34.0176 0xb348  Sidebar - ok
21:49:34.0179 0xb348  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:49:34.0180 0xb348  swg - ok
21:49:34.0183 0xb348  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:49:34.0185 0xb348  mctadmin - ok
21:49:34.0185 0xb348  Lenovo.ShowBand - ok
21:49:34.0186 0xb348  Waiting for KSN requests completion. In queue: 511
21:49:35.0186 0xb348  Waiting for KSN requests completion. In queue: 511
21:49:36.0186 0xb348  Waiting for KSN requests completion. In queue: 511
21:49:37.0186 0xb348  Waiting for KSN requests completion. In queue: 483
21:49:38.0186 0xb348  Waiting for KSN requests completion. In queue: 366
21:49:39.0186 0xb348  Waiting for KSN requests completion. In queue: 284
21:49:40.0186 0xb348  Waiting for KSN requests completion. In queue: 257
21:49:41.0187 0xb348  Waiting for KSN requests completion. In queue: 226
21:49:42.0187 0xb348  Waiting for KSN requests completion. In queue: 226
21:49:43.0187 0xb348  Waiting for KSN requests completion. In queue: 226
21:49:44.0187 0xb348  Waiting for KSN requests completion. In queue: 226
21:49:45.0187 0xb348  Waiting for KSN requests completion. In queue: 226
21:49:46.0187 0xb348  Waiting for KSN requests completion. In queue: 226
21:49:47.0187 0xb348  Waiting for KSN requests completion. In queue: 199
21:49:48.0187 0xb348  Waiting for KSN requests completion. In queue: 90
21:49:49.0281 0xb348  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41000 ( enabled : updated )
21:49:49.0306 0xb348  Win FW state via NFP2: enabled
21:49:59.0126 0xb348  ============================================================
21:49:59.0126 0xb348  Scan finished
21:49:59.0126 0xb348  ============================================================
21:49:59.0140 0xb288  Detected object count: 0
21:49:59.0140 0xb288  Actual detected object count: 0
21:51:47.0676 0xb390  ============================================================
21:51:47.0677 0xb390  Scan started
21:51:47.0677 0xb390  Mode: Manual; SigCheck; TDLFS; 
21:51:47.0677 0xb390  ============================================================
21:51:47.0677 0xb390  KSN ping started
21:51:57.0575 0xb390  KSN ping finished: true
21:51:57.0830 0xb390  ================ Scan system memory ========================
21:51:57.0830 0xb390  System memory - ok
21:51:57.0831 0xb390  ================ Scan services =============================
21:51:57.0865 0xb390  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:51:57.0898 0xb390  1394ohci - ok
21:51:57.0904 0xb390  [ 1F305C858E7B5E537C9B783D46243A7A, 0DA7B31949C48FB42DBF61EC71ACCFD1CEB3B6135DC3FA0FEC4A9DE25A1405BA ] 5U877           C:\Windows\system32\DRIVERS\5U877.sys
21:51:57.0917 0xb390  5U877 - ok
21:51:57.0925 0xb390  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:51:57.0937 0xb390  ACPI - ok
21:51:57.0940 0xb390  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:51:57.0956 0xb390  AcpiPmi - ok
21:51:57.0964 0xb390  [ 2540FC407E5CCBEEB981755A3B6AFF58, 352520A8E601DEEE45928918216D86775C33E21144F09B807C3E459434062088 ] AcPrfMgrSvc     C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
21:51:57.0973 0xb390  AcPrfMgrSvc - ok
21:51:57.0979 0xb390  [ 5463D786E083B8D50CF44FFF0926CECA, DC9F9D1618B9E604B3AA8685A929B36CEE7847238D4D64B2E0A1B0E4FDC0F3A2 ] AcSvc           C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
21:51:57.0988 0xb390  AcSvc - ok
21:51:57.0992 0xb390  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:51:57.0998 0xb390  AdobeARMservice - ok
21:51:58.0008 0xb390  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:51:58.0022 0xb390  adp94xx - ok
21:51:58.0029 0xb390  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:51:58.0041 0xb390  adpahci - ok
21:51:58.0046 0xb390  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:51:58.0055 0xb390  adpu320 - ok
21:51:58.0060 0xb390  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:51:58.0106 0xb390  AeLookupSvc - ok
21:51:58.0116 0xb390  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:51:58.0132 0xb390  AFD - ok
21:51:58.0136 0xb390  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:51:58.0143 0xb390  agp440 - ok
21:51:58.0146 0xb390  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:51:58.0158 0xb390  ALG - ok
21:51:58.0160 0xb390  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:51:58.0167 0xb390  aliide - ok
21:51:58.0169 0xb390  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:51:58.0176 0xb390  amdide - ok
21:51:58.0179 0xb390  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:51:58.0189 0xb390  AmdK8 - ok
21:51:58.0192 0xb390  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:51:58.0201 0xb390  AmdPPM - ok
21:51:58.0205 0xb390  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:51:58.0214 0xb390  amdsata - ok
21:51:58.0219 0xb390  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:51:58.0228 0xb390  amdsbs - ok
21:51:58.0233 0xb390  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:51:58.0239 0xb390  amdxata - ok
21:51:58.0252 0xb390  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:51:58.0264 0xb390  AntiVirSchedulerService - ok
21:51:58.0273 0xb390  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:51:58.0284 0xb390  AntiVirService - ok
21:51:58.0288 0xb390  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
21:51:58.0298 0xb390  AppID - ok
21:51:58.0301 0xb390  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:51:58.0309 0xb390  AppIDSvc - ok
21:51:58.0313 0xb390  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:51:58.0323 0xb390  Appinfo - ok
21:51:58.0329 0xb390  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:51:58.0339 0xb390  AppMgmt - ok
21:51:58.0343 0xb390  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:51:58.0351 0xb390  arc - ok
21:51:58.0355 0xb390  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:51:58.0362 0xb390  arcsas - ok
21:51:58.0373 0xb390  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:51:58.0382 0xb390  aspnet_state - ok
21:51:58.0386 0xb390  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:51:58.0408 0xb390  AsyncMac - ok
21:51:58.0411 0xb390  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:51:58.0418 0xb390  atapi - ok
21:51:58.0431 0xb390  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:51:58.0449 0xb390  AudioEndpointBuilder - ok
21:51:58.0461 0xb390  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:51:58.0479 0xb390  AudioSrv - ok
21:51:58.0484 0xb390  [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:51:58.0509 0xb390  avgntflt - ok
21:51:58.0514 0xb390  [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:51:58.0522 0xb390  avipbb - ok
21:51:58.0525 0xb390  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:51:58.0532 0xb390  avkmgr - ok
21:51:58.0537 0xb390  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:51:58.0556 0xb390  AxInstSV - ok
21:51:58.0566 0xb390  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:51:58.0582 0xb390  b06bdrv - ok
21:51:58.0590 0xb390  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:51:58.0603 0xb390  b57nd60a - ok
21:51:58.0610 0xb390  [ F01759FA97126CC69DFA85CEDA0717A1, 5B23B61562349D13311B7FCF783BDC9439698DACA5724B83B3568121497C7FC8 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
21:51:58.0618 0xb390  bcbtums - ok
21:51:58.0622 0xb390  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:51:58.0633 0xb390  BDESVC - ok
21:51:58.0635 0xb390  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:51:58.0658 0xb390  Beep - ok
21:51:58.0672 0xb390  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:51:58.0691 0xb390  BFE - ok
21:51:58.0708 0xb390  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:51:58.0767 0xb390  BITS - ok
21:51:58.0771 0xb390  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:51:58.0779 0xb390  blbdrive - ok
21:51:58.0784 0xb390  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:51:58.0793 0xb390  bowser - ok
21:51:58.0796 0xb390  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:51:58.0806 0xb390  BrFiltLo - ok
21:51:58.0809 0xb390  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:51:58.0819 0xb390  BrFiltUp - ok
21:51:58.0824 0xb390  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:51:58.0835 0xb390  Browser - ok
21:51:58.0842 0xb390  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:51:58.0856 0xb390  Brserid - ok
21:51:58.0859 0xb390  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:51:58.0869 0xb390  BrSerWdm - ok
21:51:58.0872 0xb390  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:51:58.0881 0xb390  BrUsbMdm - ok
21:51:58.0883 0xb390  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:51:58.0892 0xb390  BrUsbSer - ok
21:51:58.0895 0xb390  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:51:58.0904 0xb390  BthEnum - ok
21:51:58.0908 0xb390  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:51:58.0918 0xb390  BTHMODEM - ok
21:51:58.0923 0xb390  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:51:58.0933 0xb390  BthPan - ok
21:51:58.0943 0xb390  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:51:58.0959 0xb390  BTHPORT - ok
21:51:58.0964 0xb390  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:51:58.0986 0xb390  bthserv - ok
21:51:58.0990 0xb390  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:51:58.0999 0xb390  BTHUSB - ok
21:51:59.0010 0xb390  [ 3AFF6DC496B8A8D12C867E3FC7C86FAC, 72541F7F9AF6278B8F19F2DBCCADC4FF47171866E04FB5A1010D9AFDF69F7D11 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
21:51:59.0024 0xb390  btwampfl - ok
21:51:59.0029 0xb390  [ 336BBA0909B3636AB7D06A71D7B1C0DC, 3BC7593272101C340681A9909F9215580F8942DA54E9B251E3AC35B8D39D9B89 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
21:51:59.0037 0xb390  btwaudio - ok
21:51:59.0043 0xb390  [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
21:51:59.0051 0xb390  btwavdt - ok
21:51:59.0069 0xb390  [ 26A80D7ACA49E03A403806418B5FED46, 52539FC9F5796002FD66393C759393717E3E242392B2E9039AD12B6D973B78BD ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
21:51:59.0088 0xb390  btwdins - ok
21:51:59.0093 0xb390  [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
21:51:59.0099 0xb390  btwl2cap - ok
21:51:59.0103 0xb390  [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
21:51:59.0108 0xb390  btwrchid - ok
21:51:59.0112 0xb390  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:51:59.0135 0xb390  cdfs - ok
21:51:59.0139 0xb390  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:51:59.0151 0xb390  cdrom - ok
21:51:59.0154 0xb390  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:51:59.0176 0xb390  CertPropSvc - ok
21:51:59.0180 0xb390  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:51:59.0189 0xb390  circlass - ok
21:51:59.0197 0xb390  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:51:59.0209 0xb390  CLFS - ok
21:51:59.0214 0xb390  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:51:59.0222 0xb390  clr_optimization_v2.0.50727_32 - ok
21:51:59.0227 0xb390  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:51:59.0234 0xb390  clr_optimization_v2.0.50727_64 - ok
21:51:59.0243 0xb390  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:51:59.0252 0xb390  clr_optimization_v4.0.30319_32 - ok
21:51:59.0256 0xb390  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:51:59.0265 0xb390  clr_optimization_v4.0.30319_64 - ok
21:51:59.0268 0xb390  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:51:59.0276 0xb390  CmBatt - ok
21:51:59.0279 0xb390  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:51:59.0285 0xb390  cmdide - ok
21:51:59.0295 0xb390  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
21:51:59.0312 0xb390  CNG - ok
21:51:59.0315 0xb390  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:51:59.0321 0xb390  Compbatt - ok
21:51:59.0324 0xb390  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:51:59.0334 0xb390  CompositeBus - ok
21:51:59.0336 0xb390  COMSysApp - ok
21:51:59.0359 0xb390  [ EB726E02074FDC44EBE97E01A2660AA6, D4C64BF00D71BB7A3DB429EF8B648056067A3FE857F72DD9CE4944A1359BE05D ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:51:59.0369 0xb390  cphs - ok
21:51:59.0372 0xb390  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:51:59.0378 0xb390  crcdisk - ok
21:51:59.0385 0xb390  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:51:59.0396 0xb390  CryptSvc - ok
21:51:59.0407 0xb390  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:51:59.0422 0xb390  CSC - ok
21:51:59.0437 0xb390  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:51:59.0456 0xb390  CscService - ok
21:51:59.0467 0xb390  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:51:59.0496 0xb390  DcomLaunch - ok
21:51:59.0503 0xb390  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:51:59.0528 0xb390  defragsvc - ok
21:51:59.0533 0xb390  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:51:59.0566 0xb390  DfsC - ok
21:51:59.0573 0xb390  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:51:59.0592 0xb390  Dhcp - ok
21:51:59.0597 0xb390  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:51:59.0619 0xb390  discache - ok
21:51:59.0622 0xb390  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:51:59.0629 0xb390  Disk - ok
21:51:59.0633 0xb390  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:51:59.0642 0xb390  dmvsc - ok
21:51:59.0647 0xb390  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:51:59.0658 0xb390  Dnscache - ok
21:51:59.0665 0xb390  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:51:59.0690 0xb390  dot3svc - ok
21:51:59.0699 0xb390  [ 9597BCB69286FF017DB1A0FB8144408D, B477E4E7C3B49A77075B3165079E29FF1908C81E2BCCB930B47DCCF7DA5C417C ] DozeSvc         C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
21:51:59.0709 0xb390  DozeSvc - ok
21:51:59.0714 0xb390  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:51:59.0737 0xb390  DPS - ok
21:51:59.0741 0xb390  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:51:59.0750 0xb390  drmkaud - ok
21:51:59.0767 0xb390  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:51:59.0789 0xb390  DXGKrnl - ok
21:51:59.0798 0xb390  [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64         C:\Windows\system32\DRIVERS\DzHDD64.sys
21:51:59.0804 0xb390  DzHDD64 - ok
21:51:59.0812 0xb390  [ 03F4C5C12FC1C69F838DA723475EF650, 7D80623ED1060F904AF85B87620DF8DC153504FABC0E447C1D3A07D0372D7B9F ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
21:51:59.0823 0xb390  e1cexpress - ok
21:51:59.0827 0xb390  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:51:59.0849 0xb390  EapHost - ok
21:51:59.0903 0xb390  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:51:59.0960 0xb390  ebdrv - ok
21:51:59.0967 0xb390  [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis       C:\Windows\system32\Drivers\wwuss64.sys
21:51:59.0973 0xb390  ecnssndis - ok
21:51:59.0976 0xb390  [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr   C:\Windows\system32\Drivers\wwussf64.sys
21:51:59.0982 0xb390  ecnssndisfltr - ok
21:51:59.0985 0xb390  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
21:51:59.0994 0xb390  EFS - ok
21:52:00.0008 0xb390  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:52:00.0028 0xb390  ehRecvr - ok
21:52:00.0032 0xb390  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:52:00.0044 0xb390  ehSched - ok
21:52:00.0054 0xb390  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:52:00.0068 0xb390  elxstor - ok
21:52:00.0072 0xb390  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:52:00.0079 0xb390  ErrDev - ok
21:52:00.0092 0xb390  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:52:00.0120 0xb390  EventSystem - ok
21:52:00.0135 0xb390  [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:52:00.0149 0xb390  EvtEng - ok
21:52:00.0155 0xb390  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:52:00.0180 0xb390  exfat - ok
21:52:00.0186 0xb390  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:52:00.0212 0xb390  fastfat - ok
21:52:00.0225 0xb390  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:52:00.0243 0xb390  Fax - ok
21:52:00.0246 0xb390  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:52:00.0255 0xb390  fdc - ok
21:52:00.0257 0xb390  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:52:00.0279 0xb390  fdPHost - ok
21:52:00.0282 0xb390  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:52:00.0304 0xb390  FDResPub - ok
21:52:00.0307 0xb390  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:52:00.0314 0xb390  FileInfo - ok
21:52:00.0318 0xb390  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:52:00.0340 0xb390  Filetrace - ok
21:52:00.0344 0xb390  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:52:00.0351 0xb390  flpydisk - ok
21:52:00.0358 0xb390  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:52:00.0368 0xb390  FltMgr - ok
21:52:00.0389 0xb390  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:52:00.0415 0xb390  FontCache - ok
21:52:00.0420 0xb390  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:52:00.0426 0xb390  FontCache3.0.0.0 - ok
21:52:00.0429 0xb390  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:52:00.0436 0xb390  FsDepends - ok
21:52:00.0439 0xb390  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:52:00.0446 0xb390  Fs_Rec - ok
21:52:00.0452 0xb390  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:52:00.0463 0xb390  fvevol - ok
21:52:00.0467 0xb390  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:52:00.0474 0xb390  gagp30kx - ok
21:52:00.0489 0xb390  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:52:00.0521 0xb390  gpsvc - ok
21:52:00.0526 0xb390  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:52:00.0533 0xb390  gupdate - ok
21:52:00.0538 0xb390  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:52:00.0544 0xb390  gupdatem - ok
21:52:00.0550 0xb390  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:52:00.0557 0xb390  gusvc - ok
21:52:00.0562 0xb390  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:52:00.0570 0xb390  hcw85cir - ok
21:52:00.0578 0xb390  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:52:00.0593 0xb390  HdAudAddService - ok
21:52:00.0598 0xb390  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:52:00.0608 0xb390  HDAudBus - ok
21:52:00.0612 0xb390  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:52:00.0619 0xb390  HidBatt - ok
21:52:00.0623 0xb390  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:52:00.0634 0xb390  HidBth - ok
21:52:00.0637 0xb390  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:52:00.0647 0xb390  HidIr - ok
21:52:00.0650 0xb390  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:52:00.0672 0xb390  hidserv - ok
21:52:00.0677 0xb390  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:52:00.0688 0xb390  HidUsb - ok
21:52:00.0692 0xb390  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:52:00.0721 0xb390  hkmsvc - ok
21:52:00.0729 0xb390  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:52:00.0745 0xb390  HomeGroupListener - ok
21:52:00.0752 0xb390  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:52:00.0767 0xb390  HomeGroupProvider - ok
21:52:00.0772 0xb390  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:52:00.0783 0xb390  HpSAMD - ok
21:52:00.0800 0xb390  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:52:00.0841 0xb390  HTTP - ok
21:52:00.0845 0xb390  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:52:00.0853 0xb390  hwpolicy - ok
21:52:00.0858 0xb390  [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc      C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
21:52:00.0867 0xb390  HyperW7Svc - ok
21:52:00.0872 0xb390  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:52:00.0883 0xb390  i8042prt - ok
21:52:00.0896 0xb390  [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
21:52:00.0911 0xb390  iaStor - ok
21:52:00.0924 0xb390  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:52:00.0939 0xb390  iaStorV - ok
21:52:00.0943 0xb390  [ 72B253CDBCAA10E88AAD0BA39CC83BCD, 95FDC0E622C215D912607DDFC3D703AE0D9505960F98A418F44B7A9FA675B996 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
21:52:00.0952 0xb390  IBMPMDRV - ok
21:52:00.0956 0xb390  [ 4925FFB084C9AD02E8EEF01FB18BF5AC, B08CC31F9DB444C7A3E1DE0B294A573A6F58F440D9ADF4062835320129E10FD0 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
21:52:00.0964 0xb390  IBMPMSVC - ok
21:52:00.0981 0xb390  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:52:01.0001 0xb390  idsvc - ok
21:52:01.0004 0xb390  IEEtwCollectorService - ok
21:52:01.0139 0xb390  [ B9857625DF8B539ABCB90E15B5716568, 99393C74D6C5BB1D3B7399C628DEF47641563A3A1118988597091B0735805F06 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:52:01.0284 0xb390  igfx - ok
21:52:01.0296 0xb390  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:52:01.0302 0xb390  iirsp - ok
21:52:01.0318 0xb390  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:52:01.0339 0xb390  IKEEXT - ok
21:52:01.0344 0xb390  [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:52:01.0351 0xb390  intaud_WaveExtensible - ok
21:52:01.0410 0xb390  [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:52:01.0471 0xb390  IntcAzAudAddService - ok
21:52:01.0483 0xb390  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:52:01.0496 0xb390  IntcDAud - ok
21:52:01.0508 0xb390  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:52:01.0523 0xb390  Intel(R) Capability Licensing Service Interface - ok
21:52:01.0527 0xb390  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:52:01.0533 0xb390  intelide - ok
