| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop hat ständig hohe Auslastung und friert einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.02.2016, 14:11
| #1 |
 |  Laptop hat ständig hohe Auslastung und friert ein fGuten Tag, dieser Laptop hat ständig eine hohe Auslastung zwischen 60% bis zu 100% und friert ständig ein. Es wäre sehr freundlich wenn mir jemand damit helfen könnte herauszufinden ob es an der Software liegt oder schlicht und einfach daran das er schon ein bisschen älter ist und die Hardware nicht mehr mit macht oder ähnliches. Vielen Dank im voraus! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (Administrator) auf LENOVO_T400-PC (09-02-2016 14:01:22)
Gestartet von C:\Users\l e n o v o_T400\Downloads
Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() C:\Windows\System32\DTS.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\00 Patrick\Steam\Steam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-10-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-10-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2011-05-31] (AuthenTec, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\ATFUS:
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Steam] => C:\00 Patrick\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe -update plugin
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\MountPoints2: {091b345c-7992-11e5-bf0c-00216b9b33c8} - E:\LaunchU3.exe -a
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\MountPoints2: {66793dfa-906b-11e5-812e-002268e88b1a} - E:\Startme.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{48B1B533-B784-4602-A55F-94991A35C471}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A37D0D6C-8B78-429F-B0B0-32A3CA0E4DDB}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-09] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-116035449-3229059048-4235389283-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: Avira Browser Safety - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\abs@avira.com.xpi [2016-02-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-11-25]
FF Extension: Adblock Plus - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-28]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2011-05-31] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 ATService; C:\Windows\system32\ATService.exe [2715976 2011-05-31] (AuthenTec, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2011-05-31] () [Datei ist nicht signiert]
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
S3 Origin Client Service; C:\00 Patrick\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-03] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-09 13:54 - 2016-02-09 14:01 - 00014093 _____ C:\Users\l e n o v o_T400\Downloads\FRST.txt
2016-02-09 13:53 - 2016-02-09 13:53 - 00003432 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2016-02-09 13:53 - 2016-02-09 13:53 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Avira
2016-02-09 13:50 - 2015-12-03 15:24 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-02-09 13:50 - 2015-12-03 15:24 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-02-09 13:50 - 2015-12-03 15:24 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-02-09 13:50 - 2015-12-03 15:24 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-02-09 13:47 - 2016-02-09 13:47 - 00003094 _____ C:\Windows\System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954}
2016-02-09 13:46 - 2016-02-09 13:52 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-09 13:46 - 2016-02-09 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-09 13:46 - 2016-02-09 13:50 - 00000000 ____D C:\ProgramData\Avira
2016-02-09 13:45 - 2016-02-09 13:45 - 05427168 _____ (Avira Operations GmbH & Co. KG) C:\Users\l e n o v o_T400\Downloads\avira_de_av_56b9df3c40868__ws.exe
2016-02-09 13:40 - 2016-02-09 13:40 - 00064169 _____ C:\Users\l e n o v o_T400\Desktop\bookmarks.html
2016-02-09 13:26 - 2016-02-09 14:01 - 00000000 ____D C:\FRST
2016-02-09 13:25 - 2016-02-09 13:25 - 02370560 _____ (Farbar) C:\Users\l e n o v o_T400\Downloads\FRST64.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-09 13:49 - 2015-10-23 15:42 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Skype
2016-02-09 13:45 - 2015-11-10 01:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-09 13:39 - 2015-10-23 15:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 13:39 - 2015-10-23 15:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 13:39 - 2015-10-23 15:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 13:39 - 2015-10-23 15:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-09 13:35 - 2015-11-10 01:08 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-02-09 13:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-09 13:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Local\Ubisoft Game Launcher
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-02-09 13:29 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-09 13:29 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-09 13:19 - 2011-04-12 08:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2016-02-09 13:19 - 2011-04-12 08:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2016-02-09 13:19 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-09 13:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-01 08:29 - 2015-10-26 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-01 08:28 - 2015-10-26 18:04 - 00000000 ____D C:\Windows\system32\MRT
2016-02-01 08:25 - 2015-10-26 18:03 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-23 15:52 - 2015-10-23 15:52 - 0000116 _____ () C:\ProgramData\CameraRecorder.ini
Einige Dateien in TEMP:
====================
C:\Users\l e n o v o_T400\AppData\Local\Temp\avgnt.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\BRSVC_1212424_hlp.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\l e n o v o_T400\AppData\Local\Temp\KUIU.EXE
C:\Users\l e n o v o_T400\AppData\Local\Temp\SkypeSetup.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\xmlUpdater.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-30 19:36
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-09 14:02:03)
Gestartet von C:\Users\l e n o v o_T400\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-23 14:02:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-116035449-3229059048-4235389283-500 - Administrator - Disabled)
Gast (S-1-5-21-116035449-3229059048-4235389283-501 - Limited - Disabled)
l e n o v o_T400 (S-1-5-21-116035449-3229059048-4235389283-1000 - Administrator - Enabled) => C:\Users\l e n o v o_T400
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Anomaly 2 (HKLM-x32\...\Steam App 236730) (Version: - 11 bit studios)
ATI Catalyst Install Manager (HKLM\...\{9B0EAC89-4331-A96E-C7D3-754192589BEE}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5.2-120504a-138564C-Lenovo - ATI Technologies, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ccc-core-static (x32 Version: 2012.0504.2334.40448 - Ihr Firmenname) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
Final Dusk (HKLM-x32\...\Steam App 337420) (Version: - Light Echo)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{8046A32C-88A7-45DA-B6D7-B6191E261031}) (Version: 7.03.0546 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.0.1980 - Electronic Arts, Inc.)
Outland (HKLM-x32\...\Steam App 305050) (Version: - Housemarque)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YGOPro DevPro Launcher (HKLM-x32\...\{8D09DD74-E630-4629-80DC-7FB13AE58F3F}) (Version: 2.0.10 - DevPro, LLC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0D483666-BD0C-48D5-82F4-F930ECA9F05A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {48F344EF-7EBF-49A9-8651-F290FF620395} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {78F84751-14B5-4A91-8DDD-1F0E4E255997} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {E6F170B4-1D97-4C90-B422-CB454FAEC109} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F3152822-05F2-45DA-ADF8-76BDFCFADDD4} - System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/de/go/help.faq.installer?LastError=1618
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-05-31 06:29 - 2011-05-31 06:29 - 00117760 _____ () C:\Windows\system32\DTS.exe
2008-12-20 03:20 - 2015-10-27 11:14 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-04 23:33 - 2012-05-04 23:33 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-29 21:03 - 2015-11-10 20:55 - 00778752 _____ () C:\00 Patrick\Steam\SDL2.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 04962816 _____ () C:\00 Patrick\Steam\v8.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01556992 _____ () C:\00 Patrick\Steam\icui18n.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01187840 _____ () C:\00 Patrick\Steam\icuuc.dll
2015-10-29 21:03 - 2015-12-14 21:01 - 02547280 _____ () C:\00 Patrick\Steam\video.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 02549248 _____ () C:\00 Patrick\Steam\libavcodec-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00442880 _____ () C:\00 Patrick\Steam\libavutil-54.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00491008 _____ () C:\00 Patrick\Steam\libavformat-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00332800 _____ () C:\00 Patrick\Steam\libavresample-2.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00485888 _____ () C:\00 Patrick\Steam\libswscale-3.dll
2015-10-29 21:03 - 2015-12-14 21:01 - 00804432 _____ () C:\00 Patrick\Steam\bin\chromehtml.DLL
2015-10-29 21:02 - 2015-11-03 23:00 - 00201728 _____ () C:\00 Patrick\Steam\bin\openvr_api.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-10-29 21:03 - 2015-11-17 01:31 - 47846176 _____ () C:\00 Patrick\Steam\bin\libcef.dll
2015-10-29 21:02 - 2015-09-25 00:56 - 00119208 _____ () C:\00 Patrick\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\l e n o v o_T400\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{9F1B72D5-FC54-41E7-8C64-6D0D8C94717F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2F963EB-9CBC-4793-8399-CF2EE3B5341C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA40F968-1239-47BA-9910-BF1EDE28CC3A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{012F6B68-D295-41AB-9A17-FA6EE5CE7F47}] => (Allow) LPort=2869
FirewallRules: [{EBC949E9-EB04-4131-8C3D-5802F68F5AD9}] => (Allow) LPort=1900
FirewallRules: [{AFCB54A4-6BEF-4376-8FBE-9B0FFEAC7DBE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{07563221-6C4E-4FF2-B720-E1CC00950509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D375C97-D8A4-4EBC-A9EA-739A8C9E69AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{72868D83-C4A2-4AC2-820D-5C033836562B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{009CFA44-D550-4669-8351-2A9B9EB49FCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06BC55BF-52A5-4334-A46A-ECF2D8F45D15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{78C8E05C-7516-40B0-BCC5-AB8B7790310E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B3987217-92BF-4D1F-800D-981B2BCF9A6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6B2A6036-4605-4FFF-A7B2-8DF6B0D0601C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{FD0891A4-ADEA-4B5C-956F-F5A8EECBF98D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{79A90932-5DA3-431B-BA14-08DF350C623C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{CDB297EE-9D1A-4A73-8275-07A9C5D239F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{1F89DABE-467B-4F4F-9EBD-3B85DDB67C7A}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [{91A1A7F1-BC69-4960-AF4F-F4D1B59AB939}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [TCP Query User{913DF891-DD3E-46FA-B821-48A854141B7A}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [UDP Query User{79A11FC0-BECD-4855-AD7D-F362FBFBFB24}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [{C437FD31-D94B-4F8C-8C0F-804D02293745}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{974E794F-EE7C-4CAE-B173-18BF7E4431B9}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{FEBB9783-D452-4575-AF84-443D98B8DDC1}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{A2214476-9994-4910-87F9-B61A14A59635}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{35C0DF2D-3043-4479-9DFD-CED810814F87}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{FD4FA76C-9825-4DEF-BC4D-69A4A1821DE6}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{CFA718F6-8366-46F5-AB2B-1E5A2AA916FF}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7229F608-EC44-4384-B92E-07552E506BD9}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [{1401E6C4-615B-49F4-B599-6A8A7349DDEE}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BCE41C79-C138-4F01-8C8A-6C5D313806A6}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C4C6EFE2-A3D3-4D6C-A6DF-B13FD962BA2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C7D6879E-88CE-4F75-B9BD-4AB85C7D801A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7137B81-01C5-4B4A-866C-6C5E91C22509}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C283972A-8B8E-4402-BAE7-68FF00C3C6D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE13F4A3-9CEB-4909-B1D5-4228652301F6}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{C108768B-7704-4065-BF85-737ADBF5F18E}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF79A33D-134D-40B0-AEC0-841F6BDF1526}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037598EA-7072-4F8D-B418-23C8DDABAA0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C5D6C5-9E1B-428B-979C-AE3345DEAA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{64684FDC-2FAE-458F-89E6-6727F3471D63}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D7D4382D-8DE1-4C4D-8134-67F6C9858A01}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{7BB0AEC7-369E-42E5-9144-EC4C9CFBD70C}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{28292762-161E-4710-A38D-B48039438495}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{6601F52C-B9B4-4B07-A9C8-206B18D44202}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{20EC68C0-8861-4CEC-90E3-8743A749D309}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{CC60C3B7-C76E-4F04-9861-F0E45CC0C7E8}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [TCP Query User{813447D1-9988-4423-A07D-2A48C84814A9}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8113568B-25A4-42B4-81B0-2B3D358B6902}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{86918A03-D4F5-482F-8D07-00E54E47C593}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{50CD02A8-AEB8-4985-BD21-9EEA1F4CF886}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{177B25B5-080B-4475-AC38-36A5A236FD86}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{594EABC2-428A-4755-81FB-AED0DA33E3EB}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3B4AD008-7737-4088-A141-21CED53840A3}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{F25D5FC4-06A9-4A95-B334-BA7C00F556F0}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{DFAB99F8-9F93-438E-9D29-4D0FCDC5C5DF}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{5459E706-1BA5-4BEA-803E-58DDDA775F97}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{CD933E24-9EA9-4C0D-BC71-B56D00719B66}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{BFBDDC45-2DCD-4520-846B-8C802178B568}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{5BE08BEE-291E-41E4-BCF5-1948A3C4EA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{84CCB198-5B74-4126-9DD2-09B8E4E40AC7}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{67D5512F-BEAE-45A9-9BEB-6B086F0F0053}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{2284D28E-060F-40F6-894C-82B3B949E543}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
==================== Wiederherstellungspunkte =========================
03-01-2016 19:35:35 DirectX wurde installiert
05-01-2016 12:18:37 Windows Update
01-02-2016 08:25:46 Windows Update
09-02-2016 13:17:41 Windows Update
09-02-2016 13:30:00 Removed WestwoodOnline
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/09/2016 01:14:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/09/2016 10:52:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/01/2016 08:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2016 07:10:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2016 12:15:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2016 07:34:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2016 12:10:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2016 12:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/04/2016 11:52:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2016 09:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (02/09/2016 02:01:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:59:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:57:12 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:55:12 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:53:58 PM) (Source: TPM) (EventID: 15) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.
Error: (02/09/2016 01:53:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:51:13 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:49:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:47:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/09/2016 01:45:13 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 77%
Installierter physikalischer RAM: 1990.02 MB
Verfügbarer physikalischer RAM: 439.02 MB
Summe virtueller Speicher: 4976.02 MB
Verfügbarer virtueller Speicher: 2011.19 MB
==================== Laufwerke ================================
Drive c: (Windows 7 SSD) (Fixed) (Total:238.37 GB) (Free:167.91 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5DE8806A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
10.02.2016, 13:32
| #2 |
| /// TB-Ausbilder   | Laptop hat ständig hohe Auslastung und friert ein Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
10.02.2016, 14:01
| #3 |
| | Laptop hat ständig hohe Auslastung und friert ein Musste es auf zwei Posts aufteilen. Hoffe es fehlt nichts.
__________________Code:
ATTFilter 13:49:31.0733 0x0fb8 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:49:36.0147 0x0fb8 ============================================================
13:49:36.0147 0x0fb8 Current date / time: 2016/02/10 13:49:36.0147
13:49:36.0147 0x0fb8 SystemInfo:
13:49:36.0147 0x0fb8
13:49:36.0147 0x0fb8 OS Version: 6.1.7601 ServicePack: 1.0
13:49:36.0147 0x0fb8 Product type: Workstation
13:49:36.0147 0x0fb8 ComputerName: LENOVO_T400-PC
13:49:36.0147 0x0fb8 UserName: l e n o v o_T400
13:49:36.0147 0x0fb8 Windows directory: C:\Windows
13:49:36.0147 0x0fb8 System windows directory: C:\Windows
13:49:36.0147 0x0fb8 Running under WOW64
13:49:36.0147 0x0fb8 Processor architecture: Intel x64
13:49:36.0147 0x0fb8 Number of processors: 2
13:49:36.0147 0x0fb8 Page size: 0x1000
13:49:36.0147 0x0fb8 Boot type: Normal boot
13:49:36.0147 0x0fb8 ============================================================
13:49:36.0937 0x0fb8 KLMD registered as C:\Windows\system32\drivers\30643625.sys
13:49:37.0888 0x0fb8 System UUID: {5B1F67BF-DE8A-8576-05DD-CA5567F48681}
13:49:38.0571 0x0fb8 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x8134, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
13:49:38.0581 0x0fb8 ============================================================
13:49:38.0581 0x0fb8 \Device\Harddisk0\DR0:
13:49:38.0581 0x0fb8 MBR partitions:
13:49:38.0581 0x0fb8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:49:38.0581 0x0fb8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
13:49:38.0581 0x0fb8 ============================================================
13:49:38.0581 0x0fb8 C: <-> \Device\Harddisk0\DR0\Partition2
13:49:38.0591 0x0fb8 ============================================================
13:49:38.0591 0x0fb8 Initialize success
13:49:38.0591 0x0fb8 ============================================================
13:49:40.0291 0x12fc ============================================================
13:49:40.0291 0x12fc Scan started
13:49:40.0291 0x12fc Mode: Manual;
13:49:40.0291 0x12fc ============================================================
13:49:40.0291 0x12fc KSN ping started
13:49:43.0207 0x12fc KSN ping finished: true
13:49:43.0327 0x12fc ================ Scan system memory ========================
13:49:43.0327 0x12fc System memory - ok
13:49:43.0327 0x12fc ================ Scan services =============================
13:49:43.0389 0x12fc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:49:43.0399 0x12fc 1394ohci - ok
13:49:43.0429 0x12fc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:49:43.0439 0x12fc ACPI - ok
13:49:43.0449 0x12fc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:49:43.0459 0x12fc AcpiPmi - ok
13:49:43.0469 0x12fc [ 92E9D1DEBDC9C6C367064EA403C68874, 8666A595BA2FBB4EAC66DE662B15143993A82033BF02C4DA0B8B3D7004286CDB ] ADMonitor C:\Windows\system32\ADMonitor.exe
13:49:43.0529 0x12fc ADMonitor - ok
13:49:43.0539 0x12fc [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:43.0549 0x12fc AdobeARMservice - ok
13:49:43.0619 0x12fc [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:43.0769 0x12fc AdobeFlashPlayerUpdateSvc - ok
13:49:43.0789 0x12fc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:49:43.0809 0x12fc adp94xx - ok
13:49:43.0829 0x12fc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:49:43.0849 0x12fc adpahci - ok
13:49:43.0869 0x12fc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:49:43.0879 0x12fc adpu320 - ok
13:49:43.0889 0x12fc [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:49:43.0889 0x12fc AeLookupSvc - ok
13:49:43.0909 0x12fc [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
13:49:43.0919 0x12fc AFD - ok
13:49:43.0929 0x12fc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:49:43.0939 0x12fc agp440 - ok
13:49:43.0939 0x12fc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:49:43.0949 0x12fc ALG - ok
13:49:43.0959 0x12fc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:49:43.0959 0x12fc aliide - ok
13:49:43.0969 0x12fc [ F23C8B2011900E7D0F1940CA75975B90, D9E9907D8C71BE92D36FF1287F81D3C87CA3F2AC07229D2B53284473ED0B688A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:49:43.0989 0x12fc AMD External Events Utility - ok
13:49:43.0989 0x12fc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:49:43.0999 0x12fc amdide - ok
13:49:44.0009 0x12fc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:49:44.0019 0x12fc AmdK8 - ok
13:49:44.0239 0x12fc [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:49:44.0471 0x12fc amdkmdag - ok
13:49:44.0503 0x12fc [ 7FDAAE73445C2C9F8360AB45E22C03BE, 012825F5EC538CCB8A194BA8914D1DBCB283D5125C04B2B065909717CDCCA5BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:49:44.0519 0x12fc amdkmdap - ok
13:49:44.0525 0x12fc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:49:44.0535 0x12fc AmdPPM - ok
13:49:44.0535 0x12fc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:49:44.0555 0x12fc amdsata - ok
13:49:44.0565 0x12fc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:49:44.0575 0x12fc amdsbs - ok
13:49:44.0585 0x12fc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:49:44.0595 0x12fc amdxata - ok
13:49:44.0625 0x12fc [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
13:49:44.0755 0x12fc AntiVirMailService - ok
13:49:44.0775 0x12fc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
13:49:44.0785 0x12fc AntiVirSchedulerService - ok
13:49:44.0805 0x12fc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
13:49:44.0825 0x12fc AntiVirService - ok
13:49:44.0865 0x12fc [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
13:49:44.0985 0x12fc AntiVirWebService - ok
13:49:44.0995 0x12fc [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
13:49:45.0005 0x12fc AppID - ok
13:49:45.0015 0x12fc [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:49:45.0025 0x12fc AppIDSvc - ok
13:49:45.0035 0x12fc [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
13:49:45.0045 0x12fc Appinfo - ok
13:49:45.0055 0x12fc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
13:49:45.0065 0x12fc arc - ok
13:49:45.0075 0x12fc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:49:45.0085 0x12fc arcsas - ok
13:49:45.0105 0x12fc [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:49:45.0125 0x12fc aspnet_state - ok
13:49:45.0135 0x12fc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:49:45.0145 0x12fc AsyncMac - ok
13:49:45.0145 0x12fc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:49:45.0145 0x12fc atapi - ok
13:49:45.0367 0x12fc [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:49:45.0497 0x12fc atikmdag - ok
13:49:45.0587 0x12fc [ 7FE1E7697D611E3638E237543D51B56A, 0F43CFF95EF4DC54E4E5BD78A9A8A06507490C28C465E51ED764F6C746122469 ] ATService C:\Windows\system32\ATService.exe
13:49:45.0657 0x12fc ATService - ok
13:49:45.0687 0x12fc [ 599FDE158B87EB33538FB0CEA1A5813F, F1470CD94A778CCCFC3FC89AA3D0F9FF62BD151A8E94C1EE1102ECE76729B008 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
13:49:45.0737 0x12fc ATSwpWDF - ok
13:49:45.0757 0x12fc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:49:45.0787 0x12fc AudioEndpointBuilder - ok
13:49:45.0807 0x12fc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:49:45.0817 0x12fc AudioSrv - ok
13:49:45.0827 0x12fc [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:49:45.0867 0x12fc avgntflt - ok
13:49:45.0877 0x12fc [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:49:45.0917 0x12fc avipbb - ok
13:49:45.0927 0x12fc [ DFF7C7E8DB2A8F520BF0550AAD17FF99, 350E4E41E3932B155C93A061B7209645969FD6EE597CF5BBF4BBF7AB0EBBB7FD ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:49:45.0937 0x12fc Avira.ServiceHost - ok
13:49:45.0937 0x12fc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:49:45.0947 0x12fc avkmgr - ok
13:49:45.0957 0x12fc [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
13:49:45.0997 0x12fc avnetflt - ok
13:49:45.0997 0x12fc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:49:46.0017 0x12fc AxInstSV - ok
13:49:46.0037 0x12fc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:49:46.0069 0x12fc b06bdrv - ok
13:49:46.0089 0x12fc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:49:46.0114 0x12fc b57nd60a - ok
13:49:46.0123 0x12fc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:49:46.0137 0x12fc BDESVC - ok
13:49:46.0142 0x12fc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:49:46.0148 0x12fc Beep - ok
13:49:46.0169 0x12fc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:49:46.0202 0x12fc BFE - ok
13:49:46.0235 0x12fc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:49:46.0291 0x12fc BITS - ok
13:49:46.0301 0x12fc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:49:46.0311 0x12fc blbdrive - ok
13:49:46.0321 0x12fc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:49:46.0331 0x12fc bowser - ok
13:49:46.0336 0x12fc BRDriver64_1_3_3_E02B25FC - ok
13:49:46.0341 0x12fc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:49:46.0343 0x12fc BrFiltLo - ok
13:49:46.0343 0x12fc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:49:46.0353 0x12fc BrFiltUp - ok
13:49:46.0363 0x12fc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:49:46.0373 0x12fc Browser - ok
13:49:46.0393 0x12fc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:49:46.0413 0x12fc Brserid - ok
13:49:46.0413 0x12fc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:49:46.0423 0x12fc BrSerWdm - ok
13:49:46.0433 0x12fc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:49:46.0433 0x12fc BrUsbMdm - ok
13:49:46.0443 0x12fc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:49:46.0443 0x12fc BrUsbSer - ok
13:49:46.0453 0x12fc [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:49:46.0463 0x12fc BthEnum - ok
13:49:46.0463 0x12fc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:49:46.0473 0x12fc BTHMODEM - ok
13:49:46.0483 0x12fc [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:49:46.0493 0x12fc BthPan - ok
13:49:46.0503 0x12fc [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:49:46.0523 0x12fc BTHPORT - ok
13:49:46.0533 0x12fc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:49:46.0543 0x12fc bthserv - ok
13:49:46.0553 0x12fc [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:49:46.0563 0x12fc BTHUSB - ok
13:49:46.0573 0x12fc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:49:46.0583 0x12fc cdfs - ok
13:49:46.0593 0x12fc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:49:46.0613 0x12fc cdrom - ok
13:49:46.0623 0x12fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:49:46.0643 0x12fc CertPropSvc - ok
13:49:46.0643 0x12fc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
13:49:46.0653 0x12fc circlass - ok
13:49:46.0663 0x12fc [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
13:49:46.0673 0x12fc CLFS - ok
13:49:46.0693 0x12fc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:49:46.0703 0x12fc clr_optimization_v2.0.50727_32 - ok
13:49:46.0713 0x12fc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:49:46.0723 0x12fc clr_optimization_v2.0.50727_64 - ok
13:49:46.0753 0x12fc [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:49:46.0773 0x12fc clr_optimization_v4.0.30319_32 - ok
13:49:46.0783 0x12fc [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:49:46.0793 0x12fc clr_optimization_v4.0.30319_64 - ok
13:49:46.0813 0x12fc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:49:46.0813 0x12fc CmBatt - ok
13:49:46.0823 0x12fc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:49:46.0823 0x12fc cmdide - ok
13:49:46.0843 0x12fc [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
13:49:46.0863 0x12fc CNG - ok
13:49:46.0873 0x12fc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:49:46.0873 0x12fc Compbatt - ok
13:49:46.0883 0x12fc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:49:46.0893 0x12fc CompositeBus - ok
13:49:46.0893 0x12fc COMSysApp - ok
13:49:46.0903 0x12fc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:49:46.0913 0x12fc crcdisk - ok
13:49:46.0923 0x12fc [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:49:46.0943 0x12fc CryptSvc - ok
13:49:46.0953 0x12fc DAUpdaterSvc - ok
13:49:46.0953 0x12fc [ 881D881EA7B54BA294F01FD028F034BD, F79569D463C98374DEE491D0C6FD1D916E27CFB8B0529113B8229C9751DDBDD8 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:49:46.0973 0x12fc dc3d - ok
13:49:46.0993 0x12fc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:49:47.0013 0x12fc DcomLaunch - ok
13:49:47.0023 0x12fc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:49:47.0043 0x12fc defragsvc - ok
13:49:47.0053 0x12fc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:49:47.0063 0x12fc DfsC - ok
13:49:47.0073 0x12fc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:49:47.0093 0x12fc Dhcp - ok
13:49:47.0133 0x12fc [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
13:49:47.0175 0x12fc DiagTrack - ok
13:49:47.0185 0x12fc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:49:47.0185 0x12fc discache - ok
13:49:47.0195 0x12fc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
13:49:47.0205 0x12fc Disk - ok
13:49:47.0215 0x12fc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:49:47.0235 0x12fc Dnscache - ok
13:49:47.0245 0x12fc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:49:47.0265 0x12fc dot3svc - ok
13:49:47.0275 0x12fc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:49:47.0295 0x12fc DPS - ok
13:49:47.0295 0x12fc [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:49:47.0315 0x12fc drmkaud - ok
13:49:47.0315 0x12fc [ 369E422B4BB5641718D212F713E646D0, 72D0A3692FCE903A08ADB3F7D619D67ED063539131C39C63CAE250E0D2D4307B ] dtsvc C:\Windows\system32\DTS.exe
13:49:47.0365 0x12fc dtsvc - ok
13:49:47.0395 0x12fc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:49:47.0425 0x12fc DXGKrnl - ok
13:49:47.0445 0x12fc [ D608110ADB132E683360FCA0F6B2BB53, 99CD78973BB16B2CD37F5AA451876DB06E9DC1757F7B6BBA51241936C6E85EFE ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
13:49:47.0465 0x12fc e1yexpress - ok
13:49:47.0475 0x12fc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:49:47.0475 0x1374 Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
13:49:47.0485 0x12fc EapHost - ok
13:49:47.0575 0x12fc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:49:47.0685 0x12fc ebdrv - ok
13:49:47.0695 0x12fc [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS C:\Windows\System32\lsass.exe
13:49:47.0705 0x12fc EFS - ok
13:49:47.0725 0x12fc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:49:47.0755 0x12fc ehRecvr - ok
13:49:47.0755 0x12fc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:49:47.0765 0x12fc ehSched - ok
13:49:47.0795 0x12fc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:49:47.0825 0x12fc elxstor - ok
13:49:47.0825 0x12fc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:49:47.0835 0x12fc ErrDev - ok
13:49:47.0855 0x12fc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:49:47.0885 0x12fc EventSystem - ok
13:49:47.0895 0x12fc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:49:47.0905 0x12fc exfat - ok
13:49:47.0925 0x12fc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:49:47.0935 0x12fc fastfat - ok
13:49:47.0965 0x12fc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:49:48.0005 0x12fc Fax - ok
13:49:48.0005 0x12fc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
13:49:48.0015 0x12fc fdc - ok
13:49:48.0025 0x12fc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:49:48.0025 0x12fc fdPHost - ok
13:49:48.0035 0x12fc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:49:48.0045 0x12fc FDResPub - ok
13:49:48.0055 0x12fc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:49:48.0065 0x12fc FileInfo - ok
13:49:48.0065 0x12fc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:49:48.0075 0x12fc Filetrace - ok
13:49:48.0085 0x12fc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:49:48.0095 0x12fc flpydisk - ok
13:49:48.0105 0x12fc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:49:48.0125 0x12fc FltMgr - ok
13:49:48.0155 0x12fc [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
13:49:48.0215 0x12fc FontCache - ok
13:49:48.0225 0x12fc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:49:48.0235 0x12fc FontCache3.0.0.0 - ok
13:49:48.0235 0x12fc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:49:48.0245 0x12fc FsDepends - ok
13:49:48.0255 0x12fc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:49:48.0265 0x12fc Fs_Rec - ok
13:49:48.0275 0x12fc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:49:48.0275 0x12fc fvevol - ok
13:49:48.0285 0x12fc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:49:48.0295 0x12fc gagp30kx - ok
13:49:48.0325 0x12fc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:49:48.0355 0x12fc gpsvc - ok
13:49:48.0365 0x12fc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:49:48.0375 0x12fc hcw85cir - ok
13:49:48.0395 0x12fc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:49:48.0425 0x12fc HdAudAddService - ok
13:49:48.0435 0x12fc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:49:48.0445 0x12fc HDAudBus - ok
13:49:48.0445 0x12fc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:49:48.0455 0x12fc HidBatt - ok
13:49:48.0465 0x12fc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:49:48.0475 0x12fc HidBth - ok
13:49:48.0475 0x12fc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
13:49:48.0485 0x12fc HidIr - ok
13:49:48.0495 0x12fc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:49:48.0505 0x12fc hidserv - ok
13:49:48.0515 0x12fc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:49:48.0525 0x12fc HidUsb - ok
13:49:48.0535 0x12fc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:49:48.0555 0x12fc hkmsvc - ok
13:49:48.0565 0x12fc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:49:48.0585 0x12fc HomeGroupListener - ok
13:49:48.0595 0x12fc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:49:48.0615 0x12fc HomeGroupProvider - ok
13:49:48.0625 0x12fc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:49:48.0635 0x12fc HpSAMD - ok
13:49:48.0655 0x12fc [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:49:48.0665 0x12fc HTTP - ok
13:49:48.0675 0x12fc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:49:48.0675 0x12fc hwpolicy - ok
13:49:48.0685 0x12fc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:49:48.0695 0x12fc i8042prt - ok
13:49:48.0715 0x12fc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:49:48.0735 0x12fc iaStorV - ok
13:49:48.0735 0x12fc [ 99B71816BA253098E8374E641CB2F886, E65CAD462722DF165FC51EA27617445D4B6E2F59B0A1454F9DF2EFD841EF130A ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
13:49:48.0765 0x12fc IBMPMDRV - ok
13:49:48.0775 0x12fc [ 833139BADAEEA68515DD877BC800C1DF, 581B1823185391978D417C4607BF7EF2A09A0622C2FC677A5183040C76636434 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
13:49:48.0805 0x12fc IBMPMSVC - ok
13:49:48.0835 0x12fc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:49:48.0855 0x12e4 Object required for P2P: [ DFF7C7E8DB2A8F520BF0550AAD17FF99 ] Avira.ServiceHost
13:49:48.0875 0x12fc idsvc - ok
13:49:48.0875 0x12fc IEEtwCollectorService - ok
13:49:49.0135 0x12fc [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:49:49.0395 0x12fc igfx - ok
13:49:49.0435 0x12fc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:49:49.0445 0x12fc iirsp - ok
13:49:49.0465 0x12fc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:49:49.0495 0x12fc IKEEXT - ok
13:49:49.0505 0x12fc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:49:49.0515 0x12fc intelide - ok
13:49:49.0745 0x12fc [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