21:52:01.0537 0xb390  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:52:01.0545 0xb390  intelppm - ok
21:52:01.0550 0xb390  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:52:01.0574 0xb390  IPBusEnum - ok
21:52:01.0578 0xb390  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:52:01.0601 0xb390  IpFilterDriver - ok
21:52:01.0612 0xb390  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:52:01.0629 0xb390  iphlpsvc - ok
21:52:01.0633 0xb390  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:52:01.0641 0xb390  IPMIDRV - ok
21:52:01.0645 0xb390  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:52:01.0668 0xb390  IPNAT - ok
21:52:01.0671 0xb390  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:52:01.0682 0xb390  IRENUM - ok
21:52:01.0685 0xb390  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:52:01.0692 0xb390  isapnp - ok
21:52:01.0699 0xb390  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:52:01.0710 0xb390  iScsiPrt - ok
21:52:01.0714 0xb390  [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:52:01.0720 0xb390  iusb3hcs - ok
21:52:01.0728 0xb390  [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:52:01.0738 0xb390  iusb3hub - ok
21:52:01.0753 0xb390  [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:52:01.0770 0xb390  iusb3xhc - ok
21:52:01.0775 0xb390  [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
21:52:01.0780 0xb390  iwdbus - ok
21:52:01.0788 0xb390  [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:52:01.0796 0xb390  jhi_service - ok
21:52:01.0799 0xb390  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:52:01.0807 0xb390  kbdclass - ok
21:52:01.0809 0xb390  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:52:01.0818 0xb390  kbdhid - ok
21:52:01.0820 0xb390  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
21:52:01.0828 0xb390  KeyIso - ok
21:52:01.0832 0xb390  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:52:01.0840 0xb390  KSecDD - ok
21:52:01.0845 0xb390  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:52:01.0854 0xb390  KSecPkg - ok
21:52:01.0858 0xb390  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:52:01.0881 0xb390  ksthunk - ok
21:52:01.0888 0xb390  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:52:01.0916 0xb390  KtmRm - ok
21:52:01.0920 0xb390  [ 3BE0319D6F9D5A0C4DDD037E0E19FFD4, 587F5FF690A40DD5F3F59CF8FA8FC8691846633462EB8220367F5193F5401CBE ] l36wgps         C:\Windows\system32\DRIVERS\l36wgps64.sys
21:52:01.0927 0xb390  l36wgps - ok
21:52:01.0933 0xb390  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:52:01.0959 0xb390  LanmanServer - ok
21:52:01.0963 0xb390  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:52:01.0986 0xb390  LanmanWorkstation - ok
21:52:01.0990 0xb390  [ 4A0235E9822B220339E34D8C122BB6D1, 75FE0158F4123E3252F543FED3F622547F32EE15B1ABA16C8D23405B6BAEBCE5 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
21:52:01.0997 0xb390  LENOVO.CAMMUTE - ok
21:52:02.0001 0xb390  [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
21:52:02.0007 0xb390  LENOVO.MICMUTE - ok
21:52:02.0011 0xb390  [ 93921A19D885755B9751C3744DBCB8FD, A1A59DE5819D2C4D4CEA4917DAB569925928165177F0B081D5C03BD6D7EFE3D2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
21:52:02.0017 0xb390  LENOVO.TPKNRSVC - ok
21:52:02.0021 0xb390  [ 79F99A4D59825839B7E563B4BCF52C5E, 3D7B1F292A36E8E4109557B880603B7BEB512457CC495F591DCE44EC34AA0E39 ] LENOVO.TVTVCAM  C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
21:52:02.0029 0xb390  LENOVO.TVTVCAM - ok
21:52:02.0033 0xb390  [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
21:52:02.0039 0xb390  Lenovo.VIRTSCRLSVC - ok
21:52:02.0042 0xb390  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:52:02.0064 0xb390  lltdio - ok
21:52:02.0071 0xb390  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:52:02.0096 0xb390  lltdsvc - ok
21:52:02.0099 0xb390  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:52:02.0120 0xb390  lmhosts - ok
21:52:02.0126 0xb390  [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:52:02.0135 0xb390  LMS - ok
21:52:02.0143 0xb390  [ 25F003B378E831514587DC6155781227, 7E68BED3721B9B917DDF215E572EEC4D1B30805CB8C274222450F65AA6B9D945 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
21:52:02.0153 0xb390  LSCWinService - ok
21:52:02.0157 0xb390  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:52:02.0165 0xb390  LSI_FC - ok
21:52:02.0169 0xb390  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:52:02.0177 0xb390  LSI_SAS - ok
21:52:02.0180 0xb390  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:52:02.0187 0xb390  LSI_SAS2 - ok
21:52:02.0191 0xb390  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:52:02.0200 0xb390  LSI_SCSI - ok
21:52:02.0204 0xb390  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:52:02.0227 0xb390  luafv - ok
21:52:02.0230 0xb390  [ FD998B716E1EBFE1174098FB9AA08635, FE010E7E3E583C3F3EC8D602B43C98CB91D047ED87E82B8D472E9C7391938E82 ] MacheenService  C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
21:52:02.0236 0xb390  MacheenService - ok
21:52:02.0239 0xb390  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:52:02.0245 0xb390  MBAMProtector - ok
21:52:02.0277 0xb390  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:52:02.0310 0xb390  MBAMScheduler - ok
21:52:02.0330 0xb390  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:52:02.0350 0xb390  MBAMService - ok
21:52:02.0355 0xb390  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:52:02.0362 0xb390  MBAMSwissArmy - ok
21:52:02.0366 0xb390  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:52:02.0373 0xb390  MBAMWebAccessControl - ok
21:52:02.0382 0xb390  [ 62732AF9512B911C330ACBBDBCC2F284, CBF2D4D21F96465FD693E2F3052675D1D7F23BE86098D08EF22E52D94E8C95E4 ] Mbm3CBus        C:\Windows\system32\DRIVERS\Mbm3CBus.sys
21:52:02.0393 0xb390  Mbm3CBus - ok
21:52:02.0402 0xb390  [ BDC2D259CA9CFCED092B3B0B8557322D, A2C50A5BAE7B3AB0C1D8057FD15DFAB3F8B653A8A8B78572926B9CCEE032A8EA ] Mbm3DevMt       C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
21:52:02.0413 0xb390  Mbm3DevMt - ok
21:52:02.0416 0xb390  [ E55689A5E9349182C24312EFC9DF09FB, 6FD98B61C764215402625412E9E3F214020257C09F25C3B21C70AA46EC39019D ] Mbm3mdfl        C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
21:52:02.0422 0xb390  Mbm3mdfl - ok
21:52:02.0431 0xb390  [ FC1059C857D7B1083086BE04DB5EE09C, BF55702BBB6A0152F63A30E0897C42ED3F51CC1AD78C49F3589D423591C031E8 ] Mbm3Mdm         C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
21:52:02.0444 0xb390  Mbm3Mdm - ok
21:52:02.0449 0xb390  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:52:02.0458 0xb390  Mcx2Svc - ok
21:52:02.0462 0xb390  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:52:02.0469 0xb390  megasas - ok
21:52:02.0476 0xb390  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:52:02.0486 0xb390  MegaSR - ok
21:52:02.0490 0xb390  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:52:02.0496 0xb390  MEIx64 - ok
21:52:02.0499 0xb390  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:52:02.0522 0xb390  MMCSS - ok
21:52:02.0525 0xb390  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:52:02.0546 0xb390  Modem - ok
21:52:02.0549 0xb390  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:52:02.0559 0xb390  monitor - ok
21:52:02.0563 0xb390  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:52:02.0570 0xb390  mouclass - ok
21:52:02.0574 0xb390  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:52:02.0582 0xb390  mouhid - ok
21:52:02.0589 0xb390  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:52:02.0597 0xb390  mountmgr - ok
21:52:02.0602 0xb390  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:52:02.0611 0xb390  mpio - ok
21:52:02.0615 0xb390  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:52:02.0637 0xb390  mpsdrv - ok
21:52:02.0652 0xb390  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:52:02.0684 0xb390  MpsSvc - ok
21:52:02.0690 0xb390  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:52:02.0699 0xb390  MRxDAV - ok
21:52:02.0705 0xb390  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:52:02.0715 0xb390  mrxsmb - ok
21:52:02.0722 0xb390  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:52:02.0733 0xb390  mrxsmb10 - ok
21:52:02.0737 0xb390  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:52:02.0746 0xb390  mrxsmb20 - ok
21:52:02.0749 0xb390  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:52:02.0756 0xb390  msahci - ok
21:52:02.0761 0xb390  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:52:02.0769 0xb390  msdsm - ok
21:52:02.0774 0xb390  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:52:02.0786 0xb390  MSDTC - ok
21:52:02.0790 0xb390  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:52:02.0812 0xb390  Msfs - ok
21:52:02.0814 0xb390  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:52:02.0835 0xb390  mshidkmdf - ok
21:52:02.0838 0xb390  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:52:02.0845 0xb390  msisadrv - ok
21:52:02.0849 0xb390  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:52:02.0873 0xb390  MSiSCSI - ok
21:52:02.0875 0xb390  msiserver - ok
21:52:02.0878 0xb390  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:52:02.0898 0xb390  MSKSSRV - ok
21:52:02.0901 0xb390  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:52:02.0924 0xb390  MSPCLOCK - ok
21:52:02.0926 0xb390  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:52:02.0948 0xb390  MSPQM - ok
21:52:02.0955 0xb390  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:52:02.0967 0xb390  MsRPC - ok
21:52:02.0971 0xb390  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:52:02.0978 0xb390  mssmbios - ok
21:52:02.0982 0xb390  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:52:03.0005 0xb390  MSTEE - ok
21:52:03.0009 0xb390  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:52:03.0019 0xb390  MTConfig - ok
21:52:03.0022 0xb390  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:52:03.0029 0xb390  Mup - ok
21:52:03.0036 0xb390  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:52:03.0046 0xb390  MyWiFiDHCPDNS - ok
21:52:03.0057 0xb390  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:52:03.0085 0xb390  napagent - ok
21:52:03.0093 0xb390  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:52:03.0109 0xb390  NativeWifiP - ok
21:52:03.0129 0xb390  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:52:03.0149 0xb390  NDIS - ok
21:52:03.0154 0xb390  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:52:03.0176 0xb390  NdisCap - ok
21:52:03.0179 0xb390  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:52:03.0205 0xb390  NdisTapi - ok
21:52:03.0208 0xb390  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:52:03.0231 0xb390  Ndisuio - ok
21:52:03.0237 0xb390  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:52:03.0261 0xb390  NdisWan - ok
21:52:03.0265 0xb390  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:52:03.0287 0xb390  NDProxy - ok
21:52:03.0290 0xb390  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:52:03.0313 0xb390  NetBIOS - ok
21:52:03.0320 0xb390  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:52:03.0345 0xb390  NetBT - ok
21:52:03.0348 0xb390  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
21:52:03.0357 0xb390  Netlogon - ok
21:52:03.0365 0xb390  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:52:03.0393 0xb390  Netman - ok
21:52:03.0403 0xb390  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:52:03.0413 0xb390  NetMsmqActivator - ok
21:52:03.0417 0xb390  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:52:03.0426 0xb390  NetPipeActivator - ok
21:52:03.0436 0xb390  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:52:03.0467 0xb390  netprofm - ok
21:52:03.0471 0xb390  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:52:03.0482 0xb390  NetTcpActivator - ok
21:52:03.0486 0xb390  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:52:03.0497 0xb390  NetTcpPortSharing - ok
21:52:03.0675 0xb390  [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
21:52:03.0858 0xb390  NETwNs64 - ok
21:52:03.0875 0xb390  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:52:03.0882 0xb390  nfrd960 - ok
21:52:03.0888 0xb390  [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
21:52:03.0898 0xb390  NitroDriverReadSpool2 - ok
21:52:03.0906 0xb390  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:52:03.0920 0xb390  NlaSvc - ok
21:52:03.0923 0xb390  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:52:03.0945 0xb390  Npfs - ok
21:52:03.0948 0xb390  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:52:03.0970 0xb390  nsi - ok
21:52:03.0973 0xb390  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:52:03.0996 0xb390  nsiproxy - ok
21:52:04.0025 0xb390  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:52:04.0057 0xb390  Ntfs - ok
21:52:04.0061 0xb390  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:52:04.0084 0xb390  Null - ok
21:52:04.0284 0xb390  [ 23FDD36706F27B9BAECE11E6C1804F00, 999F7C22C1FF24B17BF4767FA701863F3F9D7483AA200A7DE709DE272DA45DC0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:52:04.0488 0xb390  nvlddmkm - ok
21:52:04.0535 0xb390  [ E024300408694566DDF65AB5E004F880, EE3B7863F993952308BFD8E4BB39F4D107BC94C0B97ED2A5BAAB8F4C9A6A67D0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:52:04.0568 0xb390  NvNetworkService - ok
21:52:04.0574 0xb390  [ 98B1C3093E7012691882111DB7978103, 94396175E50ADF087FE06167B9AF676ADB7C6629D5A8736EA7BC4AAD4F88AB47 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
21:52:04.0582 0xb390  nvpciflt - ok
21:52:04.0588 0xb390  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:52:04.0597 0xb390  nvraid - ok
21:52:04.0603 0xb390  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:52:04.0611 0xb390  nvstor - ok
21:52:04.0628 0xb390  [ D80BAD4DF433124BAAF4ED975723B387, 915DD9AF4A87B6C823DA8992BAAED0E06210E712CE8E7F940D2E8B8D345A6113 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:52:04.0648 0xb390  nvsvc - ok
21:52:04.0654 0xb390  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:52:04.0662 0xb390  nv_agp - ok
21:52:04.0665 0xb390  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:52:04.0674 0xb390  ohci1394 - ok
21:52:04.0682 0xb390  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:52:04.0696 0xb390  p2pimsvc - ok
21:52:04.0705 0xb390  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:52:04.0720 0xb390  p2psvc - ok
21:52:04.0724 0xb390  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:52:04.0734 0xb390  Parport - ok
21:52:04.0737 0xb390  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:52:04.0745 0xb390  partmgr - ok
21:52:04.0750 0xb390  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:52:04.0762 0xb390  PcaSvc - ok
21:52:04.0767 0xb390  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:52:04.0777 0xb390  pci - ok
21:52:04.0781 0xb390  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:52:04.0787 0xb390  pciide - ok
21:52:04.0793 0xb390  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:52:04.0802 0xb390  pcmcia - ok
21:52:04.0806 0xb390  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:52:04.0813 0xb390  pcw - ok
21:52:04.0825 0xb390  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:52:04.0842 0xb390  PEAUTH - ok
21:52:04.0868 0xb390  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:52:04.0896 0xb390  PeerDistSvc - ok
21:52:04.0917 0xb390  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:52:04.0925 0xb390  PerfHost - ok
21:52:04.0931 0xb390  [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE          C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
21:52:04.0936 0xb390  PHCORE - ok
21:52:04.0960 0xb390  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:52:05.0002 0xb390  pla - ok
21:52:05.0012 0xb390  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:52:05.0026 0xb390  PlugPlay - ok
21:52:05.0031 0xb390  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:52:05.0038 0xb390  PNRPAutoReg - ok
21:52:05.0046 0xb390  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:52:05.0058 0xb390  PNRPsvc - ok
21:52:05.0069 0xb390  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:52:05.0097 0xb390  PolicyAgent - ok
21:52:05.0102 0xb390  [ 97409FF50403E1E83E3455BEB2E258D3, C16D10CC41820C34E3C9BACB06285E57B7656AA9F6D6D15CD79A19DBAA046771 ] postgresql-x64-9.0 C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
21:52:05.0107 0xb390  postgresql-x64-9.0 - detected UnsignedFile.Multi.Generic ( 1 )
21:52:05.0149 0xb390  postgresql-x64-9.0 ( UnsignedFile.Multi.Generic ) - warning
21:52:05.0149 0xb390  Force sending object to P2P due to detect: postgresql-x64-9.0
21:52:15.0530 0xb390  Object send P2P result: true
21:52:25.0457 0xb390  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
21:52:25.0470 0xb390  Power - ok
21:52:25.0503 0xb390  [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
21:52:25.0540 0xb390  Power Manager DBC Service - ok
21:52:25.0549 0xb390  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:52:25.0576 0xb390  PptpMiniport - ok
21:52:25.0580 0xb390  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:52:25.0590 0xb390  Processor - ok
21:52:25.0597 0xb390  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:52:25.0619 0xb390  ProfSvc - ok
21:52:25.0624 0xb390  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:52:25.0638 0xb390  ProtectedStorage - ok
21:52:25.0642 0xb390  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
21:52:25.0648 0xb390  psadd - ok
21:52:25.0653 0xb390  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:52:25.0679 0xb390  Psched - ok
21:52:25.0685 0xb390  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:52:25.0693 0xb390  PSI_SVC_2 - ok
21:52:25.0730 0xb390  [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc        C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
21:52:25.0772 0xb390  PwmEWSvc - ok
21:52:25.0861 0xb390  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:52:25.0899 0xb390  ql2300 - ok
21:52:25.0906 0xb390  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:52:25.0914 0xb390  ql40xx - ok
21:52:25.0920 0xb390  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:52:25.0936 0xb390  QWAVE - ok
21:52:25.0939 0xb390  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:52:25.0951 0xb390  QWAVEdrv - ok
21:52:25.0953 0xb390  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:52:25.0978 0xb390  RasAcd - ok
21:52:25.0982 0xb390  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:52:26.0003 0xb390  RasAgileVpn - ok
21:52:26.0008 0xb390  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:52:26.0033 0xb390  RasAuto - ok
21:52:26.0037 0xb390  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:52:26.0062 0xb390  Rasl2tp - ok
21:52:26.0070 0xb390  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:52:26.0097 0xb390  RasMan - ok
21:52:26.0102 0xb390  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:52:26.0130 0xb390  RasPppoe - ok
21:52:26.0134 0xb390  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:52:26.0157 0xb390  RasSstp - ok
21:52:26.0165 0xb390  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:52:26.0192 0xb390  rdbss - ok
21:52:26.0195 0xb390  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:52:26.0208 0xb390  rdpbus - ok
21:52:26.0211 0xb390  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:52:26.0243 0xb390  RDPCDD - ok
21:52:26.0250 0xb390  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:52:26.0262 0xb390  RDPDR - ok
21:52:26.0266 0xb390  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:52:26.0295 0xb390  RDPENCDD - ok
21:52:26.0299 0xb390  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:52:26.0322 0xb390  RDPREFMP - ok
21:52:26.0328 0xb390  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:52:26.0342 0xb390  RDPWD - ok
21:52:26.0349 0xb390  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:52:26.0358 0xb390  rdyboost - ok
21:52:26.0366 0xb390  [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:52:26.0376 0xb390  RegSrvc - ok
21:52:26.0380 0xb390  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:52:26.0406 0xb390  RemoteAccess - ok
21:52:26.0412 0xb390  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:52:26.0437 0xb390  RemoteRegistry - ok
21:52:26.0442 0xb390  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:52:26.0453 0xb390  RFCOMM - ok
21:52:26.0458 0xb390  [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc          C:\Windows\system32\DRIVERS\risdxc64.sys
21:52:26.0466 0xb390  risdxc - ok
21:52:26.0469 0xb390  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:52:26.0491 0xb390  RpcEptMapper - ok
21:52:26.0494 0xb390  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:52:26.0503 0xb390  RpcLocator - ok
21:52:26.0513 0xb390  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:52:26.0542 0xb390  RpcSs - ok
21:52:26.0546 0xb390  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:52:26.0568 0xb390  rspndr - ok
21:52:26.0570 0xb390  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:52:26.0578 0xb390  s3cap - ok
21:52:26.0581 0xb390  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
21:52:26.0588 0xb390  SamSs - ok
21:52:26.0592 0xb390  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:52:26.0601 0xb390  sbp2port - ok
21:52:26.0607 0xb390  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:52:26.0632 0xb390  SCardSvr - ok
21:52:26.0635 0xb390  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:52:26.0656 0xb390  scfilter - ok