13:49:50.0005 0x12fc intelkmd - ok
13:49:50.0035 0x12fc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:49:50.0035 0x12fc intelppm - ok
13:49:50.0045 0x12fc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:49:50.0065 0x12fc IPBusEnum - ok
13:49:50.0065 0x12fc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:49:50.0075 0x12fc IpFilterDriver - ok
13:49:50.0095 0x12fc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:49:50.0105 0x1374 Object send P2P result: true
13:49:50.0105 0x12fc iphlpsvc - ok
13:49:50.0115 0x1374 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
13:49:50.0115 0x12fc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:49:50.0135 0x12fc IPMIDRV - ok
13:49:50.0135 0x12fc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:49:50.0156 0x12fc IPNAT - ok
13:49:50.0160 0x12fc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:49:50.0167 0x12fc IRENUM - ok
13:49:50.0171 0x12fc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:49:50.0177 0x12fc isapnp - ok
13:49:50.0187 0x12fc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:49:50.0207 0x12fc iScsiPrt - ok
13:49:50.0217 0x12fc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:49:50.0227 0x12fc kbdclass - ok
13:49:50.0227 0x12fc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:49:50.0247 0x12fc kbdhid - ok
13:49:50.0257 0x12fc [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso C:\Windows\system32\lsass.exe
13:49:50.0257 0x12fc KeyIso - ok
13:49:50.0267 0x12fc [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:49:50.0277 0x12fc KSecDD - ok
13:49:50.0287 0x12fc [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:49:50.0287 0x12fc KSecPkg - ok
13:49:50.0297 0x12fc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:49:50.0297 0x12fc ksthunk - ok
13:49:50.0317 0x12fc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:49:50.0337 0x12fc KtmRm - ok
13:49:50.0347 0x12fc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:49:50.0367 0x12fc LanmanServer - ok
13:49:50.0367 0x12fc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:49:50.0387 0x12fc LanmanWorkstation - ok
13:49:50.0387 0x12fc [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
13:49:50.0397 0x12fc lenovo.smi - ok
13:49:50.0407 0x12fc [ 606DA892A53FA863B67F8D3F8FF016A0, FB026285C07C8A77C1702698E40C2EA694B054C35C62E45C9A5C498BC94BAD49 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
13:49:50.0417 0x12fc LenovoRd - ok
13:49:50.0427 0x12fc [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
13:49:50.0427 0x12fc LHDmgr - ok
13:49:50.0437 0x12fc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:49:50.0447 0x12fc lltdio - ok
13:49:50.0457 0x12fc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:49:50.0477 0x12fc lltdsvc - ok
13:49:50.0487 0x12fc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:49:50.0497 0x12fc lmhosts - ok
13:49:50.0507 0x12fc [ 7F697D6EB3E47FBC7757229DAEE406B4, 9F2C5ED88ACFB16FD5D2B9372A17D322BD816A57C00FB0BD0835A27A25616F94 ] LMS C:\Program Files (x86)\Intel\AMT\LMS.exe
13:49:50.0507 0x12fc LMS - ok
13:49:50.0517 0x12fc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:49:50.0527 0x12fc LSI_FC - ok
13:49:50.0537 0x12fc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:49:50.0547 0x12fc LSI_SAS - ok
13:49:50.0557 0x12fc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:49:50.0567 0x12fc LSI_SAS2 - ok
13:49:50.0567 0x12fc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:49:50.0587 0x12fc LSI_SCSI - ok
13:49:50.0587 0x12fc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:49:50.0607 0x12fc luafv - ok
13:49:50.0607 0x12fc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:49:50.0627 0x12fc Mcx2Svc - ok
13:49:50.0627 0x12fc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
13:49:50.0637 0x12fc megasas - ok
13:49:50.0657 0x12fc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:49:50.0677 0x12fc MegaSR - ok
13:49:50.0677 0x12fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:49:50.0687 0x12fc MMCSS - ok
13:49:50.0697 0x12fc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:49:50.0697 0x12fc Modem - ok
13:49:50.0707 0x12fc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:49:50.0707 0x12fc monitor - ok
13:49:50.0707 0x12fc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:49:50.0717 0x12fc mouclass - ok
13:49:50.0727 0x12fc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:49:50.0747 0x12fc mouhid - ok
13:49:50.0757 0x12fc [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:49:50.0757 0x12fc mountmgr - ok
13:49:50.0767 0x12fc [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:49:50.0827 0x12fc MozillaMaintenance - ok
13:49:50.0837 0x12fc [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
13:49:50.0857 0x12fc MpFilter - ok
13:49:50.0867 0x12fc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:49:50.0887 0x12fc mpio - ok
13:49:50.0897 0x12fc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:49:50.0907 0x12fc mpsdrv - ok
13:49:50.0927 0x12fc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:49:50.0957 0x12fc MpsSvc - ok
13:49:50.0967 0x12fc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:49:50.0987 0x12fc MRxDAV - ok
13:49:50.0987 0x12fc [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:49:51.0017 0x12fc mrxsmb - ok
13:49:51.0027 0x12fc [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:49:51.0047 0x12fc mrxsmb10 - ok
13:49:51.0057 0x12fc [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:49:51.0087 0x12fc mrxsmb20 - ok
13:49:51.0087 0x12fc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:49:51.0097 0x12fc msahci - ok
13:49:51.0107 0x12fc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:49:51.0117 0x12fc msdsm - ok
13:49:51.0127 0x12fc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:49:51.0137 0x12fc MSDTC - ok
13:49:51.0147 0x12fc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:49:51.0157 0x12fc Msfs - ok
13:49:51.0157 0x12fc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:49:51.0167 0x12fc mshidkmdf - ok
13:49:51.0177 0x12fc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:49:51.0177 0x12fc msisadrv - ok
13:49:51.0187 0x12fc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:49:51.0207 0x12fc MSiSCSI - ok
13:49:51.0207 0x12fc msiserver - ok
13:49:51.0217 0x12fc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:49:51.0227 0x12fc MSKSSRV - ok
13:49:51.0227 0x12fc [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:49:51.0227 0x12fc MsMpSvc - ok
13:49:51.0237 0x12fc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:49:51.0237 0x12fc MSPCLOCK - ok
13:49:51.0247 0x12fc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:49:51.0247 0x12fc MSPQM - ok
13:49:51.0267 0x12fc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:49:51.0287 0x12fc MsRPC - ok
13:49:51.0297 0x12fc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:49:51.0297 0x12fc mssmbios - ok
13:49:51.0297 0x12fc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:49:51.0307 0x12fc MSTEE - ok
13:49:51.0317 0x12fc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:49:51.0317 0x12fc MTConfig - ok
13:49:51.0327 0x12fc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:49:51.0337 0x12fc Mup - ok
13:49:51.0347 0x12e4 Object send P2P result: true
13:49:51.0367 0x12fc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:49:51.0397 0x12fc napagent - ok
13:49:51.0417 0x12fc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:49:51.0437 0x12fc NativeWifiP - ok
13:49:51.0467 0x12fc [ 6D8FCDD5BB3B676EF58FA234073492C6, 07A69DD00E45C59CBB6FABFBD62FE897655970BE2D09997CF29D20241ED9AF13 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
13:49:51.0497 0x12fc NBService - ok
13:49:51.0527 0x12fc [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:49:51.0547 0x12fc NDIS - ok
13:49:51.0547 0x12fc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:49:51.0557 0x12fc NdisCap - ok
13:49:51.0567 0x12fc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:49:51.0577 0x12fc NdisTapi - ok
13:49:51.0577 0x12fc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:49:51.0587 0x12fc Ndisuio - ok
13:49:51.0597 0x12fc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:49:51.0617 0x12fc NdisWan - ok
13:49:51.0617 0x12fc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:49:51.0627 0x12fc NDProxy - ok
13:49:51.0637 0x12fc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:49:51.0647 0x12fc NetBIOS - ok
13:49:51.0657 0x12fc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:49:51.0667 0x12fc NetBT - ok
13:49:51.0667 0x12fc [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon C:\Windows\system32\lsass.exe
13:49:51.0677 0x12fc Netlogon - ok
13:49:51.0687 0x12fc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:49:51.0707 0x12fc Netman - ok
13:49:51.0717 0x12fc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0747 0x12fc NetMsmqActivator - ok
13:49:51.0757 0x12fc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0757 0x12fc NetPipeActivator - ok
13:49:51.0767 0x12fc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:49:51.0797 0x12fc netprofm - ok
13:49:51.0807 0x12fc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0807 0x12fc NetTcpActivator - ok
13:49:51.0817 0x12fc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0817 0x12fc NetTcpPortSharing - ok
13:49:51.0967 0x12fc [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
13:49:52.0127 0x12fc NETw5s64 - ok
13:49:52.0277 0x12fc [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
13:49:52.0397 0x12fc netw5v64 - ok
13:49:52.0417 0x12fc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:49:52.0427 0x12fc nfrd960 - ok
13:49:52.0440 0x12fc [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:49:52.0456 0x12fc NisDrv - ok
13:49:52.0473 0x12fc [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
13:49:52.0479 0x12fc NisSrv - ok
13:49:52.0489 0x12fc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:49:52.0509 0x12fc NlaSvc - ok
13:49:52.0529 0x12fc [ E584D6668E6A3923FF32E026A5ED2A03, 5DB5BE3410989AD92B2B4F48C363659D93E808A81411CE0DFA28098D2EA19DE3 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
13:49:52.0559 0x12fc NMIndexingService - ok
13:49:52.0569 0x12fc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:49:52.0579 0x12fc Npfs - ok
13:49:52.0579 0x12fc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:49:52.0589 0x12fc nsi - ok
13:49:52.0599 0x12fc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:49:52.0599 0x12fc nsiproxy - ok
13:49:52.0649 0x12fc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:49:52.0719 0x12fc Ntfs - ok
13:49:52.0729 0x12fc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:49:52.0729 0x12fc Null - ok
13:49:52.0739 0x12fc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:49:52.0749 0x12fc nvraid - ok
13:49:52.0759 0x12fc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:49:52.0769 0x12fc nvstor - ok
13:49:52.0779 0x12fc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:49:52.0789 0x12fc nv_agp - ok
13:49:52.0789 0x12fc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:49:52.0799 0x12fc ohci1394 - ok
13:49:52.0819 0x12fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:49:52.0829 0x12fc p2pimsvc - ok
13:49:52.0849 0x12fc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:49:52.0879 0x12fc p2psvc - ok
13:49:52.0889 0x12fc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
13:49:52.0909 0x12fc Parport - ok
13:49:52.0909 0x12fc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:49:52.0919 0x12fc partmgr - ok
13:49:52.0929 0x12fc [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:49:52.0949 0x12fc PcaSvc - ok
13:49:52.0959 0x12fc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:49:52.0969 0x12fc pci - ok
13:49:52.0969 0x12fc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:49:52.0979 0x12fc pciide - ok
13:49:52.0989 0x12fc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:49:53.0009 0x12fc pcmcia - ok
13:49:53.0019 0x12fc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:49:53.0029 0x12fc pcw - ok
13:49:53.0049 0x12fc [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:49:53.0069 0x12fc PEAUTH - ok
13:49:53.0099 0x12fc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:49:53.0139 0x12fc PerfHost - ok
13:49:53.0189 0x12fc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:49:53.0229 0x12fc pla - ok
13:49:53.0249 0x12fc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:49:53.0279 0x12fc PlugPlay - ok
13:49:53.0289 0x12fc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:49:53.0299 0x12fc PNRPAutoReg - ok
13:49:53.0319 0x12fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:49:53.0329 0x12fc PNRPsvc - ok
13:49:53.0349 0x12fc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:49:53.0379 0x12fc PolicyAgent - ok
13:49:53.0389 0x12fc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:49:53.0399 0x12fc Power - ok
13:49:53.0409 0x12fc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:49:53.0419 0x12fc PptpMiniport - ok
13:49:53.0429 0x12fc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
13:49:53.0439 0x12fc Processor - ok
13:49:53.0449 0x12fc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
13:49:53.0469 0x12fc ProfSvc - ok
13:49:53.0479 0x12fc [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:49:53.0479 0x12fc ProtectedStorage - ok
13:49:53.0489 0x12fc [ C2C5F5D150605FD14FA2ABDE88DB2020, 1AE35D1FB3C48EC725013F840F7FEC09D2511D9FAE0D6902CF5BF52447A18857 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
13:49:53.0499 0x12fc psadd - ok
13:49:53.0509 0x12fc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:49:53.0509 0x12fc Psched - ok
13:49:53.0559 0x12fc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:49:53.0599 0x12fc ql2300 - ok
13:49:53.0609 0x12fc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:49:53.0619 0x12fc ql40xx - ok
13:49:53.0629 0x12fc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:49:53.0659 0x12fc QWAVE - ok
13:49:53.0659 0x12fc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:49:53.0669 0x12fc QWAVEdrv - ok
13:49:53.0669 0x12fc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:49:53.0679 0x12fc RasAcd - ok
13:49:53.0679 0x12fc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:49:53.0689 0x12fc RasAgileVpn - ok
13:49:53.0699 0x12fc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:49:53.0719 0x12fc RasAuto - ok
13:49:53.0729 0x12fc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:49:53.0739 0x12fc Rasl2tp - ok
13:49:53.0759 0x12fc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:49:53.0779 0x12fc RasMan - ok
13:49:53.0789 0x12fc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:49:53.0799 0x12fc RasPppoe - ok
13:49:53.0809 0x12fc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:49:53.0819 0x12fc RasSstp - ok
13:49:53.0829 0x12fc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:49:53.0859 0x12fc rdbss - ok
13:49:53.0859 0x12fc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:49:53.0869 0x12fc rdpbus - ok
13:49:53.0869 0x12fc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:49:53.0879 0x12fc RDPCDD - ok
13:49:53.0879 0x12fc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:49:53.0879 0x12fc RDPENCDD - ok
13:49:53.0889 0x12fc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:49:53.0889 0x12fc RDPREFMP - ok
13:49:53.0899 0x12fc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:49:53.0909 0x12fc RdpVideoMiniport - ok
13:49:53.0909 0x12fc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:49:53.0929 0x12fc RDPWD - ok
13:49:53.0939 0x12fc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:49:53.0959 0x12fc rdyboost - ok
13:49:53.0959 0x12fc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:49:53.0979 0x12fc RemoteAccess - ok
13:49:53.0989 0x12fc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:49:54.0009 0x12fc RemoteRegistry - ok
13:49:54.0019 0x12fc [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:49:54.0029 0x12fc RFCOMM - ok
13:49:54.0039 0x12fc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:49:54.0049 0x12fc RpcEptMapper - ok
13:49:54.0049 0x12fc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:49:54.0059 0x12fc RpcLocator - ok
13:49:54.0079 0x12fc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:49:54.0089 0x12fc RpcSs - ok
13:49:54.0099 0x12fc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:49:54.0109 0x12fc rspndr - ok
13:49:54.0109 0x12fc [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs C:\Windows\system32\lsass.exe
13:49:54.0119 0x12fc SamSs - ok
13:49:54.0119 0x12fc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:49:54.0139 0x12fc sbp2port - ok
13:49:54.0149 0x12fc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:49:54.0169 0x12fc SCardSvr - ok
13:49:54.0169 0x12fc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:49:54.0179 0x12fc scfilter - ok
13:49:54.0209 0x12fc [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
13:49:54.0249 0x12fc Schedule - ok
13:49:54.0259 0x12fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:49:54.0259 0x12fc SCPolicySvc - ok
13:49:54.0269 0x12fc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:49:54.0289 0x12fc SDRSVC - ok
13:49:54.0299 0x12fc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:49:54.0309 0x12fc secdrv - ok
13:49:54.0309 0x12fc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:49:54.0329 0x12fc seclogon - ok
13:49:54.0329 0x12fc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:49:54.0339 0x12fc SENS - ok
13:49:54.0349 0x12fc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:49:54.0359 0x12fc SensrSvc - ok
13:49:54.0369 0x12fc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:49:54.0379 0x12fc Serenum - ok
13:49:54.0379 0x12fc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:49:54.0399 0x12fc Serial - ok
13:49:54.0399 0x12fc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:49:54.0409 0x12fc sermouse - ok
13:49:54.0419 0x12fc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:49:54.0439 0x12fc SessionEnv - ok
13:49:54.0439 0x12fc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:49:54.0449 0x12fc sffdisk - ok
13:49:54.0449 0x12fc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:49:54.0459 0x12fc sffp_mmc - ok
13:49:54.0459 0x12fc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:49:54.0469 0x12fc sffp_sd - ok
13:49:54.0479 0x12fc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:49:54.0479 0x12fc sfloppy - ok
13:49:54.0499 0x12fc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:49:54.0529 0x12fc SharedAccess - ok
13:49:54.0539 0x12fc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:49:54.0559 0x12fc ShellHWDetection - ok
13:49:54.0569 0x12fc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:49:54.0579 0x12fc SiSRaid2 - ok
13:49:54.0579 0x12fc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:49:54.0589 0x12fc SiSRaid4 - ok
13:49:54.0609 0x12fc [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:49:54.0619 0x12fc SkypeUpdate - ok
13:49:54.0629 0x12fc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:49:54.0639 0x12fc Smb - ok
13:49:54.0649 0x12fc [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
13:49:54.0679 0x12fc SmbDrvI - ok
13:49:54.0679 0x12fc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:49:54.0689 0x12fc SNMPTRAP - ok
13:49:54.0699 0x12fc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:49:54.0699 0x12fc spldr - ok
13:49:54.0719 0x12fc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:49:54.0749 0x12fc Spooler - ok
13:49:54.0829 0x12fc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:49:54.0919 0x12fc sppsvc - ok
13:49:54.0939 0x12fc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:49:54.0949 0x12fc sppuinotify - ok
13:49:54.0959 0x12fc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:49:54.0979 0x12fc srv - ok
13:49:54.0999 0x12fc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:49:55.0019 0x12fc srv2 - ok
13:49:55.0029 0x12fc [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:49:55.0049 0x12fc SrvHsfHDA - ok
13:49:55.0099 0x12fc [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:49:55.0139 0x12fc SrvHsfV92 - ok
13:49:55.0169 0x12fc [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:49:55.0189 0x12fc SrvHsfWinac - ok
13:49:55.0199 0x12fc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:49:55.0219 0x12fc srvnet - ok
13:49:55.0229 0x12fc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:49:55.0239 0x12fc SSDPSRV - ok
13:49:55.0249 0x12fc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:49:55.0259 0x12fc SstpSvc - ok
13:49:55.0289 0x12fc [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:49:55.0309 0x12fc Steam Client Service - ok
13:49:55.0319 0x12fc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:49:55.0371 0x12fc stexstor - ok
13:49:55.0389 0x12fc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:49:55.0411 0x12fc stisvc - ok
13:49:55.0421 0x12fc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:49:55.0431 0x12fc swenum - ok
13:49:55.0441 0x12fc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:49:55.0471 0x12fc swprv - ok
13:49:55.0491 0x12fc [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:49:55.0531 0x12fc SynTP - ok
13:49:55.0581 0x12fc [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
13:49:55.0631 0x12fc SysMain - ok
13:49:55.0641 0x12fc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:49:55.0661 0x12fc TabletInputService - ok
13:49:55.0671 0x12fc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:49:55.0691 0x12fc TapiSrv - ok
13:49:55.0691 0x12fc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:49:55.0701 0x12fc TBS - ok
13:49:55.0943 0x1374 Object send P2P result: true
13:49:55.0943 0x1374 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
13:49:55.0973 0x12fc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:49:56.0285 0x12fc Tcpip - ok
13:49:56.0457 0x12fc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:49:56.0497 0x12fc TCPIP6 - ok
13:49:56.0527 0x12fc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:49:56.0559 0x12fc tcpipreg - ok
13:49:56.0579 0x12fc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:49:56.0609 0x12fc TDPIPE - ok
13:49:56.0629 0x12fc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:49:56.0659 0x12fc TDTCP - ok
13:49:56.0689 0x12fc [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:49:56.0729 0x12fc tdx - ok
13:49:56.0759 0x12fc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:49:56.0779 0x12fc TermDD - ok
13:49:56.0899 0x12fc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
13:49:56.0929 0x12fc TermService - ok
13:49:56.0939 0x12fc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:49:56.0949 0x12fc Themes - ok
13:49:56.0959 0x12fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:49:56.0959 0x12fc THREADORDER - ok
13:49:56.0969 0x12fc [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
13:49:56.0969 0x12fc TPM - ok
13:49:56.0979 0x12fc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:49:56.0989 0x12fc TrkWks - ok
13:49:56.0999 0x12fc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:49:57.0009 0x12fc TrustedInstaller - ok
13:49:57.0019 0x12fc [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:49:57.0029 0x12fc tssecsrv - ok
13:49:57.0029 0x12fc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:49:57.0039 0x12fc TsUsbFlt - ok
13:49:57.0049 0x12fc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:49:57.0059 0x12fc TsUsbGD - ok
13:49:57.0069 0x12fc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:49:57.0079 0x12fc tunnel - ok
13:49:57.0079 0x12fc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:49:57.0089 0x12fc uagp35 - ok
13:49:57.0099 0x12fc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:49:57.0119 0x12fc udfs - ok
13:49:57.0129 0x12fc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:49:57.0139 0x12fc UI0Detect - ok
13:49:57.0149 0x12fc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:49:57.0149 0x12fc uliagpkx - ok
13:49:57.0159 0x12fc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:49:57.0173 0x12fc umbus - ok
13:49:57.0178 0x12fc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
13:49:57.0186 0x12fc UmPass - ok
13:49:57.0238 0x12fc [ 86DEAC5CED845D55C63B125E0908685E, E9AC1AFFEEB657F16E3F2115C53B919FD43C917B1EDE97AFA0E18C02A8ACB2DD ] UNS C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
13:49:57.0281 0x12fc UNS - ok
13:49:57.0291 0x12fc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:49:57.0321 0x12fc upnphost - ok
13:49:57.0321 0x12fc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:49:57.0331 0x12fc usbaudio - ok
13:49:57.0341 0x12fc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:49:57.0361 0x12fc usbccgp - ok
13:49:57.0371 0x12fc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:49:57.0381 0x12fc usbcir - ok
13:49:57.0381 0x12fc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:49:57.0391 0x12fc usbehci - ok
13:49:57.0401 0x12fc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:49:57.0421 0x12fc usbhub - ok
13:49:57.0431 0x12fc [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:49:57.0431 0x12fc usbohci - ok
13:49:57.0441 0x12fc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:49:57.0441 0x12fc usbprint - ok
13:49:57.0451 0x12fc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:49:57.0471 0x12fc USBSTOR - ok
13:49:57.0481 0x12fc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:49:57.0481 0x12fc usbuhci - ok
13:49:57.0491 0x12fc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:49:57.0511 0x12fc usbvideo - ok
13:49:57.0511 0x12fc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:49:57.0521 0x12fc UxSms - ok
13:49:57.0521 0x12fc [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc C:\Windows\system32\lsass.exe
13:49:57.0531 0x12fc VaultSvc - ok
13:49:57.0531 0x12fc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:49:57.0541 0x12fc vdrvroot - ok
13:49:57.0561 0x12fc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:49:57.0581 0x12fc vds - ok
13:49:57.0581 0x12fc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:49:57.0591 0x12fc vga - ok
13:49:57.0601 0x12fc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:49:57.0601 0x12fc VgaSave - ok
13:49:57.0611 0x12fc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:49:57.0631 0x12fc vhdmp - ok
13:49:57.0631 0x12fc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:49:57.0641 0x12fc viaide - ok
13:49:57.0641 0x12fc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:49:57.0651 0x12fc volmgr - ok
13:49:57.0661 0x12fc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:49:57.0671 0x12fc volmgrx - ok
13:49:57.0691 0x12fc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:49:57.0701 0x12fc volsnap - ok
13:49:57.0711 0x12fc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:49:57.0721 0x12fc vsmraid - ok
13:49:57.0771 0x12fc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:49:57.0822 0x12fc VSS - ok
13:49:57.0831 0x12fc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:49:57.0839 0x12fc vwifibus - ok
13:49:57.0845 0x12fc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:49:57.0855 0x12fc vwififlt - ok
13:49:57.0863 0x12fc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:49:57.0883 0x12fc W32Time - ok
13:49:57.0893 0x12fc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:49:57.0903 0x12fc WacomPen - ok
13:49:57.0903 0x12fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:49:57.0913 0x12fc WANARP - ok
13:49:57.0923 0x12fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:49:57.0923 0x12fc Wanarpv6 - ok
13:49:57.0963 0x12fc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:49:58.0003 0x12fc wbengine - ok
13:49:58.0013 0x12fc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:49:58.0033 0x12fc WbioSrvc - ok
13:49:58.0053 0x12fc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:49:58.0073 0x12fc wcncsvc - ok
13:49:58.0073 0x12fc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:49:58.0093 0x12fc WcsPlugInService - ok
13:49:58.0093 0x12fc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
13:49:58.0103 0x12fc Wd - ok
13:49:58.0131 0x12fc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:49:58.0155 0x12fc Wdf01000 - ok
13:49:58.0165 0x12fc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:49:58.0175 0x12fc WdiServiceHost - ok
13:49:58.0185 0x12fc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:49:58.0185 0x12fc WdiSystemHost - ok
13:49:58.0195 0x12fc [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
13:49:58.0222 0x12fc WebClient - ok
13:49:58.0233 0x12fc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:49:58.0256 0x12fc Wecsvc - ok
13:49:58.0263 0x12fc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:49:58.0277 0x12fc wercplsupport - ok
13:49:58.0283 0x12fc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:49:58.0298 0x12fc WerSvc - ok
13:49:58.0304 0x12fc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:49:58.0310 0x12fc WfpLwf - ok
13:49:58.0314 0x12fc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:49:58.0321 0x12fc WIMMount - ok
13:49:58.0325 0x12fc WinDefend - ok
13:49:58.0327 0x12fc WinHttpAutoProxySvc - ok
13:49:58.0347 0x12fc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:49:58.0357 0x12fc Winmgmt - ok
13:49:58.0417 0x12fc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
13:49:58.0479 0x12fc WinRM - ok
13:49:58.0489 0x12fc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:49:58.0510 0x1374 Object send P2P result: true
13:49:58.0510 0x1374 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
13:49:58.0526 0x12fc WinUsb - ok
13:49:58.0553 0x12fc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:49:58.0597 0x12fc Wlansvc - ok
13:49:58.0651 0x12fc [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:49:58.0750 0x12fc wlidsvc - ok
13:49:58.0776 0x12fc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:49:58.0784 0x12fc WmiAcpi - ok
13:49:58.0815 0x12fc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:49:58.0865 0x12fc wmiApSrv - ok
13:49:58.0875 0x12fc WMPNetworkSvc - ok
13:49:58.0905 0x12fc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:49:58.0935 0x12fc WPCSvc - ok
13:49:58.0965 0x12fc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:49:59.0005 0x12fc WPDBusEnum - ok
13:49:59.0025 0x12fc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:49:59.0045 0x12fc ws2ifsl - ok
13:49:59.0055 0x12fc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:49:59.0065 0x12fc wscsvc - ok
13:49:59.0075 0x12fc WSearch - ok
13:49:59.0138 0x12fc [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll
13:49:59.0198 0x12fc wuauserv - ok
13:49:59.0209 0x12fc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:49:59.0219 0x12fc WudfPf - ok
13:49:59.0228 0x12fc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:49:59.0241 0x12fc WUDFRd - ok
13:49:59.0248 0x12fc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:49:59.0259 0x12fc wudfsvc - ok
13:49:59.0269 0x12fc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:49:59.0289 0x12fc WwanSvc - ok
13:49:59.0289 0x12fc [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:49:59.0309 0x12fc xusb21 - ok
13:49:59.0309 0x12fc ================ Scan global ===============================
13:49:59.0319 0x12fc [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
13:49:59.0339 0x12fc [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:49:59.0379 0x12fc [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:49:59.0389 0x12fc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:49:59.0409 0x12fc [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:49:59.0438 0x12fc [ Global ] - ok
13:49:59.0438 0x12fc ================ Scan MBR ==================================
13:49:59.0441 0x12fc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:49:59.0501 0x12fc \Device\Harddisk0\DR0 - ok
13:49:59.0501 0x12fc ================ Scan VBR ==================================
13:49:59.0511 0x12fc [ C0EC9A950FE4861ECAA06A82E97868A7 ] \Device\Harddisk0\DR0\Partition1
13:49:59.0511 0x12fc \Device\Harddisk0\DR0\Partition1 - ok
13:49:59.0511 0x12fc [ 8D56DAEC90BB7EF0FE642186CD6A4C45 ] \Device\Harddisk0\DR0\Partition2
13:49:59.0511 0x12fc \Device\Harddisk0\DR0\Partition2 - ok
13:49:59.0511 0x12fc ================ Scan generic autorun ======================
13:49:59.0511 0x12fc SynTPEnh - ok
13:49:59.0551 0x12fc [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
13:49:59.0581 0x12fc MSC - ok
13:49:59.0779 0x12fc [ 0C971FB9C511505E16D5E8A1340FD37E, 46B14D1EE5C9CBCAEFC8B952DCFFEC0F994D8897DDA8F0A53696615EC1149F88 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
13:49:59.0956 0x12fc Energy Management - ok
13:50:00.0128 0x12fc [ A0C651367C263C89212B3684977D8FBC, 2269C27E2A5509093733471D794E094EFCEBD8BFA7B0C0615B4C97AB9A0C9DD1 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
13:50:00.0261 0x12fc EnergyUtility - ok
13:50:00.0287 0x12fc [ 1A2B569E0D2598CB043DB830DD1468EE, D22C9E3FAAD8EAA11693A30C50FD38C4F264152C3AE29FF9FF00A32BDB051ACC ] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe
13:50:00.0291 0x12fc picon - ok
13:50:00.0331 0x12fc [ D83DCBE9F5C247438087D82B774A685E, 5542CACEA72E61D95CA629199F166CDF3214B9FEF700C83B1A8C615571BB0524 ] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe
13:50:00.0367 0x12fc FingerPrintSoftware - ok
13:50:00.0377 0x12fc [ B401E52C6E9FDEF1ACF89E43D806F9FA, 69EF697697562A6B280652B538FF3D34AE3AD17A51EB30712F824F238A9F34D5 ] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe
13:50:00.0464 0x12fc FingerPrintSoftwareSplashScreen - ok
13:50:00.0472 0x12fc [ 820D1184C0B9C426B71567DF3641DEE3, ABC8F4E1018ACD89F0473634DC38A25D864E577EB0F345E777E015AF02F70F89 ] C:\Windows\system32\igfxtray.exe
13:50:00.0478 0x12fc IgfxTray - ok
13:50:00.0494 0x12fc [ 09ED9D98114525A7F6913CDC4B14F5E9, AB0850698A3E3F53B96F3AA81E4981CEE336DC01FC5BB5AB0538F342CCFCE0FA ] C:\Windows\system32\hkcmd.exe
13:50:00.0504 0x12fc HotKeysCmds - ok
13:50:00.0513 0x12fc [ 764998FAC5233DA8E2A896799DB1A991, 2B1CA708A253A3F65BDC3B21924058C8A19EDF7255A6975BABF9B26B71FE5330 ] C:\Windows\system32\igfxpers.exe
13:50:00.0523 0x12fc Persistence - ok
13:50:00.0553 0x12fc [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
13:50:00.0573 0x12fc XboxStat - ok
13:50:00.0606 0x12fc [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:50:00.0630 0x12fc Adobe ARM - ok
13:50:00.0644 0x12fc [ 94B2521BBE8ED7ACED6EB4D697859C2C, 09DD4E8286A6E4A0CB5461C4E33994610879AE767548CFE17379AE83D0DF1F7A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:50:00.0725 0x12fc StartCCC - ok
13:50:00.0787 0x12fc [ 0B867A6BAB305C186AD57B6CEA53D981, 226DD3DEA47BA402CBADDC5AD6EE65254599582C9A0BDD1D502D109740B6690B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:50:01.0009 0x12fc Avira SystrayStartTrigger - ok
13:50:01.0029 0x12fc [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
13:50:01.0049 0x12fc avgnt - ok
13:50:01.0079 0x12fc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:50:01.0079 0x1374 Object send P2P result: true
13:50:01.0079 0x1374 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
13:50:01.0146 0x12fc Sidebar - ok
13:50:01.0153 0x12fc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:50:01.0165 0x12fc mctadmin - ok
13:50:01.0194 0x12fc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:50:01.0214 0x12fc Sidebar - ok
13:50:01.0226 0x12fc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:50:01.0229 0x12fc mctadmin - ok
13:50:01.0302 0x12fc [ FF74D2A2E3A3615A765B5181DB18551D, C38F06705B4E3264ABA10317BF3DE6D022E9B9D5B3016B08121512E84880963C ] C:\00 Patrick\Steam\steam.exe
13:50:01.0366 0x12fc Steam - ok
13:50:01.0376 0x12fc Skype - ok
13:50:01.0378 0x12fc Waiting for KSN requests completion. In queue: 304
13:50:02.0385 0x12fc Waiting for KSN requests completion. In queue: 304
13:50:03.0385 0x12fc Waiting for KSN requests completion. In queue: 304
13:50:03.0605 0x1374 Object send P2P result: true
13:50:04.0165 0x03d0 Object required for P2P: [ FF74D2A2E3A3615A765B5181DB18551D ] C:\00 Patrick\Steam\steam.exe
13:50:04.0387 0x12fc Waiting for KSN requests completion. In queue: 1
13:50:05.0389 0x12fc Waiting for KSN requests completion. In queue: 1
13:50:06.0389 0x12fc Waiting for KSN requests completion. In queue: 1
13:50:06.0699 0x03d0 Object send P2P result: true
13:50:07.0499 0x12fc AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
13:50:07.0499 0x12fc AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
13:50:07.0509 0x12fc Win FW state via NFP2: enabled ( trusted )
13:50:10.0049 0x12fc ============================================================
13:50:10.0049 0x12fc Scan finished
13:50:10.0049 0x12fc ============================================================
13:50:10.0069 0x02f0 Detected object count: 0
13:50:10.0069 0x02f0 Actual detected object count: 0
13:51:22.0681 0x1200 ============================================================
13:51:22.0681 0x1200 Scan started
13:51:22.0681 0x1200 Mode: Manual; SigCheck; TDLFS;
13:51:22.0681 0x1200 ============================================================
13:51:22.0681 0x1200 KSN ping started
13:51:28.0045 0x1200 KSN ping finished: true
13:51:28.0500 0x1200 ================ Scan system memory ========================
13:51:28.0500 0x1200 System memory - ok
13:51:28.0500 0x1200 ================ Scan services =============================
|
|
10.02.2016, 14:02
| #4 |
| | Laptop hat ständig hohe Auslastung und friert einCode:
ATTFilter 13:51:28.0500 0x1200 ================ Scan services =============================
13:51:28.0547 0x1200 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:51:28.0629 0x1200 1394ohci - ok
13:51:28.0642 0x1200 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:51:28.0668 0x1200 ACPI - ok
13:51:28.0673 0x1200 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:51:28.0709 0x1200 AcpiPmi - ok
13:51:28.0716 0x1200 [ 92E9D1DEBDC9C6C367064EA403C68874, 8666A595BA2FBB4EAC66DE662B15143993A82033BF02C4DA0B8B3D7004286CDB ] ADMonitor C:\Windows\system32\ADMonitor.exe
13:51:28.0776 0x1200 ADMonitor - detected UnsignedFile.Multi.Generic ( 1 )
13:51:28.0776 0x1200 Detect skipped due to KSN trusted
13:51:28.0776 0x1200 ADMonitor - ok
13:51:28.0783 0x1200 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:51:28.0798 0x1200 AdobeARMservice - ok
13:51:28.0828 0x1200 [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:51:28.0930 0x1200 AdobeFlashPlayerUpdateSvc - ok
13:51:28.0930 0x1200 Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
13:51:31.0441 0x1200 Object send P2P result: true
13:51:31.0461 0x1200 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:51:31.0491 0x1200 adp94xx - ok
13:51:31.0501 0x1200 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:51:31.0531 0x1200 adpahci - ok
13:51:31.0541 0x1200 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:51:31.0551 0x1200 adpu320 - ok
13:51:31.0568 0x1200 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:51:31.0583 0x1200 AeLookupSvc - ok
13:51:31.0603 0x1200 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
13:51:31.0643 0x1200 AFD - ok
13:51:31.0653 0x1200 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:51:31.0673 0x1200 agp440 - ok
13:51:31.0673 0x1200 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:51:31.0703 0x1200 ALG - ok