21:52:26.0674 0xb390  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:52:26.0712 0xb390  Schedule - ok
21:52:26.0718 0xb390  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:52:26.0739 0xb390  SCPolicySvc - ok
21:52:26.0744 0xb390  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:52:26.0756 0xb390  SDRSVC - ok
21:52:26.0759 0xb390  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:52:26.0780 0xb390  secdrv - ok
21:52:26.0784 0xb390  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:52:26.0806 0xb390  seclogon - ok
21:52:26.0809 0xb390  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:52:26.0839 0xb390  SENS - ok
21:52:26.0842 0xb390  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:52:26.0851 0xb390  SensrSvc - ok
21:52:26.0856 0xb390  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:52:26.0864 0xb390  Serenum - ok
21:52:26.0870 0xb390  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:52:26.0879 0xb390  Serial - ok
21:52:26.0883 0xb390  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:52:26.0894 0xb390  sermouse - ok
21:52:26.0903 0xb390  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:52:26.0930 0xb390  SessionEnv - ok
21:52:26.0933 0xb390  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:52:26.0941 0xb390  sffdisk - ok
21:52:26.0944 0xb390  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:52:26.0953 0xb390  sffp_mmc - ok
21:52:26.0955 0xb390  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:52:26.0964 0xb390  sffp_sd - ok
21:52:26.0966 0xb390  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:52:26.0974 0xb390  sfloppy - ok
21:52:26.0981 0xb390  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:52:27.0007 0xb390  SharedAccess - ok
21:52:27.0015 0xb390  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:52:27.0041 0xb390  ShellHWDetection - ok
21:52:27.0045 0xb390  [ 7AC6FBFC13ABA3F15B05986412D10E10, B93E0E18C9883BAE7238389B8E2E3D66CB925BD62B293625FF8B6C3AF4501EC8 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys
21:52:27.0053 0xb390  Shockprf - ok
21:52:27.0056 0xb390  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:52:27.0063 0xb390  SiSRaid2 - ok
21:52:27.0066 0xb390  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:52:27.0074 0xb390  SiSRaid4 - ok
21:52:27.0078 0xb390  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:52:27.0099 0xb390  Smb - ok
21:52:27.0101 0xb390  smihlp2 - ok
21:52:27.0106 0xb390  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:52:27.0114 0xb390  SNMPTRAP - ok
21:52:27.0117 0xb390  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:52:27.0123 0xb390  spldr - ok
21:52:27.0134 0xb390  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:52:27.0150 0xb390  Spooler - ok
21:52:27.0204 0xb390  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:52:27.0277 0xb390  sppsvc - ok
21:52:27.0284 0xb390  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:52:27.0308 0xb390  sppuinotify - ok
21:52:27.0317 0xb390  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:52:27.0331 0xb390  srv - ok
21:52:27.0340 0xb390  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:52:27.0353 0xb390  srv2 - ok
21:52:27.0358 0xb390  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:52:27.0367 0xb390  srvnet - ok
21:52:27.0372 0xb390  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:52:27.0396 0xb390  SSDPSRV - ok
21:52:27.0400 0xb390  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:52:27.0422 0xb390  SstpSvc - ok
21:52:27.0425 0xb390  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:52:27.0431 0xb390  stexstor - ok
21:52:27.0442 0xb390  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:52:27.0461 0xb390  stisvc - ok
21:52:27.0465 0xb390  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:52:27.0471 0xb390  storflt - ok
21:52:27.0474 0xb390  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:52:27.0482 0xb390  StorSvc - ok
21:52:27.0485 0xb390  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:52:27.0491 0xb390  storvsc - ok
21:52:27.0495 0xb390  [ 1DF68711507D486946FCB58BDE5FE2FF, 2B89E4939466BA3F5715E6831675F3456533D6E45A12D6C13210BAC29AF9A844 ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:52:27.0501 0xb390  SUService - ok
21:52:27.0504 0xb390  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:52:27.0511 0xb390  swenum - ok
21:52:27.0521 0xb390  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:52:27.0549 0xb390  swprv - ok
21:52:27.0558 0xb390  [ 883D2880144FD3ED9F1C04B5B5B9B562, 17C582DE9E614F3AFF76ED808358E1006A5AAFEDAE155F6FB527A1AEE3AFF3EF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:52:27.0569 0xb390  SynTP - ok
21:52:27.0599 0xb390  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:52:27.0635 0xb390  SysMain - ok
21:52:27.0640 0xb390  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:52:27.0653 0xb390  TabletInputService - ok
21:52:27.0660 0xb390  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:52:27.0684 0xb390  TapiSrv - ok
21:52:27.0688 0xb390  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:52:27.0709 0xb390  TBS - ok
21:52:27.0740 0xb390  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:52:27.0774 0xb390  Tcpip - ok
21:52:27.0810 0xb390  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:52:27.0845 0xb390  TCPIP6 - ok
21:52:27.0852 0xb390  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:52:27.0859 0xb390  tcpipreg - ok
21:52:27.0863 0xb390  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:52:27.0871 0xb390  TDPIPE - ok
21:52:27.0873 0xb390  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:52:27.0881 0xb390  TDTCP - ok
21:52:27.0885 0xb390  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:52:27.0894 0xb390  tdx - ok
21:52:27.0897 0xb390  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:52:27.0904 0xb390  TermDD - ok
21:52:27.0917 0xb390  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:52:27.0935 0xb390  TermService - ok
21:52:27.0938 0xb390  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:52:27.0949 0xb390  Themes - ok
21:52:27.0953 0xb390  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:52:27.0974 0xb390  THREADORDER - ok
21:52:27.0977 0xb390  [ BC148E3415BF8A9DE83364966F75044F, 0F4604753E8202A7CA0F0C2E08983911327E0E44E453CE91B9B9A80A5554EC16 ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys
21:52:27.0983 0xb390  TPDIGIMN - ok
21:52:27.0986 0xb390  [ BBD91008BEC4A2BA5D383BC9A15D6F9E, 6A61E05F2189CB586440E0D5CB0126282459EAE9F29C9DD2D6E4583D230BF29E ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe
21:52:27.0993 0xb390  TPHDEXLGSVC - ok
21:52:27.0997 0xb390  [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
21:52:28.0004 0xb390  TPHKLOAD - ok
21:52:28.0008 0xb390  [ 046A7B412E4E6C4A7B426441E143F0F2, 8E42A888087A4DE20828652049D54955806986422C6A67C7A42499A0FB1CA1E2 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
21:52:28.0015 0xb390  TPHKSVC - ok
21:52:28.0018 0xb390  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:52:28.0026 0xb390  TPM - ok
21:52:28.0029 0xb390  [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
21:52:28.0034 0xb390  TPPWRIF - ok
21:52:28.0038 0xb390  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:52:28.0062 0xb390  TrkWks - ok
21:52:28.0071 0xb390  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:52:28.0094 0xb390  TrustedInstaller - ok
21:52:28.0098 0xb390  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:52:28.0106 0xb390  tssecsrv - ok
21:52:28.0109 0xb390  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:52:28.0117 0xb390  TsUsbFlt - ok
21:52:28.0120 0xb390  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:52:28.0127 0xb390  TsUsbGD - ok
21:52:28.0131 0xb390  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:52:28.0152 0xb390  tunnel - ok
21:52:28.0155 0xb390  [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C          C:\Windows\system32\DRIVERS\Tvti2c.sys
21:52:28.0160 0xb390  TVTI2C - ok
21:52:28.0163 0xb390  [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd        C:\Windows\system32\DRIVERS\tvtvcamd.sys
21:52:28.0169 0xb390  tvtvcamd - ok
21:52:28.0172 0xb390  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:52:28.0179 0xb390  uagp35 - ok
21:52:28.0187 0xb390  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:52:28.0212 0xb390  udfs - ok
21:52:28.0217 0xb390  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:52:28.0225 0xb390  UI0Detect - ok
21:52:28.0229 0xb390  [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
21:52:28.0233 0xb390  UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
21:52:28.0233 0xb390  Detect skipped due to KSN trusted
21:52:28.0233 0xb390  UleadBurningHelper - ok
21:52:28.0236 0xb390  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:52:28.0243 0xb390  uliagpkx - ok
21:52:28.0246 0xb390  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:52:28.0254 0xb390  umbus - ok
21:52:28.0257 0xb390  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:52:28.0265 0xb390  UmPass - ok
21:52:28.0270 0xb390  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:52:28.0281 0xb390  UmRdpService - ok
21:52:28.0289 0xb390  [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:52:28.0299 0xb390  UNS - ok
21:52:28.0307 0xb390  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:52:28.0333 0xb390  upnphost - ok
21:52:28.0337 0xb390  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:52:28.0346 0xb390  usbaudio - ok
21:52:28.0350 0xb390  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:52:28.0359 0xb390  usbccgp - ok
21:52:28.0363 0xb390  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:52:28.0372 0xb390  usbcir - ok
21:52:28.0375 0xb390  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:52:28.0382 0xb390  usbehci - ok
21:52:28.0390 0xb390  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:52:28.0401 0xb390  usbhub - ok
21:52:28.0404 0xb390  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:52:28.0412 0xb390  usbohci - ok
21:52:28.0415 0xb390  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:52:28.0424 0xb390  usbprint - ok
21:52:28.0427 0xb390  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:52:28.0436 0xb390  USBSTOR - ok
21:52:28.0438 0xb390  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:52:28.0446 0xb390  usbuhci - ok
21:52:28.0450 0xb390  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:52:28.0460 0xb390  usbvideo - ok
21:52:28.0463 0xb390  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:52:28.0485 0xb390  UxSms - ok
21:52:28.0487 0xb390  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
21:52:28.0495 0xb390  VaultSvc - ok
21:52:28.0498 0xb390  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:52:28.0505 0xb390  vdrvroot - ok
21:52:28.0516 0xb390  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:52:28.0544 0xb390  vds - ok
21:52:28.0547 0xb390  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:52:28.0556 0xb390  vga - ok
21:52:28.0559 0xb390  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:52:28.0580 0xb390  VgaSave - ok
21:52:28.0585 0xb390  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:52:28.0595 0xb390  vhdmp - ok
21:52:28.0597 0xb390  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:52:28.0604 0xb390  viaide - ok
21:52:28.0607 0xb390  [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService   C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
21:52:28.0614 0xb390  VIPAppService - ok
21:52:28.0619 0xb390  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:52:28.0628 0xb390  vmbus - ok
21:52:28.0631 0xb390  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:52:28.0638 0xb390  VMBusHID - ok
21:52:28.0641 0xb390  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:52:28.0648 0xb390  volmgr - ok
21:52:28.0656 0xb390  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:52:28.0667 0xb390  volmgrx - ok
21:52:28.0674 0xb390  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:52:28.0684 0xb390  volsnap - ok
21:52:28.0689 0xb390  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:52:28.0697 0xb390  vsmraid - ok
21:52:28.0724 0xb390  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:52:28.0768 0xb390  VSS - ok
21:52:28.0772 0xb390  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:52:28.0782 0xb390  vwifibus - ok
21:52:28.0785 0xb390  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:52:28.0796 0xb390  vwififlt - ok
21:52:28.0799 0xb390  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:52:28.0809 0xb390  vwifimp - ok
21:52:28.0817 0xb390  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:52:28.0844 0xb390  W32Time - ok
21:52:28.0848 0xb390  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:52:28.0855 0xb390  WacomPen - ok
21:52:28.0859 0xb390  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:52:28.0879 0xb390  WANARP - ok
21:52:28.0883 0xb390  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:52:28.0903 0xb390  Wanarpv6 - ok
21:52:28.0925 0xb390  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:52:28.0949 0xb390  WatAdminSvc - ok
21:52:28.0975 0xb390  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:52:29.0005 0xb390  wbengine - ok
21:52:29.0012 0xb390  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:52:29.0026 0xb390  WbioSrvc - ok
21:52:29.0033 0xb390  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:52:29.0050 0xb390  wcncsvc - ok
21:52:29.0053 0xb390  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:52:29.0062 0xb390  WcsPlugInService - ok
21:52:29.0064 0xb390  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:52:29.0071 0xb390  Wd - ok
21:52:29.0085 0xb390  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:52:29.0103 0xb390  Wdf01000 - ok
21:52:29.0108 0xb390  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:52:29.0117 0xb390  WdiServiceHost - ok
21:52:29.0120 0xb390  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:52:29.0129 0xb390  WdiSystemHost - ok
21:52:29.0135 0xb390  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:52:29.0147 0xb390  WebClient - ok
21:52:29.0154 0xb390  [ 507D80C0ACCC3B4FC123BD99D0AF3F97, 09AF6BBAFEA01B0A108C2EFE019F3D8ACA89C2C9D2DEB5F7E83F4E9971BAD338 ] WebUpdate4      C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
21:52:29.0162 0xb390  WebUpdate4 - ok
21:52:29.0168 0xb390  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:52:29.0193 0xb390  Wecsvc - ok
21:52:29.0198 0xb390  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:52:29.0221 0xb390  wercplsupport - ok
21:52:29.0225 0xb390  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:52:29.0247 0xb390  WerSvc - ok
21:52:29.0250 0xb390  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:52:29.0271 0xb390  WfpLwf - ok
21:52:29.0274 0xb390  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:52:29.0280 0xb390  WIMMount - ok
21:52:29.0282 0xb390  WinDefend - ok
21:52:29.0286 0xb390  WinHttpAutoProxySvc - ok
21:52:29.0294 0xb390  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:52:29.0318 0xb390  Winmgmt - ok
21:52:29.0352 0xb390  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
21:52:29.0391 0xb390  WinRM - ok
21:52:29.0398 0xb390  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
21:52:29.0407 0xb390  WinUsb - ok
21:52:29.0423 0xb390  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:52:29.0447 0xb390  Wlansvc - ok
21:52:29.0452 0xb390  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:52:29.0458 0xb390  wlcrasvc - ok
21:52:29.0494 0xb390  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:52:29.0533 0xb390  wlidsvc - ok
21:52:29.0538 0xb390  WMCoreService - ok
21:52:29.0541 0xb390  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:52:29.0548 0xb390  WmiAcpi - ok
21:52:29.0555 0xb390  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:52:29.0565 0xb390  wmiApSrv - ok
21:52:29.0567 0xb390  WMPNetworkSvc - ok
21:52:29.0570 0xb390  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:52:29.0578 0xb390  WPCSvc - ok
21:52:29.0582 0xb390  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:52:29.0595 0xb390  WPDBusEnum - ok
21:52:29.0598 0xb390  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:52:29.0618 0xb390  ws2ifsl - ok
21:52:29.0622 0xb390  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:52:29.0634 0xb390  wscsvc - ok
21:52:29.0636 0xb390  WSearch - ok
21:52:29.0676 0xb390  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:52:29.0720 0xb390  wuauserv - ok
21:52:29.0727 0xb390  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:52:29.0736 0xb390  WudfPf - ok
21:52:29.0741 0xb390  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:52:29.0751 0xb390  WUDFRd - ok
21:52:29.0754 0xb390  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:52:29.0764 0xb390  wudfsvc - ok
21:52:29.0769 0xb390  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:52:29.0781 0xb390  WwanSvc - ok
21:52:29.0791 0xb390  [ 747DA6EE261B3760201D7738E0FD59B8, B32F8CB8F112FA1C067AEE1615882C6FAFAB671347A44E37C4B476DF3DC7B430 ] WwanUsbServ     C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
21:52:29.0800 0xb390  WwanUsbServ - ok
21:52:29.0843 0xb390  [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:52:29.0887 0xb390  ZeroConfigService - ok
21:52:29.0898 0xb390  ================ Scan global ===============================
21:52:29.0900 0xb390  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:52:29.0906 0xb390  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:52:29.0914 0xb390  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:52:29.0919 0xb390  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:52:29.0927 0xb390  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:52:29.0932 0xb390  [ Global ] - ok
21:52:29.0932 0xb390  ================ Scan MBR ==================================
21:52:29.0934 0xb390  [ 705D35B546D81DCED3CD1F931CCB07ED ] \Device\Harddisk0\DR0
21:52:30.0029 0xb390  \Device\Harddisk0\DR0 - ok
21:52:30.0034 0xb390  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
21:52:30.0386 0xb390  \Device\Harddisk1\DR2 - ok
21:52:30.0387 0xb390  ================ Scan VBR ==================================
21:52:30.0392 0xb390  [ B5B43437C04F6EEF589300D433D64A87 ] \Device\Harddisk0\DR0\Partition1
21:52:30.0394 0xb390  \Device\Harddisk0\DR0\Partition1 - ok
21:52:30.0397 0xb390  [ DD96E4E79F20B2BADBE7FD27252456D5 ] \Device\Harddisk0\DR0\Partition2
21:52:30.0399 0xb390  \Device\Harddisk0\DR0\Partition2 - ok
21:52:30.0403 0xb390  [ 19191C7AA2D63FA6431A219C069E77B0 ] \Device\Harddisk0\DR0\Partition3
21:52:30.0405 0xb390  \Device\Harddisk0\DR0\Partition3 - ok
21:52:30.0408 0xb390  [ F1192BD8A99063C5E8D01E8850DEF1EA ] \Device\Harddisk1\DR2\Partition1
21:52:30.0412 0xb390  \Device\Harddisk1\DR2\Partition1 - ok
21:52:30.0412 0xb390  ================ Scan generic autorun ======================
21:52:30.0412 0xb390  SynTPEnh - ok
21:52:30.0423 0xb390  [ CA169D8C33B5C7D38F146146D635BB5A, 0F7C021BD92ECFF8FEE5D1D1F5920E85B53C1DE7874F21CEBCF9E9F2BD0590BF ] C:\Windows\system32\TpShocks.exe
21:52:30.0440 0xb390  TpShocks - ok
21:52:30.0449 0xb390  [ 98D545CE59F64C2C4D005A4A61BB0835, 22EEE378BF46A12E910429DECA5D68E38319A6BC20FEF3E2D7BC450D9141658A ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
21:52:30.0462 0xb390  LENOVO.TPKNRRES - ok
21:52:30.0466 0xb390  [ 3D0AA1C5F67BAC9ED036FB6C815562C6, 6563601CAFA7BC11DD6FD666195C0DA58E646D685C6F5063081086C96F8A9F43 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
21:52:30.0474 0xb390  AcWin7Hlpr - ok
21:52:30.0483 0xb390  [ A56AC97C6C72141B334763CD3C77C76F, 57BB0DAC3463A0CEAB74052EC04EA1B6F3F757DFBCA00143C34360EC6BC69A06 ] C:\Program Files\Greenshot\Greenshot.exe
21:52:30.0493 0xb390  Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
21:52:30.0493 0xb390  Detect skipped due to KSN trusted
21:52:30.0493 0xb390  Greenshot - ok
21:52:30.0497 0xb390  [ 2C8518B622C6429480507F24C21B6223, BA2FF253A3F6C53F4C24903DF406FFB37121792A49E29A5A58E753E62321C312 ] C:\Windows\system32\igfxtray.exe
21:52:30.0505 0xb390  IgfxTray - ok
21:52:30.0513 0xb390  [ 2700358647B5F0253756BF41564586E1, 859ECC17AAADCDAB6ED96FEC372522B69C44C50B7781F29B2B0EAAF13FD0C803 ] C:\Windows\system32\hkcmd.exe
21:52:30.0524 0xb390  HotKeysCmds - ok
21:52:30.0532 0xb390  [ 8D42A43CE49736478BF6FCE9DD3383CB, 7D1A7D4CAF468815BD8BFD324E60956F8A7B12E9714A0064742F403474C03E44 ] C:\Windows\system32\igfxpers.exe
21:52:30.0544 0xb390  Persistence - ok
21:52:30.0804 0xb390  [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:52:31.0052 0xb390  RTHDVCPL - ok
21:52:31.0090 0xb390  [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:52:31.0126 0xb390  RtHDVBg_Dolby - ok
21:52:31.0181 0xb390  [ C08AF3D7162084119A3089D40240E592, B68F51E176A1193496108E60999C96656A166B7868A6C403B329AA2DBA3EAFD2 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:52:31.0236 0xb390  NvBackend - ok
21:52:31.0241 0xb390  [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
21:52:31.0246 0xb390  RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
21:52:31.0246 0xb390  Detect skipped due to KSN trusted
21:52:31.0246 0xb390  RotateImage - ok
21:52:31.0254 0xb390  [ 6BA8D86746935498D64CB5CF6286F2EB, E47D1DEE39451428344233DB15412BCB486C4F6FE1D0426F20AA4C6245387926 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:52:31.0266 0xb390  USB3MON - ok
21:52:31.0270 0xb390  [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:52:31.0281 0xb390  IMSS - ok
21:52:31.0282 0xb390  PWMTRV - ok
21:52:31.0301 0xb390  [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:52:31.0324 0xb390  Adobe ARM - ok
21:52:31.0330 0xb390  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe

fatalerror · 22.03.2015, 12:58

Code:

ATTFilter

21:52:31.0339 0xb390  Intel AppUp(SM) center - ok
21:52:31.0406 0xb390  [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
21:52:31.0486 0xb390  Lenovo Registration - ok
21:52:31.0503 0xb390  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:52:31.0518 0xb390  avgnt - ok
21:52:31.0523 0xb390  [ 0360ACCC97132C5051189C9D9370309E, 113CE9B2B7FE1E0C6A0937E05E157BC98C7142F01E1D1EAA2A905A8D6B8E967D ] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
21:52:31.0530 0xb390  MobileAccess - ok
21:52:31.0540 0xb390  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
21:52:31.0553 0xb390  Dolby Home Theater v4 - ok
21:52:31.0573 0xb390  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:52:31.0604 0xb390  Sidebar - ok
21:52:31.0608 0xb390  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:52:31.0625 0xb390  mctadmin - ok
21:52:31.0644 0xb390  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:52:31.0672 0xb390  Sidebar - ok
21:52:31.0677 0xb390  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:52:31.0690 0xb390  mctadmin - ok
21:52:31.0692 0xb390  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:52:31.0700 0xb390  swg - ok
21:52:31.0721 0xb390  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:52:31.0747 0xb390  Sidebar - ok
21:52:31.0751 0xb390  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:52:31.0758 0xb390  swg - ok
21:52:31.0762 0xb390  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:52:31.0776 0xb390  mctadmin - ok
21:52:31.0776 0xb390  Lenovo.ShowBand - ok
21:52:31.0783 0xb390  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41000 ( enabled : updated )
21:52:31.0785 0xb390  Win FW state via NFP2: enabled
21:52:41.0732 0xb390  ============================================================
21:52:41.0732 0xb390  Scan finished
21:52:41.0732 0xb390  ============================================================
21:52:41.0743 0x2b4c  Detected object count: 1
21:52:41.0743 0x2b4c  Actual detected object count: 1
21:53:06.0585 0x2b4c  postgresql-x64-9.0 ( UnsignedFile.Multi.Generic ) - skipped by user
21:53:06.0585 0x2b4c  postgresql-x64-9.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:23.0267 0xb184  ============================================================
21:54:23.0267 0xb184  Scan started
21:54:23.0267 0xb184  Mode: Manual; SigCheck; TDLFS; 
21:54:23.0267 0xb184  ============================================================
21:54:23.0267 0xb184  KSN ping started
21:54:33.0045 0xb184  KSN ping finished: true
21:54:33.0285 0xb184  ================ Scan system memory ========================
21:54:33.0285 0xb184  System memory - ok
21:54:33.0285 0xb184  ================ Scan services =============================
21:54:33.0317 0xb184  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:54:33.0335 0xb184  1394ohci - ok
21:54:33.0341 0xb184  [ 1F305C858E7B5E537C9B783D46243A7A, 0DA7B31949C48FB42DBF61EC71ACCFD1CEB3B6135DC3FA0FEC4A9DE25A1405BA ] 5U877           C:\Windows\system32\DRIVERS\5U877.sys
21:54:33.0352 0xb184  5U877 - ok
21:54:33.0360 0xb184  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:54:33.0371 0xb184  ACPI - ok
21:54:33.0374 0xb184  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:54:33.0384 0xb184  AcpiPmi - ok
21:54:33.0393 0xb184  [ 2540FC407E5CCBEEB981755A3B6AFF58, 352520A8E601DEEE45928918216D86775C33E21144F09B807C3E459434062088 ] AcPrfMgrSvc     C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
21:54:33.0401 0xb184  AcPrfMgrSvc - ok
21:54:33.0407 0xb184  [ 5463D786E083B8D50CF44FFF0926CECA, DC9F9D1618B9E604B3AA8685A929B36CEE7847238D4D64B2E0A1B0E4FDC0F3A2 ] AcSvc           C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
21:54:33.0417 0xb184  AcSvc - ok
21:54:33.0421 0xb184  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:33.0428 0xb184  AdobeARMservice - ok
21:54:33.0438 0xb184  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:54:33.0452 0xb184  adp94xx - ok
21:54:33.0459 0xb184  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:54:33.0470 0xb184  adpahci - ok
21:54:33.0477 0xb184  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:54:33.0486 0xb184  adpu320 - ok
21:54:33.0491 0xb184  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:54:33.0513 0xb184  AeLookupSvc - ok
21:54:33.0523 0xb184  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:54:33.0539 0xb184  AFD - ok
21:54:33.0543 0xb184  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:54:33.0550 0xb184  agp440 - ok
21:54:33.0555 0xb184  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:54:33.0565 0xb184  ALG - ok
21:54:33.0568 0xb184  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:54:33.0575 0xb184  aliide - ok
21:54:33.0578 0xb184  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:54:33.0584 0xb184  amdide - ok
21:54:33.0588 0xb184  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:54:33.0597 0xb184  AmdK8 - ok
21:54:33.0600 0xb184  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:54:33.0609 0xb184  AmdPPM - ok
21:54:33.0614 0xb184  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:54:33.0622 0xb184  amdsata - ok
21:54:33.0627 0xb184  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:54:33.0636 0xb184  amdsbs - ok
21:54:33.0639 0xb184  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:54:33.0646 0xb184  amdxata - ok
21:54:33.0659 0xb184  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:54:33.0671 0xb184  AntiVirSchedulerService - ok
21:54:33.0680 0xb184  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:54:33.0691 0xb184  AntiVirService - ok
21:54:33.0695 0xb184  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
21:54:33.0704 0xb184  AppID - ok
21:54:33.0707 0xb184  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:54:33.0716 0xb184  AppIDSvc - ok
21:54:33.0719 0xb184  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:54:33.0729 0xb184  Appinfo - ok
21:54:33.0734 0xb184  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:54:33.0745 0xb184  AppMgmt - ok
21:54:33.0749 0xb184  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:54:33.0757 0xb184  arc - ok
21:54:33.0760 0xb184  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:54:33.0769 0xb184  arcsas - ok
21:54:33.0779 0xb184  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:54:33.0788 0xb184  aspnet_state - ok
21:54:33.0791 0xb184  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:54:33.0813 0xb184  AsyncMac - ok
21:54:33.0816 0xb184  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:54:33.0823 0xb184  atapi - ok
21:54:33.0836 0xb184  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:54:33.0854 0xb184  AudioEndpointBuilder - ok
21:54:33.0867 0xb184  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:54:33.0885 0xb184  AudioSrv - ok
21:54:33.0889 0xb184  [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:54:33.0898 0xb184  avgntflt - ok
21:54:33.0902 0xb184  [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:54:33.0911 0xb184  avipbb - ok
21:54:33.0915 0xb184  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:54:33.0922 0xb184  avkmgr - ok
21:54:33.0926 0xb184  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:54:33.0939 0xb184  AxInstSV - ok
21:54:33.0949 0xb184  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:54:33.0963 0xb184  b06bdrv - ok
21:54:33.0969 0xb184  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:54:33.0982 0xb184  b57nd60a - ok
21:54:33.0988 0xb184  [ F01759FA97126CC69DFA85CEDA0717A1, 5B23B61562349D13311B7FCF783BDC9439698DACA5724B83B3568121497C7FC8 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
21:54:33.0996 0xb184  bcbtums - ok
21:54:33.0999 0xb184  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:54:34.0009 0xb184  BDESVC - ok
21:54:34.0011 0xb184  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:54:34.0040 0xb184  Beep - ok
21:54:34.0053 0xb184  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:54:34.0072 0xb184  BFE - ok
21:54:34.0087 0xb184  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:54:34.0121 0xb184  BITS - ok
21:54:34.0125 0xb184  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:54:34.0134 0xb184  blbdrive - ok
21:54:34.0138 0xb184  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:54:34.0147 0xb184  bowser - ok
21:54:34.0150 0xb184  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:54:34.0160 0xb184  BrFiltLo - ok
21:54:34.0163 0xb184  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:54:34.0173 0xb184  BrFiltUp - ok
21:54:34.0177 0xb184  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:54:34.0187 0xb184  Browser - ok
21:54:34.0194 0xb184  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:54:34.0206 0xb184  Brserid - ok
21:54:34.0210 0xb184  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:54:34.0220 0xb184  BrSerWdm - ok
21:54:34.0223 0xb184  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:54:34.0233 0xb184  BrUsbMdm - ok
21:54:34.0235 0xb184  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:54:34.0244 0xb184  BrUsbSer - ok
21:54:34.0247 0xb184  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:54:34.0256 0xb184  BthEnum - ok
21:54:34.0260 0xb184  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:54:34.0270 0xb184  BTHMODEM - ok
21:54:34.0274 0xb184  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:54:34.0286 0xb184  BthPan - ok
21:54:34.0297 0xb184  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:54:34.0313 0xb184  BTHPORT - ok
21:54:34.0317 0xb184  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:54:34.0340 0xb184  bthserv - ok
21:54:34.0343 0xb184  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:54:34.0352 0xb184  BTHUSB - ok
21:54:34.0364 0xb184  [ 3AFF6DC496B8A8D12C867E3FC7C86FAC, 72541F7F9AF6278B8F19F2DBCCADC4FF47171866E04FB5A1010D9AFDF69F7D11 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
21:54:34.0378 0xb184  btwampfl - ok
21:54:34.0383 0xb184  [ 336BBA0909B3636AB7D06A71D7B1C0DC, 3BC7593272101C340681A9909F9215580F8942DA54E9B251E3AC35B8D39D9B89 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
21:54:34.0392 0xb184  btwaudio - ok
21:54:34.0397 0xb184  [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
21:54:34.0406 0xb184  btwavdt - ok
21:54:34.0425 0xb184  [ 26A80D7ACA49E03A403806418B5FED46, 52539FC9F5796002FD66393C759393717E3E242392B2E9039AD12B6D973B78BD ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
21:54:34.0444 0xb184  btwdins - ok
21:54:34.0448 0xb184  [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
21:54:34.0454 0xb184  btwl2cap - ok
21:54:34.0457 0xb184  [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
21:54:34.0463 0xb184  btwrchid - ok
21:54:34.0467 0xb184  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:54:34.0490 0xb184  cdfs - ok
21:54:34.0494 0xb184  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:54:34.0504 0xb184  cdrom - ok
21:54:34.0508 0xb184  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:54:34.0530 0xb184  CertPropSvc - ok
21:54:34.0533 0xb184  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:54:34.0544 0xb184  circlass - ok
21:54:34.0552 0xb184  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:54:34.0564 0xb184  CLFS - ok
21:54:34.0569 0xb184  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:34.0576 0xb184  clr_optimization_v2.0.50727_32 - ok
21:54:34.0582 0xb184  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:34.0590 0xb184  clr_optimization_v2.0.50727_64 - ok
21:54:34.0598 0xb184  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:34.0607 0xb184  clr_optimization_v4.0.30319_32 - ok
21:54:34.0611 0xb184  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:34.0620 0xb184  clr_optimization_v4.0.30319_64 - ok
21:54:34.0623 0xb184  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:54:34.0631 0xb184  CmBatt - ok
21:54:34.0634 0xb184  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:54:34.0641 0xb184  cmdide - ok
21:54:34.0650 0xb184  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
21:54:34.0666 0xb184  CNG - ok
21:54:34.0669 0xb184  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:54:34.0676 0xb184  Compbatt - ok
21:54:34.0679 0xb184  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:54:34.0690 0xb184  CompositeBus - ok
21:54:34.0692 0xb184  COMSysApp - ok
21:54:34.0715 0xb184  [ EB726E02074FDC44EBE97E01A2660AA6, D4C64BF00D71BB7A3DB429EF8B648056067A3FE857F72DD9CE4944A1359BE05D ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:54:34.0725 0xb184  cphs - ok
21:54:34.0728 0xb184  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:54:34.0735 0xb184  crcdisk - ok
21:54:34.0741 0xb184  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:54:34.0753 0xb184  CryptSvc - ok
21:54:34.0763 0xb184  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:54:34.0779 0xb184  CSC - ok
21:54:34.0792 0xb184  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:54:34.0810 0xb184  CscService - ok
21:54:34.0823 0xb184  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:54:34.0853 0xb184  DcomLaunch - ok
21:54:34.0861 0xb184  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:54:34.0889 0xb184  defragsvc - ok
21:54:34.0894 0xb184  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:54:34.0918 0xb184  DfsC - ok
21:54:34.0929 0xb184  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:54:34.0944 0xb184  Dhcp - ok
21:54:34.0947 0xb184  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:54:34.0973 0xb184  discache - ok
21:54:34.0977 0xb184  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:54:34.0987 0xb184  Disk - ok
21:54:34.0991 0xb184  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:54:35.0002 0xb184  dmvsc - ok
21:54:35.0008 0xb184  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:54:35.0020 0xb184  Dnscache - ok
21:54:35.0027 0xb184  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:54:35.0055 0xb184  dot3svc - ok
21:54:35.0064 0xb184  [ 9597BCB69286FF017DB1A0FB8144408D, B477E4E7C3B49A77075B3165079E29FF1908C81E2BCCB930B47DCCF7DA5C417C ] DozeSvc         C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
21:54:35.0074 0xb184  DozeSvc - ok
21:54:35.0079 0xb184  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:54:35.0102 0xb184  DPS - ok
21:54:35.0105 0xb184  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:54:35.0113 0xb184  drmkaud - ok
21:54:35.0129 0xb184  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:54:35.0150 0xb184  DXGKrnl - ok
21:54:35.0154 0xb184  [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64         C:\Windows\system32\DRIVERS\DzHDD64.sys
21:54:35.0161 0xb184  DzHDD64 - ok
21:54:35.0169 0xb184  [ 03F4C5C12FC1C69F838DA723475EF650, 7D80623ED1060F904AF85B87620DF8DC153504FABC0E447C1D3A07D0372D7B9F ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
21:54:35.0180 0xb184  e1cexpress - ok
21:54:35.0184 0xb184  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:54:35.0207 0xb184  EapHost - ok
21:54:35.0259 0xb184  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:54:35.0316 0xb184  ebdrv - ok
21:54:35.0323 0xb184  [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis       C:\Windows\system32\Drivers\wwuss64.sys
21:54:35.0330 0xb184  ecnssndis - ok
21:54:35.0333 0xb184  [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr   C:\Windows\system32\Drivers\wwussf64.sys
21:54:35.0339 0xb184  ecnssndisfltr - ok
21:54:35.0342 0xb184  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
21:54:35.0352 0xb184  EFS - ok
21:54:35.0365 0xb184  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:54:35.0384 0xb184  ehRecvr - ok
21:54:35.0388 0xb184  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:54:35.0399 0xb184  ehSched - ok
21:54:35.0410 0xb184  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:54:35.0424 0xb184  elxstor - ok
21:54:35.0427 0xb184  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:54:35.0435 0xb184  ErrDev - ok
21:54:35.0446 0xb184  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:54:35.0473 0xb184  EventSystem - ok
21:54:35.0486 0xb184  [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:54:35.0501 0xb184  EvtEng - ok
21:54:35.0506 0xb184  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:54:35.0531 0xb184  exfat - ok
21:54:35.0536 0xb184  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:54:35.0561 0xb184  fastfat - ok
21:54:35.0573 0xb184  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:54:35.0592 0xb184  Fax - ok
21:54:35.0595 0xb184  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:54:35.0604 0xb184  fdc - ok
21:54:35.0607 0xb184  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:54:35.0628 0xb184  fdPHost - ok
21:54:35.0631 0xb184  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:54:35.0654 0xb184  FDResPub - ok
21:54:35.0657 0xb184  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:54:35.0664 0xb184  FileInfo - ok
21:54:35.0667 0xb184  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:54:35.0690 0xb184  Filetrace - ok
21:54:35.0692 0xb184  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:54:35.0701 0xb184  flpydisk - ok
21:54:35.0708 0xb184  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:54:35.0718 0xb184  FltMgr - ok
21:54:35.0739 0xb184  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:54:35.0764 0xb184  FontCache - ok
21:54:35.0768 0xb184  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:54:35.0775 0xb184  FontCache3.0.0.0 - ok
21:54:35.0778 0xb184  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:54:35.0786 0xb184  FsDepends - ok
21:54:35.0790 0xb184  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:54:35.0797 0xb184  Fs_Rec - ok
21:54:35.0802 0xb184  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:54:35.0814 0xb184  fvevol - ok
21:54:35.0817 0xb184  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:54:35.0825 0xb184  gagp30kx - ok
21:54:35.0839 0xb184  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:54:35.0872 0xb184  gpsvc - ok
21:54:35.0876 0xb184  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:35.0883 0xb184  gupdate - ok
21:54:35.0886 0xb184  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:35.0893 0xb184  gupdatem - ok
21:54:35.0898 0xb184  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:54:35.0907 0xb184  gusvc - ok
21:54:35.0910 0xb184  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:54:35.0918 0xb184  hcw85cir - ok
21:54:35.0925 0xb184  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:54:35.0940 0xb184  HdAudAddService - ok
21:54:35.0944 0xb184  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:54:35.0957 0xb184  HDAudBus - ok
21:54:35.0960 0xb184  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:54:35.0972 0xb184  HidBatt - ok
21:54:35.0976 0xb184  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:54:35.0990 0xb184  HidBth - ok
21:54:35.0993 0xb184  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:54:36.0004 0xb184  HidIr - ok
21:54:36.0007 0xb184  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:54:36.0030 0xb184  hidserv - ok
21:54:36.0034 0xb184  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:54:36.0042 0xb184  HidUsb - ok
21:54:36.0046 0xb184  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:54:36.0068 0xb184  hkmsvc - ok
21:54:36.0074 0xb184  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:54:36.0085 0xb184  HomeGroupListener - ok
21:54:36.0091 0xb184  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:54:36.0102 0xb184  HomeGroupProvider - ok
21:54:36.0106 0xb184  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:54:36.0114 0xb184  HpSAMD - ok
21:54:36.0127 0xb184  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:54:36.0159 0xb184  HTTP - ok
21:54:36.0162 0xb184  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:54:36.0169 0xb184  hwpolicy - ok
21:54:36.0174 0xb184  [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc      C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
21:54:36.0181 0xb184  HyperW7Svc - ok
21:54:36.0185 0xb184  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:54:36.0195 0xb184  i8042prt - ok
21:54:36.0207 0xb184  [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
21:54:36.0221 0xb184  iaStor - ok
21:54:36.0230 0xb184  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:54:36.0242 0xb184  iaStorV - ok
21:54:36.0245 0xb184  [ 72B253CDBCAA10E88AAD0BA39CC83BCD, 95FDC0E622C215D912607DDFC3D703AE0D9505960F98A418F44B7A9FA675B996 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
21:54:36.0252 0xb184  IBMPMDRV - ok
21:54:36.0255 0xb184  [ 4925FFB084C9AD02E8EEF01FB18BF5AC, B08CC31F9DB444C7A3E1DE0B294A573A6F58F440D9ADF4062835320129E10FD0 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
21:54:36.0262 0xb184  IBMPMSVC - ok
21:54:36.0278 0xb184  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:54:36.0297 0xb184  idsvc - ok
21:54:36.0300 0xb184  IEEtwCollectorService - ok
21:54:36.0437 0xb184  [ B9857625DF8B539ABCB90E15B5716568, 99393C74D6C5BB1D3B7399C628DEF47641563A3A1118988597091B0735805F06 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:54:36.0575 0xb184  igfx - ok
21:54:36.0589 0xb184  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:54:36.0596 0xb184  iirsp - ok
21:54:36.0612 0xb184  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:54:36.0633 0xb184  IKEEXT - ok
21:54:36.0637 0xb184  [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:54:36.0644 0xb184  intaud_WaveExtensible - ok
21:54:36.0701 0xb184  [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:54:36.0760 0xb184  IntcAzAudAddService - ok
21:54:36.0773 0xb184  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:54:36.0786 0xb184  IntcDAud - ok
21:54:36.0797 0xb184  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:54:36.0813 0xb184  Intel(R) Capability Licensing Service Interface - ok
21:54:36.0816 0xb184  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:54:36.0823 0xb184  intelide - ok
21:54:36.0827 0xb184  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:54:36.0837 0xb184  intelppm - ok
21:54:36.0841 0xb184  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:54:36.0864 0xb184  IPBusEnum - ok
21:54:36.0868 0xb184  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:54:36.0890 0xb184  IpFilterDriver - ok
21:54:36.0901 0xb184  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:54:36.0918 0xb184  iphlpsvc - ok
21:54:36.0922 0xb184  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:54:36.0931 0xb184  IPMIDRV - ok