13:51:31.0703 0x1200 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:51:31.0723 0x1200 aliide - ok
13:51:31.0733 0x1200 [ F23C8B2011900E7D0F1940CA75975B90, D9E9907D8C71BE92D36FF1287F81D3C87CA3F2AC07229D2B53284473ED0B688A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:51:31.0775 0x1200 AMD External Events Utility - ok
13:51:31.0775 0x1200 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:51:31.0795 0x1200 amdide - ok
13:51:31.0795 0x1200 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:51:31.0815 0x1200 AmdK8 - ok
13:51:31.0998 0x1200 [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:51:32.0239 0x1200 amdkmdag - ok
13:51:32.0267 0x1200 [ 7FDAAE73445C2C9F8360AB45E22C03BE, 012825F5EC538CCB8A194BA8914D1DBCB283D5125C04B2B065909717CDCCA5BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:51:32.0291 0x1200 amdkmdap - ok
13:51:32.0296 0x1200 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:51:32.0313 0x1200 AmdPPM - ok
13:51:32.0319 0x1200 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:51:32.0329 0x1200 amdsata - ok
13:51:32.0339 0x1200 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:51:32.0359 0x1200 amdsbs - ok
13:51:32.0359 0x1200 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:51:32.0379 0x1200 amdxata - ok
13:51:32.0409 0x1200 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
13:51:32.0541 0x1200 AntiVirMailService - ok
13:51:32.0541 0x1200 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
13:51:38.0065 0x1200 Object send P2P result: true
13:51:38.0085 0x1200 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
13:51:38.0105 0x1200 AntiVirSchedulerService - ok
13:51:38.0105 0x1200 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
13:51:40.0615 0x1200 Object send P2P result: true
13:51:40.0635 0x1200 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
13:51:40.0655 0x1200 AntiVirService - ok
13:51:40.0655 0x1200 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
13:51:43.0139 0x1200 Object send P2P result: true
13:51:43.0179 0x1200 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
13:51:43.0311 0x1200 AntiVirWebService - ok
13:51:43.0311 0x1200 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
13:51:49.0187 0x1200 Object send P2P result: true
13:51:49.0197 0x1200 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
13:51:49.0227 0x1200 AppID - ok
13:51:49.0227 0x1200 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:51:49.0247 0x1200 AppIDSvc - ok
13:51:49.0247 0x1200 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
13:51:49.0277 0x1200 Appinfo - ok
13:51:49.0277 0x1200 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
13:51:49.0297 0x1200 arc - ok
13:51:49.0297 0x1200 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:51:49.0317 0x1200 arcsas - ok
13:51:49.0339 0x1200 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:51:49.0357 0x1200 aspnet_state - ok
13:51:49.0362 0x1200 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:51:49.0430 0x1200 AsyncMac - ok
13:51:49.0435 0x1200 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:51:49.0450 0x1200 atapi - ok
13:51:49.0632 0x1200 [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:51:49.0826 0x1200 atikmdag - ok
13:51:49.0908 0x1200 [ 7FE1E7697D611E3638E237543D51B56A, 0F43CFF95EF4DC54E4E5BD78A9A8A06507490C28C465E51ED764F6C746122469 ] ATService C:\Windows\system32\ATService.exe
13:51:49.0988 0x1200 ATService - ok
13:51:50.0017 0x1200 [ 599FDE158B87EB33538FB0CEA1A5813F, F1470CD94A778CCCFC3FC89AA3D0F9FF62BD151A8E94C1EE1102ECE76729B008 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
13:51:50.0098 0x1200 ATSwpWDF - ok
13:51:50.0119 0x1200 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:51:50.0165 0x1200 AudioEndpointBuilder - ok
13:51:50.0185 0x1200 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:51:50.0217 0x1200 AudioSrv - ok
13:51:50.0219 0x1200 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:51:50.0272 0x1200 avgntflt - ok
13:51:50.0280 0x1200 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:51:50.0327 0x1200 avipbb - ok
13:51:50.0338 0x1200 [ DFF7C7E8DB2A8F520BF0550AAD17FF99, 350E4E41E3932B155C93A061B7209645969FD6EE597CF5BBF4BBF7AB0EBBB7FD ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:51:50.0360 0x1200 Avira.ServiceHost - ok
13:51:50.0361 0x1200 Object required for P2P: [ DFF7C7E8DB2A8F520BF0550AAD17FF99 ] Avira.ServiceHost
13:51:56.0167 0x1200 Object send P2P result: true
13:51:56.0177 0x1200 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:51:56.0187 0x1200 avkmgr - ok
13:51:56.0197 0x1200 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
13:51:56.0227 0x1200 avnetflt - ok
13:51:56.0237 0x1200 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:51:56.0267 0x1200 AxInstSV - ok
13:51:56.0287 0x1200 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:51:56.0317 0x1200 b06bdrv - ok
13:51:56.0327 0x1200 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:51:56.0347 0x1200 b57nd60a - ok
13:51:56.0357 0x1200 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:51:56.0387 0x1200 BDESVC - ok
13:51:56.0387 0x1200 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:51:56.0427 0x1200 Beep - ok
13:51:56.0447 0x1200 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:51:56.0486 0x1200 BFE - ok
13:51:56.0514 0x1200 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:51:56.0599 0x1200 BITS - ok
13:51:56.0609 0x1200 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:51:56.0619 0x1200 blbdrive - ok
13:51:56.0629 0x1200 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:51:56.0649 0x1200 bowser - ok
13:51:56.0659 0x1200 BRDriver64_1_3_3_E02B25FC - ok
13:51:56.0659 0x1200 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:51:56.0679 0x1200 BrFiltLo - ok
13:51:56.0679 0x1200 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:51:56.0699 0x1200 BrFiltUp - ok
13:51:56.0709 0x1200 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:51:56.0729 0x1200 Browser - ok
13:51:56.0739 0x1200 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:51:56.0769 0x1200 Brserid - ok
13:51:56.0779 0x1200 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:51:56.0799 0x1200 BrSerWdm - ok
13:51:56.0799 0x1200 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:51:56.0819 0x1200 BrUsbMdm - ok
13:51:56.0829 0x1200 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:51:56.0839 0x1200 BrUsbSer - ok
13:51:56.0849 0x1200 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:51:56.0869 0x1200 BthEnum - ok
13:51:56.0869 0x1200 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:51:56.0889 0x1200 BTHMODEM - ok
13:51:56.0899 0x1200 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:51:56.0919 0x1200 BthPan - ok
13:51:56.0939 0x1200 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:51:56.0970 0x1200 BTHPORT - ok
13:51:56.0977 0x1200 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:51:57.0011 0x1200 bthserv - ok
13:51:57.0011 0x1200 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:51:57.0037 0x1200 BTHUSB - ok
13:51:57.0044 0x1200 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:51:57.0073 0x1200 cdfs - ok
13:51:57.0083 0x1200 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:51:57.0115 0x1200 cdrom - ok
13:51:57.0115 0x1200 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:51:57.0155 0x1200 CertPropSvc - ok
13:51:57.0165 0x1200 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
13:51:57.0184 0x1200 circlass - ok
13:51:57.0197 0x1200 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
13:51:57.0217 0x1200 CLFS - ok
13:51:57.0227 0x1200 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:51:57.0237 0x1200 clr_optimization_v2.0.50727_32 - ok
13:51:57.0247 0x1200 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:51:57.0267 0x1200 clr_optimization_v2.0.50727_64 - ok
13:51:57.0287 0x1200 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:51:57.0307 0x1200 clr_optimization_v4.0.30319_32 - ok
13:51:57.0307 0x1200 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:51:57.0327 0x1200 clr_optimization_v4.0.30319_64 - ok
13:51:57.0340 0x1200 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:51:57.0356 0x1200 CmBatt - ok
13:51:57.0361 0x1200 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:51:57.0376 0x1200 cmdide - ok
13:51:57.0390 0x1200 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
13:51:57.0419 0x1200 CNG - ok
13:51:57.0419 0x1200 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:51:57.0442 0x1200 Compbatt - ok
13:51:57.0447 0x1200 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:51:57.0461 0x1200 CompositeBus - ok
13:51:57.0461 0x1200 COMSysApp - ok
13:51:57.0471 0x1200 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:51:57.0481 0x1200 crcdisk - ok
13:51:57.0491 0x1200 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:51:57.0532 0x1200 CryptSvc - ok
13:51:57.0538 0x1200 DAUpdaterSvc - ok
13:51:57.0545 0x1200 [ 881D881EA7B54BA294F01FD028F034BD, F79569D463C98374DEE491D0C6FD1D916E27CFB8B0529113B8229C9751DDBDD8 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:51:57.0566 0x1200 dc3d - ok
13:51:57.0583 0x1200 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:51:57.0634 0x1200 DcomLaunch - ok
13:51:57.0647 0x1200 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:51:57.0697 0x1200 defragsvc - ok
13:51:57.0705 0x1200 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:51:57.0744 0x1200 DfsC - ok
13:51:57.0757 0x1200 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:51:57.0800 0x1200 Dhcp - ok
13:51:57.0836 0x1200 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
13:51:57.0896 0x1200 DiagTrack - ok
13:51:57.0904 0x1200 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:51:57.0944 0x1200 discache - ok
13:51:57.0950 0x1200 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
13:51:57.0966 0x1200 Disk - ok
13:51:57.0976 0x1200 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:51:58.0006 0x1200 Dnscache - ok
13:51:58.0017 0x1200 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:51:58.0066 0x1200 dot3svc - ok
13:51:58.0075 0x1200 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:51:58.0113 0x1200 DPS - ok
13:51:58.0113 0x1200 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:51:58.0141 0x1200 drmkaud - ok
13:51:58.0148 0x1200 [ 369E422B4BB5641718D212F713E646D0, 72D0A3692FCE903A08ADB3F7D619D67ED063539131C39C63CAE250E0D2D4307B ] dtsvc C:\Windows\system32\DTS.exe
13:51:58.0155 0x1200 dtsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:51:58.0155 0x1200 Detect skipped due to KSN trusted
13:51:58.0155 0x1200 dtsvc - ok
13:51:58.0175 0x1200 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:51:58.0215 0x1200 DXGKrnl - ok
13:51:58.0235 0x1200 [ D608110ADB132E683360FCA0F6B2BB53, 99CD78973BB16B2CD37F5AA451876DB06E9DC1757F7B6BBA51241936C6E85EFE ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
13:51:58.0255 0x1200 e1yexpress - ok
13:51:58.0262 0x1200 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:51:58.0297 0x1200 EapHost - ok
13:51:58.0379 0x1200 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:51:58.0479 0x1200 ebdrv - ok
13:51:58.0491 0x1200 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS C:\Windows\System32\lsass.exe
13:51:58.0511 0x1200 EFS - ok
13:51:58.0531 0x1200 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:51:58.0571 0x1200 ehRecvr - ok
13:51:58.0581 0x1200 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:51:58.0591 0x1200 ehSched - ok
13:51:58.0611 0x1200 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:51:58.0641 0x1200 elxstor - ok
13:51:58.0641 0x1200 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:51:58.0664 0x1200 ErrDev - ok
13:51:58.0680 0x1200 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:51:58.0723 0x1200 EventSystem - ok
13:51:58.0733 0x1200 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:51:58.0777 0x1200 exfat - ok
13:51:58.0786 0x1200 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:51:58.0825 0x1200 fastfat - ok
13:51:58.0846 0x1200 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:51:58.0883 0x1200 Fax - ok
13:51:58.0889 0x1200 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
13:51:58.0906 0x1200 fdc - ok
13:51:58.0910 0x1200 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:51:58.0937 0x1200 fdPHost - ok
13:51:58.0947 0x1200 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:51:58.0987 0x1200 FDResPub - ok
13:51:58.0987 0x1200 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:51:59.0008 0x1200 FileInfo - ok
13:51:59.0013 0x1200 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:51:59.0049 0x1200 Filetrace - ok
13:51:59.0049 0x1200 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:51:59.0071 0x1200 flpydisk - ok
13:51:59.0084 0x1200 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:51:59.0101 0x1200 FltMgr - ok
13:51:59.0136 0x1200 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
13:51:59.0183 0x1200 FontCache - ok
13:51:59.0193 0x1200 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:51:59.0203 0x1200 FontCache3.0.0.0 - ok
13:51:59.0203 0x1200 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:51:59.0227 0x1200 FsDepends - ok
13:51:59.0232 0x1200 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:51:59.0245 0x1200 Fs_Rec - ok
13:51:59.0255 0x1200 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:51:59.0275 0x1200 fvevol - ok
13:51:59.0275 0x1200 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:51:59.0295 0x1200 gagp30kx - ok
13:51:59.0315 0x1200 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:51:59.0375 0x1200 gpsvc - ok
13:51:59.0382 0x1200 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:51:59.0405 0x1200 hcw85cir - ok
13:51:59.0417 0x1200 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:51:59.0448 0x1200 HdAudAddService - ok
13:51:59.0458 0x1200 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:51:59.0478 0x1200 HDAudBus - ok
13:51:59.0488 0x1200 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:51:59.0498 0x1200 HidBatt - ok
13:51:59.0508 0x1200 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:51:59.0528 0x1200 HidBth - ok
13:51:59.0528 0x1200 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
13:51:59.0548 0x1200 HidIr - ok
13:51:59.0558 0x1200 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:51:59.0588 0x1200 hidserv - ok
13:51:59.0598 0x1200 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:51:59.0630 0x1200 HidUsb - ok
13:51:59.0630 0x1200 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:51:59.0670 0x1200 hkmsvc - ok
13:51:59.0680 0x1200 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:51:59.0711 0x1200 HomeGroupListener - ok
13:51:59.0712 0x1200 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:51:59.0732 0x1200 HomeGroupProvider - ok
13:51:59.0742 0x1200 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:51:59.0752 0x1200 HpSAMD - ok
13:51:59.0782 0x1200 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:51:59.0822 0x1200 HTTP - ok
13:51:59.0822 0x1200 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:51:59.0842 0x1200 hwpolicy - ok
13:51:59.0842 0x1200 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:51:59.0867 0x1200 i8042prt - ok
13:51:59.0883 0x1200 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:51:59.0904 0x1200 iaStorV - ok
13:51:59.0914 0x1200 [ 99B71816BA253098E8374E641CB2F886, E65CAD462722DF165FC51EA27617445D4B6E2F59B0A1454F9DF2EFD841EF130A ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
13:51:59.0944 0x1200 IBMPMDRV - ok
13:51:59.0951 0x1200 [ 833139BADAEEA68515DD877BC800C1DF, 581B1823185391978D417C4607BF7EF2A09A0622C2FC677A5183040C76636434 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
13:51:59.0966 0x1200 IBMPMSVC - ok
13:51:59.0986 0x1200 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:52:00.0016 0x1200 idsvc - ok
13:52:00.0026 0x1200 IEEtwCollectorService - ok
13:52:00.0281 0x1200 [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:52:00.0585 0x1200 igfx - ok
13:52:00.0614 0x1200 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:52:00.0630 0x1200 iirsp - ok
13:52:00.0653 0x1200 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:52:00.0697 0x1200 IKEEXT - ok
13:52:00.0706 0x1200 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:52:00.0720 0x1200 intelide - ok
13:52:00.0961 0x1200 [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
13:52:01.0262 0x1200 intelkmd - ok
13:52:01.0292 0x1200 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:52:01.0319 0x1200 intelppm - ok
13:52:01.0327 0x1200 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:52:01.0372 0x1200 IPBusEnum - ok
13:52:01.0378 0x1200 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:52:01.0417 0x1200 IpFilterDriver - ok
13:52:01.0434 0x1200 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:52:01.0476 0x1200 iphlpsvc - ok
13:52:01.0483 0x1200 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:52:01.0506 0x1200 IPMIDRV - ok
13:52:01.0515 0x1200 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:52:01.0558 0x1200 IPNAT - ok
13:52:01.0562 0x1200 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:52:01.0587 0x1200 IRENUM - ok
13:52:01.0592 0x1200 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:52:01.0606 0x1200 isapnp - ok
13:52:01.0617 0x1200 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:52:01.0640 0x1200 iScsiPrt - ok
13:52:01.0645 0x1200 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:52:01.0662 0x1200 kbdclass - ok
13:52:01.0666 0x1200 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:52:01.0697 0x1200 kbdhid - ok
13:52:01.0702 0x1200 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso C:\Windows\system32\lsass.exe
13:52:01.0722 0x1200 KeyIso - ok
13:52:01.0728 0x1200 [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:52:01.0744 0x1200 KSecDD - ok
13:52:01.0751 0x1200 [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:52:01.0769 0x1200 KSecPkg - ok
13:52:01.0773 0x1200 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:52:01.0813 0x1200 ksthunk - ok
13:52:01.0826 0x1200 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:52:01.0874 0x1200 KtmRm - ok
13:52:01.0885 0x1200 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:52:01.0934 0x1200 LanmanServer - ok
13:52:01.0940 0x1200 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:52:01.0982 0x1200 LanmanWorkstation - ok
13:52:01.0989 0x1200 [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
13:52:02.0001 0x1200 lenovo.smi - ok
13:52:02.0008 0x1200 [ 606DA892A53FA863B67F8D3F8FF016A0, FB026285C07C8A77C1702698E40C2EA694B054C35C62E45C9A5C498BC94BAD49 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
13:52:02.0032 0x1200 LenovoRd - ok
13:52:02.0037 0x1200 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
13:52:02.0052 0x1200 LHDmgr - ok
13:52:02.0058 0x1200 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:52:02.0099 0x1200 lltdio - ok
13:52:02.0110 0x1200 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:52:02.0160 0x1200 lltdsvc - ok
13:52:02.0165 0x1200 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:52:02.0209 0x1200 lmhosts - ok
13:52:02.0216 0x1200 [ 7F697D6EB3E47FBC7757229DAEE406B4, 9F2C5ED88ACFB16FD5D2B9372A17D322BD816A57C00FB0BD0835A27A25616F94 ] LMS C:\Program Files (x86)\Intel\AMT\LMS.exe
13:52:02.0232 0x1200 LMS - ok
13:52:02.0241 0x1200 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:52:02.0257 0x1200 LSI_FC - ok
13:52:02.0264 0x1200 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:52:02.0282 0x1200 LSI_SAS - ok