21:54:36.0935 0xb184  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:54:36.0958 0xb184  IPNAT - ok
21:54:36.0962 0xb184  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:54:36.0974 0xb184  IRENUM - ok
21:54:36.0976 0xb184  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:54:36.0983 0xb184  isapnp - ok
21:54:36.0990 0xb184  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:54:37.0000 0xb184  iScsiPrt - ok
21:54:37.0003 0xb184  [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:54:37.0010 0xb184  iusb3hcs - ok
21:54:37.0017 0xb184  [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:54:37.0028 0xb184  iusb3hub - ok
21:54:37.0042 0xb184  [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:54:37.0059 0xb184  iusb3xhc - ok
21:54:37.0065 0xb184  [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
21:54:37.0071 0xb184  iwdbus - ok
21:54:37.0077 0xb184  [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:54:37.0085 0xb184  jhi_service - ok
21:54:37.0088 0xb184  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:54:37.0095 0xb184  kbdclass - ok
21:54:37.0098 0xb184  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:54:37.0107 0xb184  kbdhid - ok
21:54:37.0110 0xb184  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
21:54:37.0119 0xb184  KeyIso - ok
21:54:37.0123 0xb184  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:54:37.0131 0xb184  KSecDD - ok
21:54:37.0136 0xb184  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:54:37.0145 0xb184  KSecPkg - ok
21:54:37.0147 0xb184  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:54:37.0169 0xb184  ksthunk - ok
21:54:37.0177 0xb184  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:54:37.0204 0xb184  KtmRm - ok
21:54:37.0208 0xb184  [ 3BE0319D6F9D5A0C4DDD037E0E19FFD4, 587F5FF690A40DD5F3F59CF8FA8FC8691846633462EB8220367F5193F5401CBE ] l36wgps         C:\Windows\system32\DRIVERS\l36wgps64.sys
21:54:37.0216 0xb184  l36wgps - ok
21:54:37.0222 0xb184  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:54:37.0246 0xb184  LanmanServer - ok
21:54:37.0251 0xb184  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:54:37.0274 0xb184  LanmanWorkstation - ok
21:54:37.0279 0xb184  [ 4A0235E9822B220339E34D8C122BB6D1, 75FE0158F4123E3252F543FED3F622547F32EE15B1ABA16C8D23405B6BAEBCE5 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
21:54:37.0286 0xb184  LENOVO.CAMMUTE - ok
21:54:37.0290 0xb184  [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
21:54:37.0297 0xb184  LENOVO.MICMUTE - ok
21:54:37.0299 0xb184  [ 93921A19D885755B9751C3744DBCB8FD, A1A59DE5819D2C4D4CEA4917DAB569925928165177F0B081D5C03BD6D7EFE3D2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
21:54:37.0306 0xb184  LENOVO.TPKNRSVC - ok
21:54:37.0310 0xb184  [ 79F99A4D59825839B7E563B4BCF52C5E, 3D7B1F292A36E8E4109557B880603B7BEB512457CC495F591DCE44EC34AA0E39 ] LENOVO.TVTVCAM  C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
21:54:37.0319 0xb184  LENOVO.TVTVCAM - ok
21:54:37.0322 0xb184  [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
21:54:37.0330 0xb184  Lenovo.VIRTSCRLSVC - ok
21:54:37.0333 0xb184  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:54:37.0356 0xb184  lltdio - ok
21:54:37.0363 0xb184  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:54:37.0389 0xb184  lltdsvc - ok
21:54:37.0392 0xb184  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:54:37.0414 0xb184  lmhosts - ok
21:54:37.0420 0xb184  [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:54:37.0430 0xb184  LMS - ok
21:54:37.0437 0xb184  [ 25F003B378E831514587DC6155781227, 7E68BED3721B9B917DDF215E572EEC4D1B30805CB8C274222450F65AA6B9D945 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
21:54:37.0448 0xb184  LSCWinService - ok
21:54:37.0452 0xb184  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:54:37.0460 0xb184  LSI_FC - ok
21:54:37.0464 0xb184  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:54:37.0472 0xb184  LSI_SAS - ok
21:54:37.0476 0xb184  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:54:37.0483 0xb184  LSI_SAS2 - ok
21:54:37.0487 0xb184  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:54:37.0496 0xb184  LSI_SCSI - ok
21:54:37.0500 0xb184  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:54:37.0523 0xb184  luafv - ok
21:54:37.0526 0xb184  [ FD998B716E1EBFE1174098FB9AA08635, FE010E7E3E583C3F3EC8D602B43C98CB91D047ED87E82B8D472E9C7391938E82 ] MacheenService  C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
21:54:37.0533 0xb184  MacheenService - ok
21:54:37.0538 0xb184  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
21:54:37.0546 0xb184  mbamchameleon - ok
21:54:37.0549 0xb184  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:54:37.0555 0xb184  MBAMProtector - ok
21:54:37.0586 0xb184  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:54:37.0619 0xb184  MBAMScheduler - ok
21:54:37.0639 0xb184  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:54:37.0659 0xb184  MBAMService - ok
21:54:37.0664 0xb184  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:54:37.0672 0xb184  MBAMSwissArmy - ok
21:54:37.0675 0xb184  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:54:37.0682 0xb184  MBAMWebAccessControl - ok
21:54:37.0691 0xb184  [ 62732AF9512B911C330ACBBDBCC2F284, CBF2D4D21F96465FD693E2F3052675D1D7F23BE86098D08EF22E52D94E8C95E4 ] Mbm3CBus        C:\Windows\system32\DRIVERS\Mbm3CBus.sys
21:54:37.0704 0xb184  Mbm3CBus - ok
21:54:37.0712 0xb184  [ BDC2D259CA9CFCED092B3B0B8557322D, A2C50A5BAE7B3AB0C1D8057FD15DFAB3F8B653A8A8B78572926B9CCEE032A8EA ] Mbm3DevMt       C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
21:54:37.0724 0xb184  Mbm3DevMt - ok
21:54:37.0727 0xb184  [ E55689A5E9349182C24312EFC9DF09FB, 6FD98B61C764215402625412E9E3F214020257C09F25C3B21C70AA46EC39019D ] Mbm3mdfl        C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
21:54:37.0733 0xb184  Mbm3mdfl - ok
21:54:37.0743 0xb184  [ FC1059C857D7B1083086BE04DB5EE09C, BF55702BBB6A0152F63A30E0897C42ED3F51CC1AD78C49F3589D423591C031E8 ] Mbm3Mdm         C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
21:54:37.0756 0xb184  Mbm3Mdm - ok
21:54:37.0759 0xb184  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:54:37.0770 0xb184  Mcx2Svc - ok
21:54:37.0773 0xb184  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:54:37.0780 0xb184  megasas - ok
21:54:37.0790 0xb184  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:54:37.0800 0xb184  MegaSR - ok
21:54:37.0804 0xb184  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:54:37.0810 0xb184  MEIx64 - ok
21:54:37.0814 0xb184  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:54:37.0836 0xb184  MMCSS - ok
21:54:37.0839 0xb184  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:54:37.0861 0xb184  Modem - ok
21:54:37.0864 0xb184  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:54:37.0874 0xb184  monitor - ok
21:54:37.0877 0xb184  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:54:37.0884 0xb184  mouclass - ok
21:54:37.0887 0xb184  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:54:37.0895 0xb184  mouhid - ok
21:54:37.0899 0xb184  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:54:37.0907 0xb184  mountmgr - ok
21:54:37.0912 0xb184  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:54:37.0920 0xb184  mpio - ok
21:54:37.0925 0xb184  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:54:37.0948 0xb184  mpsdrv - ok
21:54:37.0962 0xb184  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:54:37.0996 0xb184  MpsSvc - ok
21:54:38.0001 0xb184  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:54:38.0011 0xb184  MRxDAV - ok
21:54:38.0015 0xb184  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:54:38.0025 0xb184  mrxsmb - ok
21:54:38.0032 0xb184  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:54:38.0044 0xb184  mrxsmb10 - ok
21:54:38.0049 0xb184  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:54:38.0058 0xb184  mrxsmb20 - ok
21:54:38.0062 0xb184  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:54:38.0069 0xb184  msahci - ok
21:54:38.0073 0xb184  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:54:38.0082 0xb184  msdsm - ok
21:54:38.0086 0xb184  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:54:38.0098 0xb184  MSDTC - ok
21:54:38.0102 0xb184  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:54:38.0124 0xb184  Msfs - ok
21:54:38.0126 0xb184  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:54:38.0148 0xb184  mshidkmdf - ok
21:54:38.0152 0xb184  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:54:38.0158 0xb184  msisadrv - ok
21:54:38.0163 0xb184  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:54:38.0187 0xb184  MSiSCSI - ok
21:54:38.0189 0xb184  msiserver - ok
21:54:38.0192 0xb184  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:54:38.0214 0xb184  MSKSSRV - ok
21:54:38.0216 0xb184  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:54:38.0238 0xb184  MSPCLOCK - ok
21:54:38.0240 0xb184  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:54:38.0263 0xb184  MSPQM - ok
21:54:38.0270 0xb184  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:54:38.0283 0xb184  MsRPC - ok
21:54:38.0287 0xb184  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:54:38.0294 0xb184  mssmbios - ok
21:54:38.0296 0xb184  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:54:38.0318 0xb184  MSTEE - ok
21:54:38.0322 0xb184  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:54:38.0330 0xb184  MTConfig - ok
21:54:38.0335 0xb184  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:54:38.0342 0xb184  Mup - ok
21:54:38.0348 0xb184  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:54:38.0358 0xb184  MyWiFiDHCPDNS - ok
21:54:38.0367 0xb184  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:54:38.0395 0xb184  napagent - ok
21:54:38.0402 0xb184  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:54:38.0418 0xb184  NativeWifiP - ok
21:54:38.0434 0xb184  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:54:38.0455 0xb184  NDIS - ok
21:54:38.0459 0xb184  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:54:38.0480 0xb184  NdisCap - ok
21:54:38.0483 0xb184  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:54:38.0505 0xb184  NdisTapi - ok
21:54:38.0508 0xb184  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:54:38.0530 0xb184  Ndisuio - ok
21:54:38.0534 0xb184  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:54:38.0557 0xb184  NdisWan - ok
21:54:38.0560 0xb184  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:54:38.0582 0xb184  NDProxy - ok
21:54:38.0585 0xb184  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:54:38.0607 0xb184  NetBIOS - ok
21:54:38.0613 0xb184  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:54:38.0638 0xb184  NetBT - ok
21:54:38.0641 0xb184  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
21:54:38.0650 0xb184  Netlogon - ok
21:54:38.0657 0xb184  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:54:38.0685 0xb184  Netman - ok
21:54:38.0693 0xb184  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:38.0703 0xb184  NetMsmqActivator - ok
21:54:38.0707 0xb184  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:38.0717 0xb184  NetPipeActivator - ok
21:54:38.0726 0xb184  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:54:38.0754 0xb184  netprofm - ok
21:54:38.0758 0xb184  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:38.0768 0xb184  NetTcpActivator - ok
21:54:38.0772 0xb184  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:54:38.0782 0xb184  NetTcpPortSharing - ok
21:54:38.0955 0xb184  [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
21:54:39.0134 0xb184  NETwNs64 - ok
21:54:39.0148 0xb184  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:54:39.0156 0xb184  nfrd960 - ok
21:54:39.0162 0xb184  [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
21:54:39.0171 0xb184  NitroDriverReadSpool2 - ok
21:54:39.0178 0xb184  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:54:39.0190 0xb184  NlaSvc - ok
21:54:39.0193 0xb184  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:54:39.0216 0xb184  Npfs - ok
21:54:39.0218 0xb184  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:54:39.0241 0xb184  nsi - ok
21:54:39.0244 0xb184  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:54:39.0266 0xb184  nsiproxy - ok
21:54:39.0296 0xb184  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:54:39.0326 0xb184  Ntfs - ok
21:54:39.0330 0xb184  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:54:39.0353 0xb184  Null - ok
21:54:39.0552 0xb184  [ 23FDD36706F27B9BAECE11E6C1804F00, 999F7C22C1FF24B17BF4767FA701863F3F9D7483AA200A7DE709DE272DA45DC0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:54:39.0750 0xb184  nvlddmkm - ok
21:54:39.0795 0xb184  [ E024300408694566DDF65AB5E004F880, EE3B7863F993952308BFD8E4BB39F4D107BC94C0B97ED2A5BAAB8F4C9A6A67D0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:54:39.0828 0xb184  NvNetworkService - ok
21:54:39.0833 0xb184  [ 98B1C3093E7012691882111DB7978103, 94396175E50ADF087FE06167B9AF676ADB7C6629D5A8736EA7BC4AAD4F88AB47 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
21:54:39.0840 0xb184  nvpciflt - ok
21:54:39.0845 0xb184  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:54:39.0854 0xb184  nvraid - ok
21:54:39.0859 0xb184  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:54:39.0869 0xb184  nvstor - ok
21:54:39.0886 0xb184  [ D80BAD4DF433124BAAF4ED975723B387, 915DD9AF4A87B6C823DA8992BAAED0E06210E712CE8E7F940D2E8B8D345A6113 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:54:39.0909 0xb184  nvsvc - ok
21:54:39.0913 0xb184  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:54:39.0922 0xb184  nv_agp - ok
21:54:39.0926 0xb184  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:54:39.0935 0xb184  ohci1394 - ok
21:54:39.0943 0xb184  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:54:39.0956 0xb184  p2pimsvc - ok
21:54:39.0966 0xb184  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:54:39.0982 0xb184  p2psvc - ok
21:54:39.0985 0xb184  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:54:39.0997 0xb184  Parport - ok
21:54:40.0000 0xb184  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:54:40.0008 0xb184  partmgr - ok
21:54:40.0014 0xb184  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:54:40.0025 0xb184  PcaSvc - ok
21:54:40.0031 0xb184  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:54:40.0042 0xb184  pci - ok
21:54:40.0046 0xb184  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:54:40.0053 0xb184  pciide - ok
21:54:40.0058 0xb184  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:54:40.0068 0xb184  pcmcia - ok
21:54:40.0071 0xb184  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:54:40.0079 0xb184  pcw - ok
21:54:40.0091 0xb184  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:54:40.0109 0xb184  PEAUTH - ok
21:54:40.0132 0xb184  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:54:40.0161 0xb184  PeerDistSvc - ok
21:54:40.0182 0xb184  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:54:40.0192 0xb184  PerfHost - ok
21:54:40.0198 0xb184  [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE          C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
21:54:40.0205 0xb184  PHCORE - ok
21:54:40.0230 0xb184  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:54:40.0273 0xb184  pla - ok
21:54:40.0310 0xb184  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:54:40.0325 0xb184  PlugPlay - ok
21:54:40.0328 0xb184  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:54:40.0337 0xb184  PNRPAutoReg - ok
21:54:40.0345 0xb184  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:54:40.0358 0xb184  PNRPsvc - ok
21:54:40.0368 0xb184  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:54:40.0396 0xb184  PolicyAgent - ok
21:54:40.0402 0xb184  [ 97409FF50403E1E83E3455BEB2E258D3, C16D10CC41820C34E3C9BACB06285E57B7656AA9F6D6D15CD79A19DBAA046771 ] postgresql-x64-9.0 C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
21:54:40.0407 0xb184  postgresql-x64-9.0 - detected UnsignedFile.Multi.Generic ( 1 )
21:54:40.0407 0xb184  postgresql-x64-9.0 ( UnsignedFile.Multi.Generic ) - warning
21:54:50.0361 0xb184  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
21:54:50.0385 0xb184  Power - ok
21:54:50.0414 0xb184  [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
21:54:50.0444 0xb184  Power Manager DBC Service - ok
21:54:50.0450 0xb184  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:54:50.0472 0xb184  PptpMiniport - ok
21:54:50.0475 0xb184  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:54:50.0485 0xb184  Processor - ok
21:54:50.0492 0xb184  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:54:50.0503 0xb184  ProfSvc - ok
21:54:50.0507 0xb184  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:54:50.0516 0xb184  ProtectedStorage - ok
21:54:50.0519 0xb184  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
21:54:50.0525 0xb184  psadd - ok
21:54:50.0529 0xb184  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:54:50.0552 0xb184  Psched - ok
21:54:50.0559 0xb184  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:54:50.0567 0xb184  PSI_SVC_2 - ok
21:54:50.0595 0xb184  [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc        C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
21:54:50.0626 0xb184  PwmEWSvc - ok
21:54:50.0652 0xb184  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:54:50.0681 0xb184  ql2300 - ok
21:54:50.0686 0xb184  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:54:50.0695 0xb184  ql40xx - ok
21:54:50.0701 0xb184  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:54:50.0716 0xb184  QWAVE - ok
21:54:50.0719 0xb184  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:54:50.0731 0xb184  QWAVEdrv - ok
21:54:50.0733 0xb184  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:54:50.0755 0xb184  RasAcd - ok
21:54:50.0758 0xb184  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:54:50.0780 0xb184  RasAgileVpn - ok
21:54:50.0787 0xb184  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:54:50.0814 0xb184  RasAuto - ok
21:54:50.0818 0xb184  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:54:50.0841 0xb184  Rasl2tp - ok
21:54:50.0849 0xb184  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:54:50.0879 0xb184  RasMan - ok
21:54:50.0883 0xb184  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:54:50.0906 0xb184  RasPppoe - ok
21:54:50.0911 0xb184  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:54:50.0935 0xb184  RasSstp - ok
21:54:50.0942 0xb184  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:54:50.0974 0xb184  rdbss - ok
21:54:50.0977 0xb184  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:54:50.0993 0xb184  rdpbus - ok
21:54:50.0996 0xb184  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:54:51.0026 0xb184  RDPCDD - ok
21:54:51.0033 0xb184  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:54:51.0045 0xb184  RDPDR - ok
21:54:51.0050 0xb184  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:54:51.0080 0xb184  RDPENCDD - ok
21:54:51.0085 0xb184  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:54:51.0107 0xb184  RDPREFMP - ok
21:54:51.0112 0xb184  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:54:51.0123 0xb184  RDPWD - ok
21:54:51.0129 0xb184  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:54:51.0139 0xb184  rdyboost - ok
21:54:51.0144 0xb184  [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:54:51.0152 0xb184  RegSrvc - ok
21:54:51.0156 0xb184  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:54:51.0181 0xb184  RemoteAccess - ok
21:54:51.0185 0xb184  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:54:51.0210 0xb184  RemoteRegistry - ok
21:54:51.0214 0xb184  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:54:51.0226 0xb184  RFCOMM - ok
21:54:51.0230 0xb184  [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc          C:\Windows\system32\DRIVERS\risdxc64.sys
21:54:51.0238 0xb184  risdxc - ok
21:54:51.0242 0xb184  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:54:51.0265 0xb184  RpcEptMapper - ok
21:54:51.0268 0xb184  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:54:51.0277 0xb184  RpcLocator - ok
21:54:51.0289 0xb184  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:54:51.0318 0xb184  RpcSs - ok
21:54:51.0322 0xb184  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:54:51.0344 0xb184  rspndr - ok
21:54:51.0347 0xb184  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:54:51.0355 0xb184  s3cap - ok
21:54:51.0357 0xb184  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
21:54:51.0366 0xb184  SamSs - ok
21:54:51.0370 0xb184  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:54:51.0378 0xb184  sbp2port - ok
21:54:51.0383 0xb184  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:54:51.0408 0xb184  SCardSvr - ok
21:54:51.0411 0xb184  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:54:51.0432 0xb184  scfilter - ok
21:54:51.0451 0xb184  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:54:51.0489 0xb184  Schedule - ok
21:54:51.0494 0xb184  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:54:51.0516 0xb184  SCPolicySvc - ok
21:54:51.0521 0xb184  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:54:51.0532 0xb184  SDRSVC - ok
21:54:51.0535 0xb184  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:54:51.0557 0xb184  secdrv - ok
21:54:51.0560 0xb184  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:54:51.0584 0xb184  seclogon - ok
21:54:51.0587 0xb184  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:54:51.0611 0xb184  SENS - ok
21:54:51.0614 0xb184  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:54:51.0623 0xb184  SensrSvc - ok
21:54:51.0626 0xb184  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:54:51.0635 0xb184  Serenum - ok
21:54:51.0639 0xb184  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:54:51.0649 0xb184  Serial - ok
21:54:51.0651 0xb184  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:54:51.0661 0xb184  sermouse - ok
21:54:51.0668 0xb184  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:54:51.0692 0xb184  SessionEnv - ok
21:54:51.0695 0xb184  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:54:51.0705 0xb184  sffdisk - ok
21:54:51.0708 0xb184  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:54:51.0718 0xb184  sffp_mmc - ok
21:54:51.0721 0xb184  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:54:51.0730 0xb184  sffp_sd - ok