13:52:02.0288 0x1200 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:52:02.0305 0x1200 LSI_SAS2 - ok
13:52:02.0311 0x1200 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:52:02.0329 0x1200 LSI_SCSI - ok
13:52:02.0336 0x1200 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:52:02.0378 0x1200 luafv - ok
13:52:02.0384 0x1200 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:52:02.0409 0x1200 Mcx2Svc - ok
13:52:02.0413 0x1200 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
13:52:02.0428 0x1200 megasas - ok
13:52:02.0439 0x1200 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:52:02.0460 0x1200 MegaSR - ok
13:52:02.0465 0x1200 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:52:02.0508 0x1200 MMCSS - ok
13:52:02.0513 0x1200 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:52:02.0553 0x1200 Modem - ok
13:52:02.0558 0x1200 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:52:02.0582 0x1200 monitor - ok
13:52:02.0587 0x1200 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:52:02.0603 0x1200 mouclass - ok
13:52:02.0608 0x1200 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:52:02.0643 0x1200 mouhid - ok
13:52:02.0649 0x1200 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:52:02.0666 0x1200 mountmgr - ok
13:52:02.0673 0x1200 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:52:02.0736 0x1200 MozillaMaintenance - ok
13:52:02.0748 0x1200 [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
13:52:02.0773 0x1200 MpFilter - ok
13:52:02.0781 0x1200 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:52:02.0800 0x1200 mpio - ok
13:52:02.0806 0x1200 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:52:02.0848 0x1200 mpsdrv - ok
13:52:02.0862 0x1200 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:52:02.0928 0x1200 MpsSvc - ok
13:52:02.0938 0x1200 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:52:02.0965 0x1200 MRxDAV - ok
13:52:02.0974 0x1200 [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:52:03.0014 0x1200 mrxsmb - ok
13:52:03.0024 0x1200 [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:52:03.0082 0x1200 mrxsmb10 - ok
13:52:03.0089 0x1200 [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:52:03.0124 0x1200 mrxsmb20 - ok
13:52:03.0128 0x1200 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:52:03.0144 0x1200 msahci - ok
13:52:03.0151 0x1200 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:52:03.0171 0x1200 msdsm - ok
13:52:03.0178 0x1200 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:52:03.0207 0x1200 MSDTC - ok
13:52:03.0215 0x1200 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:52:03.0259 0x1200 Msfs - ok
13:52:03.0263 0x1200 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:52:03.0299 0x1200 mshidkmdf - ok
13:52:03.0306 0x1200 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:52:03.0321 0x1200 msisadrv - ok
13:52:03.0329 0x1200 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:52:03.0366 0x1200 MSiSCSI - ok
13:52:03.0376 0x1200 msiserver - ok
13:52:03.0376 0x1200 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:52:03.0419 0x1200 MSKSSRV - ok
13:52:03.0424 0x1200 [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:52:03.0440 0x1200 MsMpSvc - ok
13:52:03.0444 0x1200 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:52:03.0481 0x1200 MSPCLOCK - ok
13:52:03.0485 0x1200 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:52:03.0522 0x1200 MSPQM - ok
13:52:03.0534 0x1200 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:52:03.0558 0x1200 MsRPC - ok
13:52:03.0558 0x1200 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:52:03.0578 0x1200 mssmbios - ok
13:52:03.0578 0x1200 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:52:03.0618 0x1200 MSTEE - ok
13:52:03.0618 0x1200 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:52:03.0643 0x1200 MTConfig - ok
13:52:03.0648 0x1200 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:52:03.0660 0x1200 Mup - ok
13:52:03.0670 0x1200 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:52:03.0720 0x1200 napagent - ok
13:52:03.0740 0x1200 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:52:03.0762 0x1200 NativeWifiP - ok
13:52:03.0782 0x1200 [ 6D8FCDD5BB3B676EF58FA234073492C6, 07A69DD00E45C59CBB6FABFBD62FE897655970BE2D09997CF29D20241ED9AF13 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
13:52:03.0822 0x1200 NBService - ok
13:52:03.0851 0x1200 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:52:03.0884 0x1200 NDIS - ok
13:52:03.0894 0x1200 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:52:03.0939 0x1200 NdisCap - ok
13:52:03.0943 0x1200 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:52:03.0980 0x1200 NdisTapi - ok
13:52:03.0985 0x1200 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:52:04.0021 0x1200 Ndisuio - ok
13:52:04.0029 0x1200 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:52:04.0066 0x1200 NdisWan - ok
13:52:04.0066 0x1200 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:52:04.0110 0x1200 NDProxy - ok
13:52:04.0115 0x1200 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:52:04.0152 0x1200 NetBIOS - ok
13:52:04.0161 0x1200 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:52:04.0198 0x1200 NetBT - ok
13:52:04.0198 0x1200 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon C:\Windows\system32\lsass.exe
13:52:04.0222 0x1200 Netlogon - ok
13:52:04.0234 0x1200 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:52:04.0270 0x1200 Netman - ok
13:52:04.0280 0x1200 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0306 0x1200 NetMsmqActivator - ok
13:52:04.0313 0x1200 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0331 0x1200 NetPipeActivator - ok
13:52:04.0346 0x1200 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:52:04.0392 0x1200 netprofm - ok
13:52:04.0392 0x1200 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0419 0x1200 NetTcpActivator - ok
13:52:04.0426 0x1200 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0444 0x1200 NetTcpPortSharing - ok
13:52:04.0602 0x1200 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
13:52:04.0808 0x1200 NETw5s64 - ok
13:52:04.0950 0x1200 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
13:52:05.0134 0x1200 netw5v64 - ok
13:52:05.0144 0x1200 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:52:05.0164 0x1200 nfrd960 - ok
13:52:05.0174 0x1200 [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:52:05.0193 0x1200 NisDrv - ok
13:52:05.0205 0x1200 [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
13:52:05.0226 0x1200 NisSrv - ok
13:52:05.0236 0x1200 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:52:05.0274 0x1200 NlaSvc - ok
13:52:05.0287 0x1200 [ E584D6668E6A3923FF32E026A5ED2A03, 5DB5BE3410989AD92B2B4F48C363659D93E808A81411CE0DFA28098D2EA19DE3 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
13:52:05.0298 0x1200 NMIndexingService - ok
13:52:05.0308 0x1200 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:52:05.0348 0x1200 Npfs - ok
13:52:05.0348 0x1200 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:52:05.0390 0x1200 nsi - ok
13:52:05.0395 0x1200 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:52:05.0432 0x1200 nsiproxy - ok
13:52:05.0470 0x1200 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:52:05.0532 0x1200 Ntfs - ok
13:52:05.0539 0x1200 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:52:05.0578 0x1200 Null - ok
13:52:05.0586 0x1200 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:52:05.0603 0x1200 nvraid - ok
13:52:05.0612 0x1200 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:52:05.0629 0x1200 nvstor - ok
13:52:05.0636 0x1200 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:52:05.0653 0x1200 nv_agp - ok
13:52:05.0659 0x1200 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:52:05.0676 0x1200 ohci1394 - ok
13:52:05.0682 0x1200 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:52:05.0712 0x1200 p2pimsvc - ok
13:52:05.0732 0x1200 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:52:05.0752 0x1200 p2psvc - ok
13:52:05.0762 0x1200 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
13:52:05.0782 0x1200 Parport - ok
13:52:05.0792 0x1200 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:52:05.0802 0x1200 partmgr - ok
13:52:05.0812 0x1200 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:52:05.0842 0x1200 PcaSvc - ok
13:52:05.0852 0x1200 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:52:05.0862 0x1200 pci - ok
13:52:05.0876 0x1200 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:52:05.0890 0x1200 pciide - ok
13:52:05.0899 0x1200 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:52:05.0920 0x1200 pcmcia - ok
13:52:05.0925 0x1200 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:52:05.0941 0x1200 pcw - ok
13:52:05.0961 0x1200 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:52:05.0999 0x1200 PEAUTH - ok
13:52:06.0027 0x1200 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:52:06.0054 0x1200 PerfHost - ok
13:52:06.0094 0x1200 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:52:06.0166 0x1200 pla - ok
13:52:06.0189 0x1200 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:52:06.0218 0x1200 PlugPlay - ok
13:52:06.0218 0x1200 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:52:06.0238 0x1200 PNRPAutoReg - ok
13:52:06.0248 0x1200 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:52:06.0268 0x1200 PNRPsvc - ok
13:52:06.0288 0x1200 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:52:06.0338 0x1200 PolicyAgent - ok
13:52:06.0348 0x1200 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:52:06.0394 0x1200 Power - ok
13:52:06.0402 0x1200 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:52:06.0430 0x1200 PptpMiniport - ok
13:52:06.0440 0x1200 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
13:52:06.0460 0x1200 Processor - ok
13:52:06.0470 0x1200 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
13:52:06.0492 0x1200 ProfSvc - ok
13:52:06.0492 0x1200 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:52:06.0512 0x1200 ProtectedStorage - ok
13:52:06.0512 0x1200 [ C2C5F5D150605FD14FA2ABDE88DB2020, 1AE35D1FB3C48EC725013F840F7FEC09D2511D9FAE0D6902CF5BF52447A18857 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
13:52:06.0532 0x1200 psadd - ok
13:52:06.0532 0x1200 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:52:06.0572 0x1200 Psched - ok
13:52:06.0615 0x1200 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:52:06.0664 0x1200 ql2300 - ok
13:52:06.0681 0x1200 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:52:06.0696 0x1200 ql40xx - ok
13:52:06.0706 0x1200 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:52:06.0726 0x1200 QWAVE - ok
13:52:06.0736 0x1200 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:52:06.0756 0x1200 QWAVEdrv - ok
13:52:06.0756 0x1200 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:52:06.0796 0x1200 RasAcd - ok
13:52:06.0806 0x1200 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:52:06.0847 0x1200 RasAgileVpn - ok
13:52:06.0853 0x1200 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:52:06.0888 0x1200 RasAuto - ok
13:52:06.0898 0x1200 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:52:06.0936 0x1200 Rasl2tp - ok
13:52:06.0948 0x1200 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:52:06.0990 0x1200 RasMan - ok
13:52:06.0990 0x1200 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:52:07.0036 0x1200 RasPppoe - ok
13:52:07.0042 0x1200 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:52:07.0072 0x1200 RasSstp - ok
13:52:07.0082 0x1200 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:52:07.0124 0x1200 rdbss - ok
13:52:07.0134 0x1200 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:52:07.0154 0x1200 rdpbus - ok
13:52:07.0154 0x1200 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:52:07.0194 0x1200 RDPCDD - ok
13:52:07.0194 0x1200 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:52:07.0237 0x1200 RDPENCDD - ok
13:52:07.0242 0x1200 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:52:07.0276 0x1200 RDPREFMP - ok
13:52:07.0286 0x1200 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:52:07.0308 0x1200 RdpVideoMiniport - ok
13:52:07.0318 0x1200 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:52:07.0338 0x1200 RDPWD - ok
13:52:07.0348 0x1200 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:52:07.0368 0x1200 rdyboost - ok
13:52:07.0368 0x1200 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:52:07.0416 0x1200 RemoteAccess - ok
13:52:07.0424 0x1200 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:52:07.0466 0x1200 RemoteRegistry - ok
13:52:07.0474 0x1200 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:52:07.0496 0x1200 RFCOMM - ok
13:52:07.0503 0x1200 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:52:07.0540 0x1200 RpcEptMapper - ok
13:52:07.0544 0x1200 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:52:07.0562 0x1200 RpcLocator - ok
13:52:07.0570 0x1200 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:52:07.0620 0x1200 RpcSs - ok
13:52:07.0630 0x1200 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:52:07.0668 0x1200 rspndr - ok
13:52:07.0673 0x1200 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs C:\Windows\system32\lsass.exe
13:52:07.0690 0x1200 SamSs - ok
13:52:07.0696 0x1200 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:52:07.0712 0x1200 sbp2port - ok
13:52:07.0722 0x1200 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:52:07.0762 0x1200 SCardSvr - ok
13:52:07.0767 0x1200 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:52:07.0802 0x1200 scfilter - ok
13:52:07.0830 0x1200 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
13:52:07.0874 0x1200 Schedule - ok
13:52:07.0888 0x1200 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:52:07.0929 0x1200 SCPolicySvc - ok
13:52:07.0938 0x1200 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:52:07.0972 0x1200 SDRSVC - ok
13:52:07.0978 0x1200 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:52:08.0003 0x1200 secdrv - ok
13:52:08.0006 0x1200 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:52:08.0046 0x1200 seclogon - ok
13:52:08.0051 0x1200 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:52:08.0088 0x1200 SENS - ok
13:52:08.0088 0x1200 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:52:08.0121 0x1200 SensrSvc - ok
13:52:08.0126 0x1200 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:52:08.0146 0x1200 Serenum - ok
13:52:08.0152 0x1200 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:52:08.0176 0x1200 Serial - ok
13:52:08.0181 0x1200 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:52:08.0203 0x1200 sermouse - ok
13:52:08.0210 0x1200 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:52:08.0250 0x1200 SessionEnv - ok
13:52:08.0250 0x1200 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:52:08.0275 0x1200 sffdisk - ok
13:52:08.0279 0x1200 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:52:08.0292 0x1200 sffp_mmc - ok
13:52:08.0302 0x1200 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:52:08.0322 0x1200 sffp_sd - ok
13:52:08.0322 0x1200 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:52:08.0342 0x1200 sfloppy - ok
13:52:08.0359 0x1200 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:52:08.0394 0x1200 SharedAccess - ok
13:52:08.0414 0x1200 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:52:08.0461 0x1200 ShellHWDetection - ok
13:52:08.0467 0x1200 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:52:08.0482 0x1200 SiSRaid2 - ok
13:52:08.0488 0x1200 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:52:08.0503 0x1200 SiSRaid4 - ok
13:52:08.0514 0x1200 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:52:08.0536 0x1200 SkypeUpdate - ok
13:52:08.0536 0x1200 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:52:08.0576 0x1200 Smb - ok
13:52:08.0586 0x1200 [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
13:52:08.0619 0x1200 SmbDrvI - ok
13:52:08.0627 0x1200 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:52:08.0645 0x1200 SNMPTRAP - ok
13:52:08.0648 0x1200 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:52:08.0658 0x1200 spldr - ok
13:52:08.0678 0x1200 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:52:08.0708 0x1200 Spooler - ok
13:52:08.0798 0x1200 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:52:08.0932 0x1200 sppsvc - ok
13:52:08.0946 0x1200 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:52:08.0984 0x1200 sppuinotify - ok
13:52:08.0999 0x1200 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:52:09.0022 0x1200 srv - ok
13:52:09.0042 0x1200 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:52:09.0072 0x1200 srv2 - ok
13:52:09.0082 0x1200 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:52:09.0102 0x1200 SrvHsfHDA - ok
13:52:09.0142 0x1200 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:52:09.0200 0x1200 SrvHsfV92 - ok
13:52:09.0223 0x1200 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:52:09.0257 0x1200 SrvHsfWinac - ok
13:52:09.0264 0x1200 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:52:09.0284 0x1200 srvnet - ok
13:52:09.0294 0x1200 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:52:09.0334 0x1200 SSDPSRV - ok
13:52:09.0344 0x1200 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:52:09.0382 0x1200 SstpSvc - ok
13:52:09.0403 0x1200 [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:52:09.0434 0x1200 Steam Client Service - ok
13:52:09.0441 0x1200 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:52:09.0456 0x1200 stexstor - ok
13:52:09.0474 0x1200 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:52:09.0509 0x1200 stisvc - ok
13:52:09.0514 0x1200 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:52:09.0528 0x1200 swenum - ok
13:52:09.0544 0x1200 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:52:09.0593 0x1200 swprv - ok
13:52:09.0606 0x1200 [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:52:09.0646 0x1200 SynTP - ok
13:52:09.0696 0x1200 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
13:52:09.0762 0x1200 SysMain - ok
13:52:09.0768 0x1200 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:52:09.0788 0x1200 TabletInputService - ok
13:52:09.0798 0x1200 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:52:09.0848 0x1200 TapiSrv - ok
13:52:09.0848 0x1200 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:52:09.0894 0x1200 TBS - ok
13:52:09.0940 0x1200 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:52:10.0001 0x1200 Tcpip - ok
13:52:10.0052 0x1200 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:52:10.0107 0x1200 TCPIP6 - ok
13:52:10.0118 0x1200 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:52:10.0135 0x1200 tcpipreg - ok
13:52:10.0141 0x1200 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:52:10.0162 0x1200 TDPIPE - ok
13:52:10.0164 0x1200 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:52:10.0184 0x1200 TDTCP - ok
13:52:10.0184 0x1200 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:52:10.0214 0x1200 tdx - ok
13:52:10.0224 0x1200 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:52:10.0234 0x1200 TermDD - ok
13:52:10.0254 0x1200 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
13:52:10.0294 0x1200 TermService - ok
13:52:10.0304 0x1200 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:52:10.0354 0x1200 Themes - ok
13:52:10.0364 0x1200 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:52:10.0394 0x1200 THREADORDER - ok
13:52:10.0404 0x1200 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
13:52:10.0422 0x1200 TPM - ok