21:54:51.0733 0xb184  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:54:51.0742 0xb184  sfloppy - ok
21:54:51.0749 0xb184  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:54:51.0778 0xb184  SharedAccess - ok
21:54:51.0789 0xb184  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:54:51.0820 0xb184  ShellHWDetection - ok
21:54:51.0826 0xb184  [ 7AC6FBFC13ABA3F15B05986412D10E10, B93E0E18C9883BAE7238389B8E2E3D66CB925BD62B293625FF8B6C3AF4501EC8 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys
21:54:51.0834 0xb184  Shockprf - ok
21:54:51.0838 0xb184  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:54:51.0848 0xb184  SiSRaid2 - ok
21:54:51.0852 0xb184  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:54:51.0862 0xb184  SiSRaid4 - ok
21:54:51.0866 0xb184  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:54:51.0893 0xb184  Smb - ok
21:54:51.0897 0xb184  smihlp2 - ok
21:54:51.0904 0xb184  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:54:51.0916 0xb184  SNMPTRAP - ok
21:54:51.0919 0xb184  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:54:51.0927 0xb184  spldr - ok
21:54:51.0940 0xb184  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:54:51.0960 0xb184  Spooler - ok
21:54:52.0020 0xb184  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:54:52.0099 0xb184  sppsvc - ok
21:54:52.0107 0xb184  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:54:52.0131 0xb184  sppuinotify - ok
21:54:52.0141 0xb184  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:54:52.0156 0xb184  srv - ok
21:54:52.0164 0xb184  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:54:52.0178 0xb184  srv2 - ok
21:54:52.0183 0xb184  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:54:52.0194 0xb184  srvnet - ok
21:54:52.0200 0xb184  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:54:52.0226 0xb184  SSDPSRV - ok
21:54:52.0229 0xb184  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:54:52.0253 0xb184  SstpSvc - ok
21:54:52.0257 0xb184  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:54:52.0264 0xb184  stexstor - ok
21:54:52.0275 0xb184  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:54:52.0296 0xb184  stisvc - ok
21:54:52.0300 0xb184  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:54:52.0307 0xb184  storflt - ok
21:54:52.0310 0xb184  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:54:52.0319 0xb184  StorSvc - ok
21:54:52.0322 0xb184  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:54:52.0330 0xb184  storvsc - ok
21:54:52.0335 0xb184  [ 1DF68711507D486946FCB58BDE5FE2FF, 2B89E4939466BA3F5715E6831675F3456533D6E45A12D6C13210BAC29AF9A844 ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:54:52.0342 0xb184  SUService - ok
21:54:52.0345 0xb184  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:54:52.0351 0xb184  swenum - ok
21:54:52.0362 0xb184  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:54:52.0393 0xb184  swprv - ok
21:54:52.0402 0xb184  [ 883D2880144FD3ED9F1C04B5B5B9B562, 17C582DE9E614F3AFF76ED808358E1006A5AAFEDAE155F6FB527A1AEE3AFF3EF ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:54:52.0415 0xb184  SynTP - ok
21:54:52.0444 0xb184  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:54:52.0482 0xb184  SysMain - ok
21:54:52.0488 0xb184  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:54:52.0501 0xb184  TabletInputService - ok
21:54:52.0509 0xb184  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:54:52.0536 0xb184  TapiSrv - ok
21:54:52.0540 0xb184  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:54:52.0563 0xb184  TBS - ok
21:54:52.0595 0xb184  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:54:52.0630 0xb184  Tcpip - ok
21:54:52.0665 0xb184  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:54:52.0700 0xb184  TCPIP6 - ok
21:54:52.0708 0xb184  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:54:52.0717 0xb184  tcpipreg - ok
21:54:52.0720 0xb184  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:54:52.0729 0xb184  TDPIPE - ok
21:54:52.0732 0xb184  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:54:52.0739 0xb184  TDTCP - ok
21:54:52.0743 0xb184  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:54:52.0753 0xb184  tdx - ok
21:54:52.0756 0xb184  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:54:52.0764 0xb184  TermDD - ok
21:54:52.0776 0xb184  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:54:52.0795 0xb184  TermService - ok
21:54:52.0799 0xb184  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:54:52.0811 0xb184  Themes - ok
21:54:52.0816 0xb184  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:54:52.0839 0xb184  THREADORDER - ok
21:54:52.0841 0xb184  [ BC148E3415BF8A9DE83364966F75044F, 0F4604753E8202A7CA0F0C2E08983911327E0E44E453CE91B9B9A80A5554EC16 ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys
21:54:52.0848 0xb184  TPDIGIMN - ok
21:54:52.0851 0xb184  [ BBD91008BEC4A2BA5D383BC9A15D6F9E, 6A61E05F2189CB586440E0D5CB0126282459EAE9F29C9DD2D6E4583D230BF29E ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe
21:54:52.0858 0xb184  TPHDEXLGSVC - ok
21:54:52.0863 0xb184  [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
21:54:52.0870 0xb184  TPHKLOAD - ok
21:54:52.0874 0xb184  [ 046A7B412E4E6C4A7B426441E143F0F2, 8E42A888087A4DE20828652049D54955806986422C6A67C7A42499A0FB1CA1E2 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
21:54:52.0882 0xb184  TPHKSVC - ok
21:54:52.0885 0xb184  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:54:52.0894 0xb184  TPM - ok
21:54:52.0897 0xb184  [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
21:54:52.0903 0xb184  TPPWRIF - ok
21:54:52.0907 0xb184  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:54:52.0931 0xb184  TrkWks - ok
21:54:52.0937 0xb184  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:54:52.0960 0xb184  TrustedInstaller - ok
21:54:52.0964 0xb184  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:54:52.0973 0xb184  tssecsrv - ok
21:54:52.0976 0xb184  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:54:52.0984 0xb184  TsUsbFlt - ok
21:54:52.0987 0xb184  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:54:52.0996 0xb184  TsUsbGD - ok
21:54:53.0000 0xb184  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:54:53.0022 0xb184  tunnel - ok
21:54:53.0025 0xb184  [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C          C:\Windows\system32\DRIVERS\Tvti2c.sys
21:54:53.0031 0xb184  TVTI2C - ok
21:54:53.0034 0xb184  [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd        C:\Windows\system32\DRIVERS\tvtvcamd.sys
21:54:53.0041 0xb184  tvtvcamd - ok
21:54:53.0044 0xb184  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:54:53.0052 0xb184  uagp35 - ok
21:54:53.0059 0xb184  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:54:53.0085 0xb184  udfs - ok
21:54:53.0091 0xb184  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:54:53.0101 0xb184  UI0Detect - ok
21:54:53.0105 0xb184  [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
21:54:53.0109 0xb184  UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
21:54:53.0109 0xb184  Detect skipped due to KSN trusted
21:54:53.0109 0xb184  UleadBurningHelper - ok
21:54:53.0113 0xb184  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:54:53.0121 0xb184  uliagpkx - ok
21:54:53.0124 0xb184  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:54:53.0134 0xb184  umbus - ok
21:54:53.0136 0xb184  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:54:53.0145 0xb184  UmPass - ok
21:54:53.0151 0xb184  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:54:53.0163 0xb184  UmRdpService - ok
21:54:53.0172 0xb184  [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:54:53.0183 0xb184  UNS - ok
21:54:53.0191 0xb184  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:54:53.0219 0xb184  upnphost - ok
21:54:53.0224 0xb184  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:54:53.0234 0xb184  usbaudio - ok
21:54:53.0238 0xb184  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:54:53.0247 0xb184  usbccgp - ok
21:54:53.0251 0xb184  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:54:53.0261 0xb184  usbcir - ok
21:54:53.0264 0xb184  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:54:53.0273 0xb184  usbehci - ok
21:54:53.0281 0xb184  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:54:53.0295 0xb184  usbhub - ok
21:54:53.0298 0xb184  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:54:53.0306 0xb184  usbohci - ok
21:54:53.0309 0xb184  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:54:53.0319 0xb184  usbprint - ok
21:54:53.0323 0xb184  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:54:53.0333 0xb184  USBSTOR - ok
21:54:53.0336 0xb184  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:54:53.0345 0xb184  usbuhci - ok
21:54:53.0350 0xb184  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:54:53.0361 0xb184  usbvideo - ok
21:54:53.0364 0xb184  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:54:53.0387 0xb184  UxSms - ok
21:54:53.0390 0xb184  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
21:54:53.0399 0xb184  VaultSvc - ok
21:54:53.0402 0xb184  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:54:53.0409 0xb184  vdrvroot - ok
21:54:53.0420 0xb184  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:54:53.0449 0xb184  vds - ok
21:54:53.0452 0xb184  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:54:53.0463 0xb184  vga - ok
21:54:53.0466 0xb184  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:54:53.0487 0xb184  VgaSave - ok
21:54:53.0492 0xb184  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:54:53.0502 0xb184  vhdmp - ok
21:54:53.0505 0xb184  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:54:53.0512 0xb184  viaide - ok
21:54:53.0516 0xb184  [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService   C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
21:54:53.0523 0xb184  VIPAppService - ok
21:54:53.0529 0xb184  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:54:53.0539 0xb184  vmbus - ok
21:54:53.0541 0xb184  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:54:53.0550 0xb184  VMBusHID - ok
21:54:53.0553 0xb184  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:54:53.0561 0xb184  volmgr - ok
21:54:53.0569 0xb184  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:54:53.0580 0xb184  volmgrx - ok
21:54:53.0588 0xb184  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:54:53.0599 0xb184  volsnap - ok
21:54:53.0603 0xb184  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:54:53.0613 0xb184  vsmraid - ok
21:54:53.0640 0xb184  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:54:53.0685 0xb184  VSS - ok
21:54:53.0691 0xb184  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:54:53.0701 0xb184  vwifibus - ok
21:54:53.0704 0xb184  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:54:53.0716 0xb184  vwififlt - ok
21:54:53.0718 0xb184  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:54:53.0730 0xb184  vwifimp - ok
21:54:53.0738 0xb184  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:54:53.0765 0xb184  W32Time - ok
21:54:53.0770 0xb184  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:54:53.0779 0xb184  WacomPen - ok
21:54:53.0782 0xb184  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:54:53.0805 0xb184  WANARP - ok
21:54:53.0808 0xb184  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:54:53.0830 0xb184  Wanarpv6 - ok
21:54:53.0852 0xb184  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:54:53.0877 0xb184  WatAdminSvc - ok
21:54:53.0903 0xb184  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:54:53.0934 0xb184  wbengine - ok
21:54:53.0941 0xb184  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:54:53.0955 0xb184  WbioSrvc - ok
21:54:53.0963 0xb184  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:54:53.0981 0xb184  wcncsvc - ok
21:54:53.0984 0xb184  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:54:53.0994 0xb184  WcsPlugInService - ok
21:54:53.0996 0xb184  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:54:54.0003 0xb184  Wd - ok
21:54:54.0017 0xb184  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:54:54.0036 0xb184  Wdf01000 - ok
21:54:54.0041 0xb184  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:54:54.0050 0xb184  WdiServiceHost - ok
21:54:54.0054 0xb184  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:54:54.0063 0xb184  WdiSystemHost - ok
21:54:54.0070 0xb184  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:54:54.0083 0xb184  WebClient - ok
21:54:54.0089 0xb184  [ 507D80C0ACCC3B4FC123BD99D0AF3F97, 09AF6BBAFEA01B0A108C2EFE019F3D8ACA89C2C9D2DEB5F7E83F4E9971BAD338 ] WebUpdate4      C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
21:54:54.0099 0xb184  WebUpdate4 - ok
21:54:54.0105 0xb184  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:54:54.0130 0xb184  Wecsvc - ok
21:54:54.0135 0xb184  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:54:54.0159 0xb184  wercplsupport - ok
21:54:54.0163 0xb184  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:54:54.0186 0xb184  WerSvc - ok
21:54:54.0189 0xb184  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:54:54.0211 0xb184  WfpLwf - ok
21:54:54.0214 0xb184  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:54:54.0221 0xb184  WIMMount - ok
21:54:54.0223 0xb184  WinDefend - ok
21:54:54.0227 0xb184  WinHttpAutoProxySvc - ok
21:54:54.0237 0xb184  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:54:54.0263 0xb184  Winmgmt - ok
21:54:54.0296 0xb184  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
21:54:54.0337 0xb184  WinRM - ok
21:54:54.0347 0xb184  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
21:54:54.0358 0xb184  WinUsb - ok
21:54:54.0375 0xb184  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:54:54.0400 0xb184  Wlansvc - ok
21:54:54.0404 0xb184  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:54:54.0411 0xb184  wlcrasvc - ok
21:54:54.0448 0xb184  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:54:54.0487 0xb184  wlidsvc - ok
21:54:54.0494 0xb184  WMCoreService - ok
21:54:54.0496 0xb184  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:54:54.0505 0xb184  WmiAcpi - ok
21:54:54.0513 0xb184  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:54:54.0525 0xb184  wmiApSrv - ok
21:54:54.0527 0xb184  WMPNetworkSvc - ok
21:54:54.0531 0xb184  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:54:54.0543 0xb184  WPCSvc - ok
21:54:54.0547 0xb184  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:54:54.0559 0xb184  WPDBusEnum - ok
21:54:54.0562 0xb184  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:54:54.0586 0xb184  ws2ifsl - ok
21:54:54.0590 0xb184  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:54:54.0604 0xb184  wscsvc - ok
21:54:54.0606 0xb184  WSearch - ok
21:54:54.0648 0xb184  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:54:54.0701 0xb184  wuauserv - ok
21:54:54.0710 0xb184  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:54:54.0720 0xb184  WudfPf - ok
21:54:54.0727 0xb184  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:54:54.0738 0xb184  WUDFRd - ok
21:54:54.0744 0xb184  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:54:54.0756 0xb184  wudfsvc - ok
21:54:54.0762 0xb184  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:54:54.0777 0xb184  WwanSvc - ok
21:54:54.0784 0xb184  [ 747DA6EE261B3760201D7738E0FD59B8, B32F8CB8F112FA1C067AEE1615882C6FAFAB671347A44E37C4B476DF3DC7B430 ] WwanUsbServ     C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
21:54:54.0794 0xb184  WwanUsbServ - ok
21:54:54.0839 0xb184  [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:54:54.0884 0xb184  ZeroConfigService - ok
21:54:54.0896 0xb184  ================ Scan global ===============================
21:54:54.0898 0xb184  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:54:54.0904 0xb184  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:54:54.0912 0xb184  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:54:54.0918 0xb184  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:54:54.0925 0xb184  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:54:54.0930 0xb184  [ Global ] - ok
21:54:54.0931 0xb184  ================ Scan MBR ==================================
21:54:54.0932 0xb184  [ 705D35B546D81DCED3CD1F931CCB07ED ] \Device\Harddisk0\DR0
21:54:55.0030 0xb184  \Device\Harddisk0\DR0 - ok
21:54:55.0034 0xb184  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
21:54:55.0096 0xb184  \Device\Harddisk1\DR2 - ok
21:54:55.0096 0xb184  ================ Scan VBR ==================================
21:54:55.0100 0xb184  [ B5B43437C04F6EEF589300D433D64A87 ] \Device\Harddisk0\DR0\Partition1
21:54:55.0102 0xb184  \Device\Harddisk0\DR0\Partition1 - ok
21:54:55.0106 0xb184  [ DD96E4E79F20B2BADBE7FD27252456D5 ] \Device\Harddisk0\DR0\Partition2
21:54:55.0107 0xb184  \Device\Harddisk0\DR0\Partition2 - ok
21:54:55.0112 0xb184  [ 19191C7AA2D63FA6431A219C069E77B0 ] \Device\Harddisk0\DR0\Partition3
21:54:55.0114 0xb184  \Device\Harddisk0\DR0\Partition3 - ok
21:54:55.0118 0xb184  [ F1192BD8A99063C5E8D01E8850DEF1EA ] \Device\Harddisk1\DR2\Partition1
21:54:55.0122 0xb184  \Device\Harddisk1\DR2\Partition1 - ok
21:54:55.0122 0xb184  ================ Scan generic autorun ======================
21:54:55.0122 0xb184  SynTPEnh - ok
21:54:55.0136 0xb184  [ CA169D8C33B5C7D38F146146D635BB5A, 0F7C021BD92ECFF8FEE5D1D1F5920E85B53C1DE7874F21CEBCF9E9F2BD0590BF ] C:\Windows\system32\TpShocks.exe
21:54:55.0152 0xb184  TpShocks - ok
21:54:55.0159 0xb184  [ 98D545CE59F64C2C4D005A4A61BB0835, 22EEE378BF46A12E910429DECA5D68E38319A6BC20FEF3E2D7BC450D9141658A ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
21:54:55.0171 0xb184  LENOVO.TPKNRRES - ok
21:54:55.0174 0xb184  [ 3D0AA1C5F67BAC9ED036FB6C815562C6, 6563601CAFA7BC11DD6FD666195C0DA58E646D685C6F5063081086C96F8A9F43 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
21:54:55.0181 0xb184  AcWin7Hlpr - ok
21:54:55.0190 0xb184  [ A56AC97C6C72141B334763CD3C77C76F, 57BB0DAC3463A0CEAB74052EC04EA1B6F3F757DFBCA00143C34360EC6BC69A06 ] C:\Program Files\Greenshot\Greenshot.exe
21:54:55.0200 0xb184  Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
21:54:55.0200 0xb184  Detect skipped due to KSN trusted
21:54:55.0200 0xb184  Greenshot - ok
21:54:55.0204 0xb184  [ 2C8518B622C6429480507F24C21B6223, BA2FF253A3F6C53F4C24903DF406FFB37121792A49E29A5A58E753E62321C312 ] C:\Windows\system32\igfxtray.exe
21:54:55.0213 0xb184  IgfxTray - ok
21:54:55.0221 0xb184  [ 2700358647B5F0253756BF41564586E1, 859ECC17AAADCDAB6ED96FEC372522B69C44C50B7781F29B2B0EAAF13FD0C803 ] C:\Windows\system32\hkcmd.exe
21:54:55.0233 0xb184  HotKeysCmds - ok
21:54:55.0241 0xb184  [ 8D42A43CE49736478BF6FCE9DD3383CB, 7D1A7D4CAF468815BD8BFD324E60956F8A7B12E9714A0064742F403474C03E44 ] C:\Windows\system32\igfxpers.exe
21:54:55.0253 0xb184  Persistence - ok
21:54:55.0458 0xb184  [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:54:55.0660 0xb184  RTHDVCPL - ok
21:54:55.0692 0xb184  [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:54:55.0717 0xb184  RtHDVBg_Dolby - ok
21:54:55.0759 0xb184  [ C08AF3D7162084119A3089D40240E592, B68F51E176A1193496108E60999C96656A166B7868A6C403B329AA2DBA3EAFD2 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:54:55.0802 0xb184  NvBackend - ok
21:54:55.0808 0xb184  [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
21:54:55.0812 0xb184  RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
21:54:55.0812 0xb184  Detect skipped due to KSN trusted
21:54:55.0812 0xb184  RotateImage - ok
21:54:55.0819 0xb184  [ 6BA8D86746935498D64CB5CF6286F2EB, E47D1DEE39451428344233DB15412BCB486C4F6FE1D0426F20AA4C6245387926 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:54:55.0829 0xb184  USB3MON - ok
21:54:55.0833 0xb184  [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:54:55.0841 0xb184  IMSS - ok
21:54:55.0843 0xb184  PWMTRV - ok
21:54:55.0859 0xb184  [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:54:55.0879 0xb184  Adobe ARM - ok
21:54:55.0884 0xb184  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
21:54:55.0892 0xb184  Intel AppUp(SM) center - ok
21:54:55.0960 0xb184  [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
21:54:56.0032 0xb184  Lenovo Registration - ok
21:54:56.0051 0xb184  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:54:56.0067 0xb184  avgnt - ok
21:54:56.0071 0xb184  [ 0360ACCC97132C5051189C9D9370309E, 113CE9B2B7FE1E0C6A0937E05E157BC98C7142F01E1D1EAA2A905A8D6B8E967D ] C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe
21:54:56.0080 0xb184  MobileAccess - ok
21:54:56.0089 0xb184  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
21:54:56.0102 0xb184  Dolby Home Theater v4 - ok
21:54:56.0122 0xb184  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:54:56.0149 0xb184  Sidebar - ok
21:54:56.0153 0xb184  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:54:56.0166 0xb184  mctadmin - ok
21:54:56.0186 0xb184  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:54:56.0213 0xb184  Sidebar - ok
21:54:56.0216 0xb184  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:54:56.0230 0xb184  mctadmin - ok
21:54:56.0233 0xb184  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:54:56.0240 0xb184  swg - ok
21:54:56.0260 0xb184  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:54:56.0285 0xb184  Sidebar - ok
21:54:56.0289 0xb184  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:54:56.0295 0xb184  swg - ok
21:54:56.0298 0xb184  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:54:56.0312 0xb184  mctadmin - ok
21:54:56.0312 0xb184  Lenovo.ShowBand - ok
21:54:56.0317 0xb184  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41000 ( enabled : updated )
21:54:56.0319 0xb184  Win FW state via NFP2: enabled
21:55:06.0132 0xb184  ============================================================
21:55:06.0132 0xb184  Scan finished
21:55:06.0132 0xb184  ============================================================
21:55:06.0136 0xb62c  Detected object count: 1
21:55:06.0137 0xb62c  Actual detected object count: 1
21:55:28.0469 0xb62c  postgresql-x64-9.0 ( UnsignedFile.Multi.Generic ) - skipped by user
21:55:28.0469 0xb62c  postgresql-x64-9.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.03.21.06
  rootkit: v2015.02.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17691
will :: WILL-THINK [administrator]

21.03.2015 21:59:46
mbar-log-2015-03-21 (21-59-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 422927
Time elapsed: 6 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

schrauber · 23.03.2015, 08:02

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

fatalerror · 23.03.2015, 12:57

Vielen Dank für die ganze Hilfe!!!

Hier die Log von Combofix. Beim Neustarten gab es keine Probleme.

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 15-03-23.01 - will 23.03.2015  11:20:36.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16081.11775 [GMT 1:00]
ausgeführt von:: c:\users\will\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini
c:\programdata\Roaming
c:\users\will\AppData\Local\TempFullTiltPokerEuSetup.exe
c:\users\will\AppData\Local\TempFullTiltUkSetup.exe
c:\users\will\AppData\Roaming\Roaming
c:\users\will\AppData\Roaming\Roaming\HoldemManager\config\FTPRushTables.xml
Q:\Autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-02-23 bis 2015-03-23  ))))))))))))))))))))))))))))))
.
.
2015-03-23 10:46 . 2015-03-23 10:46	--------	d-----w-	c:\users\postgres\AppData\Local\temp
2015-03-23 10:46 . 2015-03-23 10:46	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-03-21 20:59 . 2015-03-21 21:08	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-03-21 10:05 . 2015-03-21 10:07	--------	d-----w-	C:\FRST
2015-03-20 08:59 . 2015-01-29 09:07	11910896	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9DFA9E1F-6491-491D-9E0A-4B49E1A29C68}\mpengine.dll
2015-03-18 13:34 . 2015-03-23 11:05	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-18 13:33 . 2015-03-21 20:58	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-03-18 13:33 . 2015-03-18 13:33	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-03-18 13:33 . 2015-03-18 13:33	--------	d-----w-	c:\programdata\Malwarebytes
2015-03-18 13:33 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-03-18 13:33 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-03-12 12:29 . 2015-03-06 05:56	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-03-03 20:54 . 2015-01-09 03:14	91136	----a-w-	c:\windows\system32\wdi.dll
2015-03-03 20:54 . 2015-01-09 03:14	950272	----a-w-	c:\windows\system32\perftrack.dll
2015-03-03 20:54 . 2015-01-09 03:14	29696	----a-w-	c:\windows\system32\powertracker.dll
2015-03-03 20:54 . 2015-01-09 02:48	76800	----a-w-	c:\windows\SysWow64\wdi.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-15 08:15 . 2013-01-21 13:05	122905848	----a-w-	c:\windows\system32\MRT.exe
2015-03-05 09:31 . 2013-05-06 10:32	44088	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-03-05 09:31 . 2013-03-20 10:37	132120	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-03-05 09:31 . 2013-03-20 10:37	128536	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-02-24 02:17 . 2010-11-21 03:27	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-05 09:16 . 2014-02-11 16:14	989568	----a-w-	c:\windows\system32\nvumdshimx.dll
2015-02-05 09:16 . 2014-02-11 16:14	872856	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2015-02-05 09:16 . 2014-02-11 16:14	3264832	----a-w-	c:\windows\system32\nvapi64.dll
2015-02-05 09:16 . 2014-02-11 16:14	174856	----a-w-	c:\windows\system32\nvinitx.dll
2015-02-05 09:16 . 2014-02-11 16:14	156840	----a-w-	c:\windows\SysWow64\nvinit.dll
2015-02-04 20:29 . 2014-02-11 16:17	6898832	----a-w-	c:\windows\system32\nvcpl.dll
2015-02-04 20:29 . 2014-02-11 16:17	3533512	----a-w-	c:\windows\system32\nvsvc64.dll
2015-02-04 20:29 . 2014-02-11 16:17	934216	----a-w-	c:\windows\system32\nvvsvc.exe
2015-02-04 20:29 . 2014-02-11 16:17	2557640	----a-w-	c:\windows\system32\nvsvcr.dll
2015-02-04 20:29 . 2014-02-11 16:17	61640	----a-w-	c:\windows\system32\nvshext.dll
2015-02-04 20:29 . 2014-02-11 16:17	624968	----a-w-	c:\windows\SysWow64\oemdspif.dll
2015-02-04 20:29 . 2014-02-11 16:17	73928	----a-w-	c:\windows\system32\nv3dappshextr.dll
2015-02-04 20:29 . 2014-02-11 16:17	384200	----a-w-	c:\windows\system32\nvmctray.dll
2015-02-04 20:29 . 2014-02-11 16:17	1093960	----a-w-	c:\windows\system32\nv3dappshext.dll
2015-02-04 06:48 . 2014-02-11 16:17	4229548	----a-w-	c:\windows\system32\nvcoproc.bin
2015-02-04 03:16 . 2015-02-11 07:55	609280	----a-w-	c:\windows\system32\generaltel.dll
2015-02-04 03:16 . 2015-02-11 07:55	762368	----a-w-	c:\windows\system32\invagent.dll
2015-02-04 03:16 . 2015-02-11 07:55	414720	----a-w-	c:\windows\system32\devinv.dll
2015-02-04 03:16 . 2015-02-11 07:55	894976	----a-w-	c:\windows\system32\appraiser.dll
2015-02-04 03:16 . 2015-02-11 07:55	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-02-04 03:16 . 2015-02-11 07:55	192000	----a-w-	c:\windows\system32\aepic.dll
2015-02-04 03:13 . 2015-02-11 07:55	1098752	----a-w-	c:\windows\system32\aeinv.dll
2015-01-27 23:36 . 2015-02-11 07:55	1239720	----a-w-	c:\windows\system32\aitstatic.exe
2015-01-25 21:30 . 2014-11-01 09:36	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-13 14:20 . 2015-01-09 16:13	113440	----a-w-	c:\programdata\Microsoft\VCExpress\10.0\1031\ResourceCache.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-11-30 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-04-19 291608]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-02-28 133400]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-15 5941344]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-13 4351712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-03-19 704512]
"MobileAccess"="c:\program files (x86)\Lenovo\MobileAccess\MobileAccess.exe" [2013-04-17 155864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-08-31 508656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2012-4-1 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\ACF.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\bwincom.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\casino.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\EmpirePokerMaster.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\FullTiltPoker.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\FullTiltPokerEU.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\FullTiltUK.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\Gamebookers.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\mppoker.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\PartyGaming.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\PMU.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\PokerStars.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\WPT.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\ThinkPad\Bluetooth Software\BtwProximityCP.dll c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys;c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 MacheenService;Macheen Service;c:\program files (x86)\Lenovo\MobileAccess\MacheenService.exe;c:\program files (x86)\Lenovo\MobileAccess\MacheenService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 postgresql-x64-9.0;postgresql-x64-9.0 - PostgreSQL Server 9.0;c:\program files\PostgreSQL\9.0\bin\pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w;c:\program files\PostgreSQL\9.0\bin\pg_ctl.exe runservice -N postgresql-x64-9.0 -D C:/Program Files/PostgreSQL/9.0/data -w [x]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys;c:\windows\SYSNATIVE\DRIVERS\risdxc64.sys [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [x]
S2 WebUpdate4;Web Update Wizard Service V4;c:\program files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe;c:\program files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [x]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 5U877;5U877;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys;c:\windows\SYSNATIVE\Drivers\wwuss64.sys [x]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys;c:\windows\SYSNATIVE\Drivers\wwussf64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 l36wgps; Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\l36wgps64.sys;c:\windows\SYSNATIVE\DRIVERS\l36wgps64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 Mbm3CBus;H5321 gw Mobile Broadband Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3CBus.sys [x]
S3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3DevMt.sys [x]
S3 Mbm3mdfl; Mobile Broadband Modem Port Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3mdfl.sys [x]
S3 Mbm3Mdm; Mobile Broadband Modem Port Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3Mdm.sys [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x]
S3 tvtvcamd;ThinkVantage Virtual Camera;c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys;c:\windows\SYSNATIVE\DRIVERS\WwanUsbMp64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-21 19:35	1061704	----a-w-	c:\program files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-30 09:17]
.
2015-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-30 09:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39	463952	----a-w-	c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39	463952	----a-w-	c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39	463952	----a-w-	c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39	463952	----a-w-	c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe" [2012-02-24 382528]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-06-01 290160]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2012-05-30 64608]
"Greenshot"="c:\program files\Greenshot\Greenshot.exe" [2013-05-20 499712]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-03 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-03 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-03 441152]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-09-13 13653208]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-08-30 1321688]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-11-07 2464072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACF.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bwincom.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\casino.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EmpirePokerMaster.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FullTiltPoker.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FullTiltPokerEU.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FullTiltUK.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Gamebookers.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mppoker.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PartyGaming.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PMU.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PokerStars.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WPT.exe]
"debugger"=c:\program files (x86)\Tilt Breaker\rundll32.exe
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{5A717EF3-4720-4536-AF7F-0B199AB123D5}: NameServer = 195.230.105.134 195.230.105.135
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-24hPoker (Poker) - c:\microgaming\Poker\24hpokerMPP\install.exe
AddRemove-unibetpoker (Poker) - c:\microgaming\Poker\unibetpokerMPP\install.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.0]
"ImagePath"="\"c:\program files\PostgreSQL\9.0\bin\pg_ctl.exe\" runservice -N \"postgresql-x64-9.0\" -D \"C:/Program Files/PostgreSQL/9.0/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
   bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Lenovo\Lenovo Solution Center\LSCNotify.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-03-23  12:18:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-03-23 11:17
.
Vor Suchlauf: 20 Verzeichnis(se), 37.449.179.136 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 38.215.147.520 Bytes frei
.
- - End Of File - - 10DBDA624DB9ED88BC1168DF5B6E976E

--- --- ---

schrauber · 23.03.2015, 20:12

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

fatalerror · 24.03.2015, 23:36

Erneut vielen Dank für die ganze Hilfe. Hier sind die ganzen Logs

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 24.03.2015
Suchlauf-Zeit: 22:37:38
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.03.24.08
Rootkit Datenbank: v2015.02.25.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: will

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 420130
Verstrichene Zeit: 5 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

# AdwCleaner v4.113 - Bericht erstellt 24/03/2015 um 22:54:19
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-03-23.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : will - WILL-THINK
# Gestarted von : C:\Users\will\Downloads\AdwCleaner_4.113.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Windows\Util