13:52:10.0429 0x1200 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:52:10.0466 0x1200 TrkWks - ok
13:52:10.0476 0x1200 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:52:10.0515 0x1200 TrustedInstaller - ok
13:52:10.0522 0x1200 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:52:10.0538 0x1200 tssecsrv - ok
13:52:10.0548 0x1200 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:52:10.0568 0x1200 TsUsbFlt - ok
13:52:10.0568 0x1200 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:52:10.0588 0x1200 TsUsbGD - ok
13:52:10.0598 0x1200 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:52:10.0628 0x1200 tunnel - ok
13:52:10.0638 0x1200 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:52:10.0659 0x1200 uagp35 - ok
13:52:10.0670 0x1200 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:52:10.0710 0x1200 udfs - ok
13:52:10.0720 0x1200 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:52:10.0743 0x1200 UI0Detect - ok
13:52:10.0748 0x1200 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:52:10.0762 0x1200 uliagpkx - ok
13:52:10.0762 0x1200 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:52:10.0782 0x1200 umbus - ok
13:52:10.0782 0x1200 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
13:52:10.0802 0x1200 UmPass - ok
13:52:10.0855 0x1200 [ 86DEAC5CED845D55C63B125E0908685E, E9AC1AFFEEB657F16E3F2115C53B919FD43C917B1EDE97AFA0E18C02A8ACB2DD ] UNS C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
13:52:10.0917 0x1200 UNS - ok
13:52:10.0936 0x1200 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:52:10.0976 0x1200 upnphost - ok
13:52:10.0986 0x1200 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:52:11.0011 0x1200 usbaudio - ok
13:52:11.0017 0x1200 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:52:11.0048 0x1200 usbccgp - ok
13:52:11.0048 0x1200 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:52:11.0068 0x1200 usbcir - ok
13:52:11.0078 0x1200 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:52:11.0098 0x1200 usbehci - ok
13:52:11.0114 0x1200 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:52:11.0130 0x1200 usbhub - ok
13:52:11.0140 0x1200 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:52:11.0150 0x1200 usbohci - ok
13:52:11.0160 0x1200 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:52:11.0180 0x1200 usbprint - ok
13:52:11.0180 0x1200 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:52:11.0221 0x1200 USBSTOR - ok
13:52:11.0226 0x1200 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:52:11.0242 0x1200 usbuhci - ok
13:52:11.0242 0x1200 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:52:11.0262 0x1200 usbvideo - ok
13:52:11.0272 0x1200 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:52:11.0313 0x1200 UxSms - ok
13:52:11.0319 0x1200 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc C:\Windows\system32\lsass.exe
13:52:11.0334 0x1200 VaultSvc - ok
13:52:11.0339 0x1200 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:52:11.0344 0x1200 vdrvroot - ok
13:52:11.0364 0x1200 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:52:11.0414 0x1200 vds - ok
13:52:11.0424 0x1200 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:52:11.0443 0x1200 vga - ok
13:52:11.0447 0x1200 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:52:11.0476 0x1200 VgaSave - ok
13:52:11.0486 0x1200 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:52:11.0513 0x1200 vhdmp - ok
13:52:11.0518 0x1200 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:52:11.0533 0x1200 viaide - ok
13:52:11.0539 0x1200 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:52:11.0556 0x1200 volmgr - ok
13:52:11.0569 0x1200 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:52:11.0591 0x1200 volmgrx - ok
13:52:11.0603 0x1200 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:52:11.0623 0x1200 volsnap - ok
13:52:11.0632 0x1200 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:52:11.0649 0x1200 vsmraid - ok
13:52:11.0691 0x1200 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:52:11.0767 0x1200 VSS - ok
13:52:11.0776 0x1200 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:52:11.0795 0x1200 vwifibus - ok
13:52:11.0800 0x1200 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:52:11.0820 0x1200 vwififlt - ok
13:52:11.0830 0x1200 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:52:11.0880 0x1200 W32Time - ok
13:52:11.0880 0x1200 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:52:11.0906 0x1200 WacomPen - ok
13:52:11.0912 0x1200 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:52:11.0942 0x1200 WANARP - ok
13:52:11.0952 0x1200 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:52:11.0989 0x1200 Wanarpv6 - ok
13:52:12.0024 0x1200 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:52:12.0086 0x1200 wbengine - ok
13:52:12.0098 0x1200 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:52:12.0116 0x1200 WbioSrvc - ok
13:52:12.0136 0x1200 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:52:12.0166 0x1200 wcncsvc - ok
13:52:12.0166 0x1200 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:52:12.0186 0x1200 WcsPlugInService - ok
13:52:12.0196 0x1200 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
13:52:12.0206 0x1200 Wd - ok
13:52:12.0226 0x1200 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:52:12.0266 0x1200 Wdf01000 - ok
13:52:12.0276 0x1200 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:52:12.0301 0x1200 WdiServiceHost - ok
13:52:12.0307 0x1200 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:52:12.0324 0x1200 WdiSystemHost - ok
13:52:12.0328 0x1200 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
13:52:12.0358 0x1200 WebClient - ok
13:52:12.0368 0x1200 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:52:12.0408 0x1200 Wecsvc - ok
13:52:12.0418 0x1200 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:52:12.0458 0x1200 wercplsupport - ok
13:52:12.0464 0x1200 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:52:12.0506 0x1200 WerSvc - ok
13:52:12.0511 0x1200 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:52:12.0540 0x1200 WfpLwf - ok
13:52:12.0550 0x1200 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:52:12.0566 0x1200 WIMMount - ok
13:52:12.0569 0x1200 WinDefend - ok
13:52:12.0576 0x1200 WinHttpAutoProxySvc - ok
13:52:12.0591 0x1200 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:52:12.0632 0x1200 Winmgmt - ok
13:52:12.0682 0x1200 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
13:52:12.0759 0x1200 WinRM - ok
13:52:12.0772 0x1200 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:52:12.0801 0x1200 WinUsb - ok
13:52:12.0826 0x1200 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:52:12.0868 0x1200 Wlansvc - ok
13:52:12.0924 0x1200 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:52:13.0002 0x1200 wlidsvc - ok
13:52:13.0013 0x1200 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:52:13.0032 0x1200 WmiAcpi - ok
13:52:13.0043 0x1200 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:52:13.0056 0x1200 wmiApSrv - ok
13:52:13.0066 0x1200 WMPNetworkSvc - ok
13:52:13.0076 0x1200 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:52:13.0103 0x1200 WPCSvc - ok
13:52:13.0110 0x1200 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:52:13.0144 0x1200 WPDBusEnum - ok
13:52:13.0149 0x1200 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:52:13.0188 0x1200 ws2ifsl - ok
13:52:13.0195 0x1200 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:52:13.0221 0x1200 wscsvc - ok
13:52:13.0224 0x1200 WSearch - ok
13:52:13.0290 0x1200 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll
13:52:13.0387 0x1200 wuauserv - ok
13:52:13.0399 0x1200 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:52:13.0423 0x1200 WudfPf - ok
13:52:13.0433 0x1200 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:52:13.0459 0x1200 WUDFRd - ok
13:52:13.0466 0x1200 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:52:13.0492 0x1200 wudfsvc - ok
13:52:13.0502 0x1200 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:52:13.0535 0x1200 WwanSvc - ok
13:52:13.0543 0x1200 [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:52:13.0557 0x1200 xusb21 - ok
13:52:13.0563 0x1200 ================ Scan global ===============================
13:52:13.0568 0x1200 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
13:52:13.0578 0x1200 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:52:13.0592 0x1200 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:52:13.0602 0x1200 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:52:13.0615 0x1200 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:52:13.0624 0x1200 [ Global ] - ok
13:52:13.0624 0x1200 ================ Scan MBR ==================================
13:52:13.0627 0x1200 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:52:13.0709 0x1200 \Device\Harddisk0\DR0 - ok
13:52:13.0710 0x1200 ================ Scan VBR ==================================
13:52:13.0712 0x1200 [ C0EC9A950FE4861ECAA06A82E97868A7 ] \Device\Harddisk0\DR0\Partition1
13:52:13.0714 0x1200 \Device\Harddisk0\DR0\Partition1 - ok
13:52:13.0717 0x1200 [ 8D56DAEC90BB7EF0FE642186CD6A4C45 ] \Device\Harddisk0\DR0\Partition2
13:52:13.0718 0x1200 \Device\Harddisk0\DR0\Partition2 - ok
13:52:13.0718 0x1200 ================ Scan generic autorun ======================
13:52:13.0719 0x1200 SynTPEnh - ok
13:52:13.0754 0x1200 [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
13:52:13.0899 0x1200 MSC - ok
13:52:14.0107 0x1200 [ 0C971FB9C511505E16D5E8A1340FD37E, 46B14D1EE5C9CBCAEFC8B952DCFFEC0F994D8897DDA8F0A53696615EC1149F88 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
13:52:14.0329 0x1200 Energy Management - ok
13:52:14.0492 0x1200 [ A0C651367C263C89212B3684977D8FBC, 2269C27E2A5509093733471D794E094EFCEBD8BFA7B0C0615B4C97AB9A0C9DD1 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
13:52:14.0661 0x1200 EnergyUtility - ok
13:52:14.0678 0x1200 [ 1A2B569E0D2598CB043DB830DD1468EE, D22C9E3FAAD8EAA11693A30C50FD38C4F264152C3AE29FF9FF00A32BDB051ACC ] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe
13:52:14.0691 0x1200 picon - ok
13:52:14.0724 0x1200 [ D83DCBE9F5C247438087D82B774A685E, 5542CACEA72E61D95CA629199F166CDF3214B9FEF700C83B1A8C615571BB0524 ] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe
13:52:14.0774 0x1200 FingerPrintSoftware - ok
13:52:14.0791 0x1200 [ B401E52C6E9FDEF1ACF89E43D806F9FA, 69EF697697562A6B280652B538FF3D34AE3AD17A51EB30712F824F238A9F34D5 ] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe
13:52:14.0866 0x1200 FingerPrintSoftwareSplashScreen - detected UnsignedFile.Multi.Generic ( 1 )
13:52:14.0866 0x1200 Detect skipped due to KSN trusted
13:52:14.0866 0x1200 FingerPrintSoftwareSplashScreen - ok
13:52:14.0882 0x1200 [ 820D1184C0B9C426B71567DF3641DEE3, ABC8F4E1018ACD89F0473634DC38A25D864E577EB0F345E777E015AF02F70F89 ] C:\Windows\system32\igfxtray.exe
13:52:14.0898 0x1200 IgfxTray - ok
13:52:14.0909 0x1200 [ 09ED9D98114525A7F6913CDC4B14F5E9, AB0850698A3E3F53B96F3AA81E4981CEE336DC01FC5BB5AB0538F342CCFCE0FA ] C:\Windows\system32\hkcmd.exe
13:52:14.0931 0x1200 HotKeysCmds - ok
13:52:14.0945 0x1200 [ 764998FAC5233DA8E2A896799DB1A991, 2B1CA708A253A3F65BDC3B21924058C8A19EDF7255A6975BABF9B26B71FE5330 ] C:\Windows\system32\igfxpers.exe
13:52:14.0958 0x1200 Persistence - ok
13:52:14.0988 0x1200 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
13:52:15.0018 0x1200 XboxStat - ok
13:52:15.0050 0x1200 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:52:15.0080 0x1200 Adobe ARM - ok
13:52:15.0090 0x1200 [ 94B2521BBE8ED7ACED6EB4D697859C2C, 09DD4E8286A6E4A0CB5461C4E33994610879AE767548CFE17379AE83D0DF1F7A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:52:15.0162 0x1200 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
13:52:15.0162 0x1200 Detect skipped due to KSN trusted
13:52:15.0162 0x1200 StartCCC - ok
13:52:15.0162 0x1200 [ 0B867A6BAB305C186AD57B6CEA53D981, 226DD3DEA47BA402CBADDC5AD6EE65254599582C9A0BDD1D502D109740B6690B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:52:15.0237 0x1200 Avira SystrayStartTrigger - ok
13:52:15.0254 0x1200 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
13:52:15.0296 0x1200 avgnt - ok
13:52:15.0331 0x1200 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:52:15.0376 0x1200 Sidebar - ok
13:52:15.0386 0x1200 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:52:15.0436 0x1200 mctadmin - ok
13:52:15.0466 0x1200 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:52:15.0513 0x1200 Sidebar - ok
13:52:15.0518 0x1200 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:52:15.0538 0x1200 mctadmin - ok
13:52:15.0613 0x1200 [ FF74D2A2E3A3615A765B5181DB18551D, C38F06705B4E3264ABA10317BF3DE6D022E9B9D5B3016B08121512E84880963C ] C:\00 Patrick\Steam\steam.exe
13:52:15.0697 0x1200 Steam - ok
13:52:15.0702 0x1200 Object required for P2P: [ FF74D2A2E3A3615A765B5181DB18551D ] C:\00 Patrick\Steam\steam.exe
13:52:18.0284 0x1200 Object send P2P result: true
13:52:18.0294 0x1200 Skype - ok
13:52:18.0344 0x1200 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
13:52:18.0344 0x1200 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
13:52:18.0354 0x1200 Win FW state via NFP2: enabled ( trusted )
13:52:20.0758 0x1200 ============================================================
13:52:20.0758 0x1200 Scan finished
13:52:20.0758 0x1200 ============================================================
13:52:20.0758 0x0c64 Detected object count: 0
13:52:20.0758 0x0c64 Actual detected object count: 0
|
|
11.02.2016, 10:42
| #5 | |
| /// TB-Ausbilder | Laptop hat ständig hohe Auslastung und friert ein Servus, Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Mehrere Anti-Virus-Programme Code:
ATTFilter Microsoft Security Essentials
Avira
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast. Meine Empfehlung: Avira deinstallieren Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
11.02.2016, 12:56
| #6 |
| | Laptop hat ständig hohe Auslastung und friert einCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.02.11.02
rootkit: v2016.02.08.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18163
l e n o v o_T400 :: LENOVO_T400-PC [administrator]
11.02.2016 12:43:20
mbar-log-2016-02-11 (12-43-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 337495
Time elapsed: 10 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
11.02.2016, 16:33
| #7 |
| /// TB-Ausbilder | Laptop hat ständig hohe Auslastung und friert ein Servus, Scan mit Combofix
|
|
11.02.2016, 17:11
| #8 |
| | Laptop hat ständig hohe Auslastung und friert ein Habe Avira entfernt und Microsoft Essentials Security vor dem scan deaktiviert. Code:
ATTFilter ComboFix 16-02-09.01 - l e n o v o_T400 11.02.2016 17:02:04.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1990.635 [GMT 1:00]
ausgeführt von:: c:\users\l e n o v o_T400\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\Install.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2016-01-11 bis 2016-02-11 ))))))))))))))))))))))))))))))
.
.
2016-02-11 16:06 . 2016-02-11 16:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-11 11:43 . 2016-02-11 11:43 -------- d-----w- c:\programdata\Malwarebytes
2016-02-11 11:43 . 2016-02-11 11:55 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2016-02-11 11:43 . 2016-02-11 11:43 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-11 11:42 . 2016-02-11 11:42 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-02-09 12:46 . 2016-02-11 12:48 -------- d-----w- c:\program files (x86)\Avira
2016-02-09 12:26 . 2016-02-09 13:03 -------- d-----w- C:\FRST
2016-02-09 12:18 . 2015-10-27 10:57 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30A00661-E773-4E5F-BA7F-D03BE85744EF}\gapaengine.dll
2016-02-09 12:17 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{321F9E55-8FE4-42E0-829E-C418498C77A3}\mpengine.dll
2016-02-01 07:26 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-01 07:26 . 2015-12-08 21:53 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-02-01 07:26 . 2015-12-08 19:07 879104 ----a-w- c:\windows\system32\advapi32.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-11 11:39 . 2015-10-23 14:41 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-02-11 11:39 . 2015-10-23 14:41 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-01 07:25 . 2015-10-26 17:03 143671360 ----a-w- c:\windows\system32\MRT.exe
2015-12-30 18:37 . 2016-02-09 12:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-09 03:39 . 2010-11-21 03:27 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-11-20 18:54 . 2015-12-09 09:07 37888 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:54 . 2015-12-09 09:07 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:54 . 2015-12-09 09:07 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:54 . 2015-12-09 09:07 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:54 . 2015-12-09 09:06 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:54 . 2015-12-09 09:06 36864 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:54 . 2015-12-09 09:07 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:54 . 2015-12-09 09:07 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:54 . 2015-12-09 09:06 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:54 . 2015-12-09 09:06 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:54 . 2015-12-09 09:06 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-20 18:34 . 2015-12-09 09:07 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-11-20 18:34 . 2015-12-09 09:07 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-11-20 18:34 . 2015-12-09 09:06 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-11-20 18:34 . 2015-12-09 09:07 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-11-20 18:33 . 2015-12-09 09:06 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\00 patrick\Steam\steam.exe" [2016-02-04 3014224]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-02-02 50599552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-05-04 98304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe;c:\windows\SYSNATIVE\ADMonitor.exe [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\00 patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe;c:\00 patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\ATService.exe;c:\windows\SYSNATIVE\ATService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe;c:\windows\SYSNATIVE\DTS.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe;c:\program files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys;c:\windows\SYSNATIVE\Drivers\LenovoRd.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2016-02-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-23 11:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"FingerPrintSoftwareSplashScreen"="c:\program files\Lenovo Fingerprint Software\SplashScreen.exe \s" [X]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-30 1337000]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2015-10-27 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2015-10-27 6200368]
"picon"="c:\program files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe" [2010-02-04 111640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Steam - c:\program files (x86)\Steam\uninstall.exe
AddRemove-Steam App 212680 - c:\program files (x86)\Steam\steam.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-116035449-3229059048-4235389283-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-02-11 17:10:13
ComboFix-quarantined-files.txt 2016-02-11 16:10
.
Vor Suchlauf: 13 Verzeichnis(se), 190.670.233.600 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 191.730.208.768 Bytes frei
.