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [1775 Bytes] - [24/03/2015 22:50:18]
AdwCleaner[S0].txt - [1689 Bytes] - [24/03/2015 22:54:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1748  Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 7 Professional x64
Ran by will on 24.03.2015 at 23:03:31,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\will\appdata\local\{64AAB6AA-32E2-4194-968E-EE75895DFF21}
Successfully deleted: [Empty Folder] C:\Users\will\appdata\local\{C45BF835-FF66-4754-BBD3-C4D0A690AEB1}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2015 at 23:07:53,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by will (administrator) on WILL-THINK on 24-03-2015 23:16:27
Running from C:\Users\will\Downloads
Loaded Profiles: will & postgres (Available profiles: will & postgres)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Data Perceptions / PowerProgrammer) C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
() C:\Program Files (x86)\Tilt Breaker\rundll64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Macheen) C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Farbar) C:\Users\will\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [64608 2012-05-30] (Lenovo)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [499712 2013-05-20] (Greenshot)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-07] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-19] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [MobileAccess] => C:\Program Files (x86)\Lenovo\MobileAccess\MobileAccess.exe [155864 2013-04-17] (Lenovo)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-30] (Google Inc.)
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-30] (Google Inc.)
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\RunOnce: [Lenovo.ShowBand] => C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe /show
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\RunOnce: [] => [X]
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\RunOnce: [Lenovoautoqdrive] => C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutorunreg.exe [159744 2011-12-15] ()
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\MountPoints2: {e12005c8-3ab5-11e2-aac9-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-05] (NVIDIA Corporation)
IFEO\ACF.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\bwincom.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\casino.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\EmpirePokerMaster.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\FullTiltPoker.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\FullTiltPokerEU.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\FullTiltUK.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\Gamebookers.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\mppoker.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\PartyGaming.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\PMU.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\PokerStars.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
IFEO\WPT.exe: [Debugger] C:\Program Files (x86)\Tilt Breaker\rundll32.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1349373112-78878798-3739382671-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1349373112-78878798-3739382671-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1349373112-78878798-3739382671-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deGI519
SearchScopes: HKU\S-1-5-21-1349373112-78878798-3739382671-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1349373112-78878798-3739382671-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-19] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1349373112-78878798-3739382671-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5A717EF3-4720-4536-AF7F-0B199AB123D5}: [NameServer] 195.230.105.134 195.230.105.135

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-11-30]

Chrome: 
=======
CHR Profile: C:\Users\will\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-13]
CHR Extension: (Google Drive) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-13]
CHR Extension: (YouTube) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-13]
CHR Extension: (Google Search) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-13]
CHR Extension: (Avira Browser Safety) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\will\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-13]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 MacheenService; C:\Program Files (x86)\Lenovo\MobileAccess\MacheenService.exe [32480 2013-04-17] (Macheen)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-07] (NVIDIA Corporation)
R2 postgresql-x64-9.0; C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe [110592 2014-04-09] (PostgreSQL Global Development Group) [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [49648 2015-01-15] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 WebUpdate4; C:\Program Files (x86)\Lenovo\MobileAccess\WebUpdateSvc4.exe [278800 2013-01-16] (Data Perceptions / PowerProgrammer)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [655400 2012-02-03] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-08-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-08-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-08-22] (MCCI Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 23:16 - 2015-03-24 23:16 - 00026581 _____ () C:\Users\will\Downloads\FRST.txt
2015-03-24 23:15 - 2015-03-24 23:15 - 02095616 _____ (Farbar) C:\Users\will\Downloads\FRST64 (1).exe
2015-03-24 23:07 - 2015-03-24 23:07 - 00000836 _____ () C:\Users\will\Desktop\JRT.txt
2015-03-24 23:02 - 2015-03-24 23:02 - 01388782 _____ (Thisisu) C:\Users\will\Downloads\JRT.exe
2015-03-24 22:56 - 2015-03-24 22:56 - 00001836 _____ () C:\Users\will\Desktop\AdwCleaner[S0].txt
2015-03-24 22:49 - 2015-03-24 22:54 - 00000000 ____D () C:\AdwCleaner
2015-03-24 22:48 - 2015-03-24 22:48 - 02168320 _____ () C:\Users\will\Downloads\AdwCleaner_4.113.exe
2015-03-24 22:46 - 2015-03-24 22:46 - 00001207 _____ () C:\Users\will\Desktop\mbam.txt
2015-03-24 22:34 - 2015-03-24 22:35 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\will\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-23 12:18 - 2015-03-23 12:18 - 00032339 _____ () C:\ComboFix.txt
2015-03-23 11:19 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-23 11:19 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-23 11:19 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-23 11:19 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-23 11:19 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-23 11:19 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-23 11:19 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-23 11:19 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-23 11:15 - 2015-03-23 12:19 - 00000000 ____D () C:\Qoobox
2015-03-23 11:15 - 2015-03-23 12:14 - 00000000 ____D () C:\Windows\erdnt
2015-03-23 11:14 - 2015-03-23 11:15 - 05616289 ____R (Swearware) C:\Users\will\Downloads\ComboFix.exe
2015-03-21 21:59 - 2015-03-21 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-21 21:52 - 2015-03-21 22:07 - 00000000 ____D () C:\Users\will\Desktop\mbar
2015-03-21 21:51 - 2015-03-21 21:52 - 16502728 _____ (Malwarebytes Corp.) C:\Users\will\Downloads\mbar-1.09.1.1004.exe
2015-03-21 11:05 - 2015-03-24 23:16 - 00000000 ____D () C:\FRST
2015-03-21 11:05 - 2015-03-21 11:05 - 02095616 _____ (Farbar) C:\Users\will\Downloads\FRST64.exe
2015-03-18 14:34 - 2015-03-24 23:00 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-18 14:33 - 2015-03-24 22:36 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-18 14:33 - 2015-03-24 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-18 14:33 - 2015-03-24 22:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-18 14:33 - 2015-03-18 14:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-18 14:33 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-18 14:33 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-18 14:33 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-18 14:31 - 2015-03-18 14:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\will\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-18 11:53 - 2015-03-18 11:53 - 00000000 ____D () C:\Windows\SysWOW64\NV
2015-03-18 11:53 - 2015-03-18 11:53 - 00000000 ____D () C:\Windows\system32\NV
2015-03-18 11:53 - 2015-03-18 11:53 - 00000000 ____D () C:\Users\will\AppData\Local\NVIDIA
2015-03-18 11:53 - 2015-02-05 10:16 - 31893704 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 24557768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 20989664 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 19972512 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 18518392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 17258696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 16890288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 14034224 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 13945976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 13045960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-18 11:53 - 2015-02-05 10:16 - 11398960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 11336944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 04292424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 04012744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 02876688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434520.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 01556680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434520.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00963784 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00934600 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00923848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00900240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-18 11:53 - 2015-02-05 10:16 - 00031560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-03-14 22:27 - 2015-03-15 00:48 - 00000000 ____D () C:\Users\will\Desktop\Neuer Ordner
2015-03-12 13:30 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-12 13:30 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-12 13:30 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-12 13:30 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-12 13:30 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-12 13:30 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-12 13:30 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-12 13:30 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-12 13:30 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-12 13:30 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-12 13:30 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-12 13:30 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-12 13:30 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-12 13:30 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-12 13:30 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-12 13:30 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-12 13:30 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-12 13:30 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-12 13:30 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-12 13:30 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-12 13:30 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-12 13:30 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-12 13:30 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-12 13:30 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-12 13:30 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-12 13:30 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-12 13:30 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-12 13:30 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-12 13:30 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-12 13:30 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-12 13:30 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-12 13:30 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-12 13:30 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-12 13:30 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-12 13:30 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-12 13:30 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-12 13:30 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-12 13:30 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-12 13:30 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-12 13:30 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-12 13:29 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-12 13:29 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-12 13:29 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-12 13:29 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-12 13:29 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-12 13:29 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-12 13:29 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-12 13:29 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-12 13:29 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-12 13:29 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-12 13:29 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-12 13:29 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-12 13:29 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-12 13:29 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-12 13:29 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-12 13:29 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-12 13:29 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-12 13:29 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-12 13:29 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-12 13:29 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-12 13:29 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-12 13:29 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-12 13:29 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-12 13:29 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-12 13:29 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-12 13:29 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-12 13:29 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-12 13:29 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-12 13:29 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-12 13:29 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-12 13:29 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-12 13:29 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-12 13:29 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-12 13:29 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-12 13:29 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-12 13:29 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-12 13:29 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-12 13:29 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-12 13:29 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-12 13:29 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-12 13:29 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-12 13:29 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-12 13:29 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-12 13:29 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-12 13:29 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-12 13:29 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-12 13:29 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-12 13:29 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-12 13:29 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-12 13:29 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-12 13:29 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-12 13:29 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-12 13:29 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-12 13:29 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-12 13:29 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-12 13:29 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-12 13:29 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-12 13:29 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-12 13:29 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-12 13:29 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-12 13:29 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-12 13:29 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-12 13:29 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-12 13:29 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-12 13:29 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-12 13:29 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-12 13:29 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-12 13:29 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-12 13:29 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-12 13:29 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-12 13:29 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-12 13:29 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-12 13:29 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 13:29 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-12 13:29 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-12 13:29 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-12 13:29 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-12 13:29 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-12 13:29 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-03 21:54 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:54 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:54 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:54 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-26 00:45 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 00:45 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 23:16 - 2012-11-30 16:14 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-03-24 23:16 - 2012-11-30 16:14 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-03-24 23:16 - 2012-11-30 07:33 - 01247046 _____ () C:\Windows\WindowsUpdate.log
2015-03-24 23:16 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 23:10 - 2009-07-14 05:51 - 00167899 _____ () C:\Windows\setupact.log
2015-03-24 23:06 - 2009-07-14 05:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-24 23:06 - 2009-07-14 05:45 - 00034432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-24 23:02 - 2013-01-04 22:55 - 00000000 ____D () C:\Users\will\AppData\Roaming\Nitro PDF
2015-03-24 23:00 - 2012-11-30 07:34 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-24 22:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-24 22:48 - 2014-11-03 19:00 - 00000000 ____D () C:\Users\will\AppData\Local\PokerStars.UK
2015-03-24 22:34 - 2012-11-30 07:34 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-24 22:31 - 2014-05-23 15:21 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2015-03-24 22:10 - 2013-01-04 17:27 - 00000000 ____D () C:\Users\will\AppData\Local\MobileAccess
2015-03-24 10:45 - 2013-01-15 16:22 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2015-03-23 12:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-23 12:06 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-23 12:04 - 2010-11-21 04:47 - 00552408 _____ () C:\Windows\PFRO.log
2015-03-23 09:49 - 2013-01-15 16:46 - 00000000 ____D () C:\Users\postgres
2015-03-18 11:53 - 2014-02-11 17:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-18 11:53 - 2014-02-11 17:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-18 11:53 - 2014-02-11 17:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-18 11:53 - 2012-11-30 07:28 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-15 10:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-15 09:39 - 2013-01-04 17:27 - 00000000 ____D () C:\Users\will
2015-03-15 09:39 - 2009-07-14 05:45 - 00320584 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-15 09:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-15 09:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-15 09:21 - 2013-08-14 19:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-15 09:15 - 2013-01-21 14:05 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-12 13:31 - 2013-04-15 17:00 - 00000000 ____D () C:\Program Files (x86)\Tilt Breaker
2015-03-12 13:29 - 2013-04-15 17:00 - 00002268 _____ () C:\Windows\System32\Tasks\TiltBreaker
2015-03-09 10:51 - 2014-11-04 11:01 - 00000000 ____D () C:\Program Files (x86)\Full Tilt UK
2015-03-09 00:35 - 2013-04-15 17:00 - 00000000 ____D () C:\Users\will\AppData\Local\TiltBreaker
2015-03-05 10:31 - 2013-05-06 11:32 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-05 10:31 - 2013-03-20 11:37 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-05 10:31 - 2013-03-20 11:37 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-04 09:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-03 12:10 - 2014-11-04 11:01 - 00000000 ____D () C:\Users\will\AppData\Local\FullTilt UK
2015-02-28 08:36 - 2013-08-08 09:03 - 00000000 ____D () C:\Users\will\AppData\Local\Greenshot
2015-02-25 08:41 - 2013-04-15 17:00 - 00001972 _____ () C:\Users\Public\Desktop\Configure Tilt Breaker.lnk
2015-02-24 04:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-01-15 16:46 - 2013-01-15 16:46 - 0069226 _____ () C:\Program Files (x86)\hminstalllog.txt
2015-01-26 21:28 - 2015-01-26 21:28 - 0007607 _____ () C:\Users\will\AppData\Local\Resmon.ResmonCfg
2014-05-20 16:57 - 2014-05-16 21:32 - 0031922 _____ () C:\Users\will\AppData\Local\Temppt4TempNonAsciiFile
2014-05-18 11:21 - 2014-05-18 11:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-01-14 21:38 - 2013-01-14 21:38 - 0004931 _____ () C:\ProgramData\flwjycbm.bab
2014-04-25 11:26 - 2014-05-18 10:44 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-01-04 17:29 - 2014-01-16 10:10 - 0000313 _____ () C:\ProgramData\LastUpdate.xml
2014-10-26 13:29 - 2014-10-26 13:29 - 0004951 _____ () C:\ProgramData\lrbivjdu.eai

Some content of TEMP:
====================
C:\Users\will\AppData\Local\Temp\avgnt.exe
C:\Users\will\AppData\Local\Temp\Quarantine.exe
C:\Users\will\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 10:40

==================== End Of Log ============================

--- --- ---

--- --- ---

fatalerror · 24.03.2015, 23:37

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by will at 2015-03-24 23:16:45
Running from C:\Users\will\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

24hPoker (HKLM-x32\...\24hPoker (Poker)) (Version: 16.6.2.11243 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.72.00 - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Betfair.com Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Betfair.com Poker) (Version:  - )
Betfair.com Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Betfair.com Poker) (Version:  - )
Boylepoker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\boylepoker) (Version:  - )
Boylepoker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\boylepoker) (Version:  - )
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
bwin Poker (HKLM-x32\...\bwincomPoker) (Version:  - bwincom)
Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{517FAF1E-3045-49DE-8079-107C2851389E}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.392 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.32 - )
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)
Full Tilt UK (HKLM-x32\...\{31967082-7E6A-42A3-9740-6F9065509BD6}) (Version: 5.22.51.WIN.FullTilt.UK - )
Gala Casino Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Gala Casino Poker) (Version:  - )
Gala Casino Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Gala Casino Poker) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.1.5.2643 (HKLM\...\Greenshot_is1) (Version: 1.1.5.2643 - Greenshot)
Holdem Manager (HKLM-x32\...\HoldemManager) (Version:  - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Mobile Access (HKLM-x32\...\{4DD171A1-70FB-48EE-8844-98A7AA4C8DCC}) (Version: 3.2.30417.1301 - Lenovo)
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0027 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0020.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.1.1.0 - Ericsson AB)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
NVIDIA Grafiktreiber 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)
PokerJuice (HKLM-x32\...\PokerJuice) (Version: 1.1.24 - Pokerjuice ApS)
PokerJuice (x32 Version: 1.1.24 - Pokerjuice ApS) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version:  - )
PostgreSQL 9.0  (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
ProPokerTools Odds Oracle 2.2.7 (HKLM\...\5992-1726-3179-3433) (Version: 2.2.7 - ProPokerTools)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.1.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.34.0 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo)
Tilt Breaker (HKLM-x32\...\Tilt Breaker) (Version:  - )
Titan Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1001\...\Titan Poker) (Version:  - )
Titan Poker (HKU\S-1-5-21-1349373112-78878798-3739382671-1003\...\Titan Poker) (Version:  - )
Unibet (HKLM-x32\...\unibetpoker (Poker)) (Version: 16.6.2.11243 - )
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

22-03-2015 11:19:13 Geplanter Prüfpunkt
24-03-2015 10:48:05 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-23 11:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {276BB629-0199-42BF-BAC6-BC90F1E8D19B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {2CE61EA3-8367-4FF4-A9EB-260BEA30B8C6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {361D271E-0CA4-4E86-9A1C-4FA94E7BC674} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {7B081EB6-5600-4F79-AADF-C66BF383D857} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7F452686-DE07-4D63-84D8-1D7B65417FA1} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-15] (Lenovo Group Limited)
Task: {87F6F9F9-C663-4C70-965E-91B20D563A71} - System32\Tasks\{D52DB24F-08D2-488F-9247-3BFED14AB565} => pcalua.exe -a "C:\Users\will\Downloads\Win64_15338 (1).exe" -d C:\Users\will\Downloads
Task: {9617293C-8EDB-4EE6-9BE4-1E5596597BC6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {9DBFFE45-F5F5-4D6B-8105-346F005DC893} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-01-15] ()
Task: {DEDE3A73-2DCF-4B3A-B2B9-BB2E092640A7} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {E189D715-D336-4134-BE7B-A5EA793C9D02} - System32\Tasks\TiltBreaker => Rundll32.exe /startup
Task: {F2B717F4-1F1A-40CE-929B-DD780FE04DD9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {F5187D26-0CA5-4C6D-84CB-4091AB02304C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-05-22 21:04 - 2014-04-09 10:23 - 00218624 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll
2014-05-22 21:04 - 2012-08-14 13:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll
2012-11-30 07:27 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-11 14:17 - 2015-03-11 14:17 - 00106616 _____ () C:\Program Files (x86)\Tilt Breaker\TiltBreakerLib64.dll
2014-02-11 17:17 - 2015-02-04 21:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-11 14:17 - 2015-03-11 14:17 - 00182392 _____ () C:\Program Files (x86)\Tilt Breaker\rundll64.exe
2012-11-30 07:29 - 2012-05-15 22:32 - 00103936 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2012-11-30 07:29 - 2011-08-02 04:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2012-11-30 07:29 - 2011-08-02 04:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2012-11-30 07:27 - 2011-07-13 10:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2012-05-30 17:32 - 2012-05-30 17:32 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2014-02-11 17:14 - 2015-02-05 10:16 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-11-30 07:25 - 2012-02-21 04:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-03-21 20:37 - 2015-03-14 11:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 20:37 - 2015-03-14 11:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 20:37 - 2015-03-14 11:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1349373112-78878798-3739382671-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1349373112-78878798-3739382671-500 - Administrator - Disabled)
Gast (S-1-5-21-1349373112-78878798-3739382671-501 - Limited - Disabled)
postgres (S-1-5-21-1349373112-78878798-3739382671-1003 - Limited - Enabled) => C:\Users\postgres
will (S-1-5-21-1349373112-78878798-3739382671-1001 - Administrator - Enabled) => C:\Users\will

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (03/24/2015 11:15:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Percentage of memory in use: 20%
Total physical RAM: 16080.79 MB
Available physical RAM: 12768.45 MB
Total Pagefile: 32159.77 MB
Available Pagefile: 24496.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:34.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:1.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 54B82B8B)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== End Of Log ============================

schrauber · 25.03.2015, 18:26

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

cmd.exe öffnet sich und lädt treiber ohne mein zutun

Plagegeister aller Art und deren Bekämpfung: cmd.exe öffnet sich und lädt treiber ohne mein zutun