- - End Of File - - 23D2541671E36683706AB31B625F7701
A36C5E4F47E84449FF07ED3517B43A31
|
|
11.02.2016, 20:58
| #9 |
| /// TB-Ausbilder | Laptop hat ständig hohe Auslastung und friert ein Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
12.02.2016, 09:24
| #10 |
| | Laptop hat ständig hohe Auslastung und friert einCode:
ATTFilter # AdwCleaner v5.033 - Bericht erstellt am 12/02/2016 um 09:05:17
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : l e n o v o_T400 - LENOVO_T400-PC
# Gestartet von : C:\Users\l e n o v o_T400\Desktop\AdwCleaner_5.033.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1123 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 12.02.2016 Suchlaufzeit: 09:10 Protokolldatei: MBAM log.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.12.01 Rootkit-Datenbank: v2016.02.08.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: l e n o v o_T400 Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 348565 Abgelaufene Zeit: 4 Min., 47 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64
Ran by l e n o v o_T400 (Administrator) on 12.02.2016 at 9:19:13,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 12
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\272HOOO6 (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\510WQFC2 (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JQRTWVB (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8NAT2G7B (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUPLR7DC (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HXQ7PGK0 (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HZM8OS6J (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8W4DCN5 (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9NSJL1B (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QYBC7LTX (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6TWYF0 (Folder)
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YD1Z3PJQ (Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.02.2016 at 9:21:03,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 durchgeführt von l e n o v o_T400 (Administrator) auf LENOVO_T400-PC (12-02-2016 09:22:18) Gestartet von C:\Users\l e n o v o_T400\Desktop Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () C:\Windows\System32\DTS.exe (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (AuthenTec, Inc.) C:\Windows\System32\ATService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-10-27] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-10-27] (Lenovo(beijing) Limited) HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] () HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec) HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2011-05-31] (AuthenTec, Inc.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-05-04] (Advanced Micro Devices, Inc.) Winlogon\Notify\ATFUS: Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Steam] => C:\00 Patrick\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.) HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1 ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{48B1B533-B784-4602-A55F-94991A35C471}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{A37D0D6C-8B78-429F-B0B0-32A3CA0E4DDB}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) FireFox: ======== FF ProfilePath: C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-116035449-3229059048-4235389283-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei] FF Extension: Avira Browser Safety - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\abs@avira.com.xpi [2016-02-09] FF Extension: ProxTube - Unblock YouTube - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-11-25] FF Extension: Adblock Plus - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-28] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2011-05-31] () [Datei ist nicht signiert] R2 ATService; C:\Windows\system32\ATService.exe [2715976 2011-05-31] (AuthenTec, Inc.) R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2011-05-31] () [Datei ist nicht signiert] R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG) R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 DAUpdaterSvc; C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-12] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-12 09:21 - 2016-02-12 09:21 - 00002210 _____ C:\Users\l e n o v o_T400\Desktop\JRT.txt 2016-02-12 09:18 - 2016-02-12 09:18 - 00001213 _____ C:\Users\l e n o v o_T400\Desktop\MBAM log.txt 2016-02-12 09:09 - 2016-02-12 09:09 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-02-12 09:09 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-02-12 09:09 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-02-12 09:05 - 2016-02-12 09:05 - 00001202 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner[C1].txt 2016-02-12 09:01 - 2016-02-12 09:08 - 00000000 ____D C:\AdwCleaner 2016-02-12 08:59 - 2016-02-12 08:59 - 22908888 _____ (Malwarebytes ) C:\Users\l e n o v o_T400\Desktop\mbam-setup-2.2.0.1024.exe 2016-02-12 08:59 - 2016-02-12 08:59 - 01609032 _____ (Malwarebytes) C:\Users\l e n o v o_T400\Desktop\JRT.exe 2016-02-12 08:59 - 2016-02-12 08:59 - 01508352 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner_5.033.exe 2016-02-11 17:10 - 2016-02-11 17:10 - 00016844 _____ C:\ComboFix.txt 2016-02-11 17:00 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2016-02-11 17:00 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2016-02-11 17:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2016-02-11 16:53 - 2016-02-11 17:10 - 00000000 ____D C:\Qoobox 2016-02-11 16:53 - 2016-02-11 17:08 - 00000000 ____D C:\Windows\erdnt 2016-02-11 16:52 - 2016-02-11 16:52 - 05657611 ____R (Swearware) C:\Users\l e n o v o_T400\Desktop\ComboFix.exe 2016-02-11 12:43 - 2016-02-12 09:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-02-11 12:43 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-02-11 12:43 - 2016-02-11 12:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-02-11 12:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-02-11 12:41 - 2016-02-11 12:55 - 00000000 ____D C:\Users\l e n o v o_T400\Desktop\mbar 2016-02-11 12:39 - 2016-02-11 12:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\l e n o v o_T400\Desktop\mbar-1.09.3.1001.exe 2016-02-10 13:49 - 2016-02-10 13:52 - 00412762 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.31_log.txt 2016-02-10 13:49 - 2016-02-10 13:49 - 00000490 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.16_log.txt 2016-02-10 13:46 - 2016-02-10 13:48 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\l e n o v o_T400\Desktop\tdsskiller.exe 2016-02-09 14:02 - 2016-02-09 14:03 - 00031972 _____ C:\Users\l e n o v o_T400\Desktop\Addition.txt 2016-02-09 13:54 - 2016-02-12 09:22 - 00010784 _____ C:\Users\l e n o v o_T400\Desktop\FRST.txt 2016-02-09 13:47 - 2016-02-09 13:47 - 00003094 _____ C:\Windows\System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} 2016-02-09 13:46 - 2016-02-11 13:48 - 00000000 ____D C:\Program Files (x86)\Avira 2016-02-09 13:40 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-09 13:40 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-09 13:40 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-09 13:40 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-09 13:40 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-09 13:40 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-09 13:40 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-09 13:40 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-09 13:40 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-09 13:40 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-09 13:40 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-09 13:40 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-09 13:40 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-09 13:40 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-09 13:40 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-09 13:40 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-09 13:40 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-09 13:40 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-09 13:40 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-09 13:40 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-09 13:40 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-09 13:40 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-09 13:40 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-09 13:40 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-09 13:40 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-09 13:40 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-09 13:40 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-09 13:40 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-09 13:40 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-09 13:40 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-09 13:40 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-09 13:40 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-09 13:40 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-09 13:40 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-02-09 13:40 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-02-09 13:26 - 2016-02-12 09:22 - 00000000 ____D C:\FRST 2016-02-09 13:25 - 2016-02-09 13:25 - 02370560 _____ (Farbar) C:\Users\l e n o v o_T400\Desktop\FRST64.exe 2016-02-09 13:16 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-09 13:16 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-09 13:16 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-09 13:16 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-09 13:16 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-09 13:16 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-09 13:16 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-09 13:16 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-09 13:16 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-09 13:16 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-09 13:16 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-09 13:16 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-09 13:16 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-09 13:16 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-09 13:16 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-09 13:16 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-09 13:16 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-09 13:16 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-09 13:16 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-09 13:16 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-09 13:16 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-09 13:16 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-09 13:16 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-09 13:16 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-09 13:16 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-09 13:16 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-09 13:16 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-09 13:16 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-09 13:16 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-09 13:16 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-09 13:16 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-09 13:16 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-09 13:16 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-09 13:16 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-09 13:16 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-09 13:16 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-09 13:16 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-09 13:16 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-09 13:16 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-09 13:16 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-09 13:16 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-09 13:16 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-09 13:16 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-09 13:16 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-09 13:16 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-09 13:16 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-09 13:16 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-09 13:16 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-09 13:16 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-09 13:16 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-09 13:16 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-09 13:16 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-09 13:16 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-09 13:16 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-09 13:16 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-09 13:16 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-09 13:16 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-09 13:16 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-02-09 13:16 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2016-02-09 13:16 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-02-09 13:16 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-02-09 13:16 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-02-09 13:16 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2016-02-09 13:16 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-02-09 13:16 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-02-09 13:16 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-02-09 13:16 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-02-09 13:16 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-02-09 13:16 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-02-09 13:16 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-02-09 13:16 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-02-09 13:16 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-09 13:16 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-02-09 13:16 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2016-02-09 13:16 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2016-02-01 08:26 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-01 08:26 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-12 09:14 - 2011-04-12 08:43 - 00699342 _____ C:\Windows\system32\perfh007.dat 2016-02-12 09:14 - 2011-04-12 08:43 - 00149450 _____ C:\Windows\system32\perfc007.dat 2016-02-12 09:14 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-12 09:14 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-12 09:14 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-12 09:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-02-12 09:07 - 2015-10-23 15:42 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Skype 2016-02-12 09:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-12 08:56 - 2015-10-23 15:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-02-11 17:39 - 2015-10-23 15:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-02-11 17:39 - 2015-10-23 15:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-11 17:39 - 2015-10-23 15:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-02-11 17:08 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini 2016-02-11 13:50 - 2015-10-23 15:42 - 00000000 ____D C:\ProgramData\Skype 2016-02-11 12:41 - 2015-11-10 01:22 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-10 13:42 - 2009-07-14 05:45 - 00294656 _____ C:\Windows\system32\FNTCACHE.DAT 2016-02-10 13:40 - 2015-10-27 11:15 - 00000000 ____D C:\Program Files\Lenovo 2016-02-09 14:16 - 2015-11-10 01:08 - 00000000 ____D C:\ProgramData\Origin 2016-02-09 14:14 - 2015-11-25 12:58 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\DVDVideoSoft 2016-02-09 14:14 - 2015-10-29 20:49 - 00000000 ____D C:\00 Patrick 2016-02-09 13:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Local\Ubisoft Game Launcher 2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-02-01 08:29 - 2015-10-26 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-02-01 08:28 - 2015-10-26 18:04 - 00000000 ____D C:\Windows\system32\MRT 2016-02-01 08:25 - 2015-10-26 18:03 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-10-23 15:52 - 2015-10-23 15:52 - 0000116 _____ () C:\ProgramData\CameraRecorder.ini Einige Dateien in TEMP: ==================== C:\Users\l e n o v o_T400\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-30 19:36 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-12 09:22:41)
Gestartet von C:\Users\l e n o v o_T400\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-23 14:02:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-116035449-3229059048-4235389283-500 - Administrator - Disabled)
Gast (S-1-5-21-116035449-3229059048-4235389283-501 - Limited - Disabled)
l e n o v o_T400 (S-1-5-21-116035449-3229059048-4235389283-1000 - Administrator - Enabled) => C:\Users\l e n o v o_T400
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Anomaly 2 (HKLM-x32\...\Steam App 236730) (Version: - 11 bit studios)
ATI Catalyst Install Manager (HKLM\...\{9B0EAC89-4331-A96E-C7D3-754192589BEE}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5.2-120504a-138564C-Lenovo - ATI Technologies, Inc.)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ccc-core-static (x32 Version: 2012.0504.2334.40448 - Ihr Firmenname) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
Final Dusk (HKLM-x32\...\Steam App 337420) (Version: - Light Echo)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{8046A32C-88A7-45DA-B6D7-B6191E261031}) (Version: 7.03.0546 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Outland (HKLM-x32\...\Steam App 305050) (Version: - Housemarque)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YGOPro DevPro Launcher (HKLM-x32\...\{8D09DD74-E630-4629-80DC-7FB13AE58F3F}) (Version: 2.0.10 - DevPro, LLC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05BDF317-F1BE-410E-857D-889F43E3BD0D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {0D483666-BD0C-48D5-82F4-F930ECA9F05A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated)
Task: {241079DB-C103-4A4D-B21A-E852011677E3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F3152822-05F2-45DA-ADF8-76BDFCFADDD4} - System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/de/go/help.faq.installer?LastError=1618
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-05-31 06:29 - 2011-05-31 06:29 - 00117760 _____ () C:\Windows\system32\DTS.exe
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-02-11 17:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\l e n o v o_T400\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{9F1B72D5-FC54-41E7-8C64-6D0D8C94717F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2F963EB-9CBC-4793-8399-CF2EE3B5341C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA40F968-1239-47BA-9910-BF1EDE28CC3A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{012F6B68-D295-41AB-9A17-FA6EE5CE7F47}] => (Allow) LPort=2869
FirewallRules: [{EBC949E9-EB04-4131-8C3D-5802F68F5AD9}] => (Allow) LPort=1900
FirewallRules: [{AFCB54A4-6BEF-4376-8FBE-9B0FFEAC7DBE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{07563221-6C4E-4FF2-B720-E1CC00950509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D375C97-D8A4-4EBC-A9EA-739A8C9E69AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{72868D83-C4A2-4AC2-820D-5C033836562B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{009CFA44-D550-4669-8351-2A9B9EB49FCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06BC55BF-52A5-4334-A46A-ECF2D8F45D15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{78C8E05C-7516-40B0-BCC5-AB8B7790310E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B3987217-92BF-4D1F-800D-981B2BCF9A6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6B2A6036-4605-4FFF-A7B2-8DF6B0D0601C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{FD0891A4-ADEA-4B5C-956F-F5A8EECBF98D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{79A90932-5DA3-431B-BA14-08DF350C623C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{CDB297EE-9D1A-4A73-8275-07A9C5D239F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{1F89DABE-467B-4F4F-9EBD-3B85DDB67C7A}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [{91A1A7F1-BC69-4960-AF4F-F4D1B59AB939}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [TCP Query User{913DF891-DD3E-46FA-B821-48A854141B7A}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [UDP Query User{79A11FC0-BECD-4855-AD7D-F362FBFBFB24}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [{C437FD31-D94B-4F8C-8C0F-804D02293745}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{974E794F-EE7C-4CAE-B173-18BF7E4431B9}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{FEBB9783-D452-4575-AF84-443D98B8DDC1}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{A2214476-9994-4910-87F9-B61A14A59635}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{35C0DF2D-3043-4479-9DFD-CED810814F87}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{FD4FA76C-9825-4DEF-BC4D-69A4A1821DE6}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{CFA718F6-8366-46F5-AB2B-1E5A2AA916FF}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7229F608-EC44-4384-B92E-07552E506BD9}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [{1401E6C4-615B-49F4-B599-6A8A7349DDEE}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BCE41C79-C138-4F01-8C8A-6C5D313806A6}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C4C6EFE2-A3D3-4D6C-A6DF-B13FD962BA2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C7D6879E-88CE-4F75-B9BD-4AB85C7D801A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7137B81-01C5-4B4A-866C-6C5E91C22509}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C283972A-8B8E-4402-BAE7-68FF00C3C6D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE13F4A3-9CEB-4909-B1D5-4228652301F6}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{C108768B-7704-4065-BF85-737ADBF5F18E}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF79A33D-134D-40B0-AEC0-841F6BDF1526}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037598EA-7072-4F8D-B418-23C8DDABAA0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C5D6C5-9E1B-428B-979C-AE3345DEAA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{64684FDC-2FAE-458F-89E6-6727F3471D63}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D7D4382D-8DE1-4C4D-8134-67F6C9858A01}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{7BB0AEC7-369E-42E5-9144-EC4C9CFBD70C}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{28292762-161E-4710-A38D-B48039438495}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{6601F52C-B9B4-4B07-A9C8-206B18D44202}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{20EC68C0-8861-4CEC-90E3-8743A749D309}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{CC60C3B7-C76E-4F04-9861-F0E45CC0C7E8}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [TCP Query User{813447D1-9988-4423-A07D-2A48C84814A9}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8113568B-25A4-42B4-81B0-2B3D358B6902}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{86918A03-D4F5-482F-8D07-00E54E47C593}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{50CD02A8-AEB8-4985-BD21-9EEA1F4CF886}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{177B25B5-080B-4475-AC38-36A5A236FD86}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{594EABC2-428A-4755-81FB-AED0DA33E3EB}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3B4AD008-7737-4088-A141-21CED53840A3}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{F25D5FC4-06A9-4A95-B334-BA7C00F556F0}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{DFAB99F8-9F93-438E-9D29-4D0FCDC5C5DF}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{5459E706-1BA5-4BEA-803E-58DDDA775F97}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{CD933E24-9EA9-4C0D-BC71-B56D00719B66}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{BFBDDC45-2DCD-4520-846B-8C802178B568}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{5BE08BEE-291E-41E4-BCF5-1948A3C4EA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{84CCB198-5B74-4126-9DD2-09B8E4E40AC7}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
==================== Wiederherstellungspunkte =========================
09-02-2016 15:37:40 Windows Update
11-02-2016 12:39:33 Removed Avira Browser Safety
12-02-2016 09:19:14 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/12/2016 09:08:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/12/2016 08:58:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/11/2016 04:52:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/11/2016 01:50:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/11/2016 12:36:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2016 01:42:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2016 01:41:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/09/2016 01:14:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/09/2016 10:52:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/01/2016 08:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (02/12/2016 09:22:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:20:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:18:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:16:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:14:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:12:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:10:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:08:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/12/2016 09:06:28 AM) (Source: TPM) (EventID: 15) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.
Error: (02/12/2016 09:06:28 AM) (Source: TPM) (EventID: 2) (User: )
Description: Fehler des TPM-Selbsttestbefehls.
CodeIntegrity:
===================================
Date: 2016-02-11 17:06:24.119
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-02-11 17:06:24.081
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 1990.02 MB
Verfügbarer physikalischer RAM: 630.27 MB
Summe virtueller Speicher: 4976.02 MB
Verfügbarer virtueller Speicher: 3230.57 MB
==================== Laufwerke ================================
Drive c: (Windows 7 SSD) (Fixed) (Total:238.37 GB) (Free:178.46 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5DE8806A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
12.02.2016, 21:59
| #11 |
| /// TB-Ausbilder | Laptop hat ständig hohe Auslastung und friert ein Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
13.02.2016, 11:17
| #12 |
| | Laptop hat ständig hohe Auslastung und friert ein Ich drücke bei HitManPro auf Logdatei speichern aber es passiert nichts. Momentan hab ich eine Auslastung von 50% obwohl nur Firefox mit diesem Fenster hier und Skype offen sind, was mir etwas hoch vorkommt. Oder ist das bei Laptops vielleicht sogar normal? Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-13 08:11:35) Run:1
Gestartet von C:\Users\l e n o v o_T400\Desktop
Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowCpl => Wert erfolgreich entfernt
"HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 468.2 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 08:11:52 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f2a0e54a12fe924dbad4f81b1f8cf039
# end=init
# utc_time=2016-02-13 07:28:14
# local_time=2016-02-13 08:28:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28108
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f2a0e54a12fe924dbad4f81b1f8cf039
# end=updated
# utc_time=2016-02-13 07:31:26
# local_time=2016-02-13 08:31:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f2a0e54a12fe924dbad4f81b1f8cf039
# engine=28108
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-13 08:01:02
# local_time=2016-02-13 09:01:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 9407637 149531672 0 0
# scanned=192356
# found=0
# cleaned=0
# scan_time=1776
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 durchgeführt von l e n o v o_T400 (Administrator) auf LENOVO_T400-PC (13-02-2016 11:03:15) Gestartet von C:\Users\l e n o v o_T400\Desktop Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () C:\Windows\System32\DTS.exe (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (AuthenTec, Inc.) C:\Windows\System32\ATService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Valve Corporation) C:\00 Patrick\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (SurfRight B.V.) C:\Users\l e n o v o_T400\Desktop\HitmanPro_x64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-10-27] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-10-27] (Lenovo(beijing) Limited) HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] () HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec) HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2011-05-31] (AuthenTec, Inc.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-05-04] (Advanced Micro Devices, Inc.) Winlogon\Notify\ATFUS: Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Steam] => C:\00 Patrick\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{48B1B533-B784-4602-A55F-94991A35C471}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{A37D0D6C-8B78-429F-B0B0-32A3CA0E4DDB}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) FireFox: ======== FF ProfilePath: C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-116035449-3229059048-4235389283-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei] FF Extension: Avira Browser Safety - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\abs@avira.com.xpi [2016-02-09] FF Extension: ProxTube - Unblock YouTube - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-11-25] FF Extension: Adblock Plus - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-28] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2011-05-31] () [Datei ist nicht signiert] R2 ATService; C:\Windows\system32\ATService.exe [2715976 2011-05-31] (AuthenTec, Inc.) R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2011-05-31] () [Datei ist nicht signiert] R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG) R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 DAUpdaterSvc; C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-02-13] () R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-13] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-13 11:00 - 2016-02-13 11:00 - 00049584 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2016-02-13 08:28 - 2016-02-13 08:28 - 00000000 ____D C:\Program Files (x86)\ESET 2016-02-13 08:27 - 2016-02-13 08:27 - 02870984 _____ (ESET) C:\Users\l e n o v o_T400\Desktop\esetsmartinstaller_deu.exe 2016-02-13 08:17 - 2016-02-13 08:22 - 00000000 ____D C:\ProgramData\HitmanPro 2016-02-13 08:17 - 2016-02-13 08:17 - 11443792 _____ (SurfRight B.V.) C:\Users\l e n o v o_T400\Desktop\HitmanPro_x64.exe 2016-02-13 08:11 - 2016-02-13 08:11 - 00001974 _____ C:\Users\l e n o v o_T400\Desktop\Fixlog.txt 2016-02-12 09:21 - 2016-02-12 09:21 - 00002210 _____ C:\Users\l e n o v o_T400\Desktop\JRT.txt 2016-02-12 09:18 - 2016-02-12 09:18 - 00001213 _____ C:\Users\l e n o v o_T400\Desktop\MBAM log.txt 2016-02-12 09:09 - 2016-02-12 09:09 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-02-12 09:09 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-02-12 09:09 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-02-12 09:05 - 2016-02-12 09:05 - 00001202 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner[C1].txt 2016-02-12 09:01 - 2016-02-12 09:08 - 00000000 ____D C:\AdwCleaner 2016-02-12 08:59 - 2016-02-12 08:59 - 22908888 _____ (Malwarebytes ) C:\Users\l e n o v o_T400\Desktop\mbam-setup-2.2.0.1024.exe 2016-02-12 08:59 - 2016-02-12 08:59 - 01609032 _____ (Malwarebytes) C:\Users\l e n o v o_T400\Desktop\JRT.exe 2016-02-12 08:59 - 2016-02-12 08:59 - 01508352 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner_5.033.exe 2016-02-11 17:10 - 2016-02-11 17:10 - 00016844 _____ C:\ComboFix.txt 2016-02-11 17:00 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2016-02-11 17:00 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2016-02-11 17:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2016-02-11 17:00 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2016-02-11 16:53 - 2016-02-11 17:10 - 00000000 ____D C:\Qoobox 2016-02-11 16:53 - 2016-02-11 17:08 - 00000000 ____D C:\Windows\erdnt 2016-02-11 16:52 - 2016-02-11 16:52 - 05657611 ____R (Swearware) C:\Users\l e n o v o_T400\Desktop\ComboFix.exe 2016-02-11 12:43 - 2016-02-13 09:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-02-11 12:43 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-02-11 12:43 - 2016-02-11 12:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-02-11 12:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-02-11 12:41 - 2016-02-11 12:55 - 00000000 ____D C:\Users\l e n o v o_T400\Desktop\mbar 2016-02-11 12:39 - 2016-02-11 12:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\l e n o v o_T400\Desktop\mbar-1.09.3.1001.exe 2016-02-10 13:49 - 2016-02-10 13:52 - 00412762 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.31_log.txt 2016-02-10 13:49 - 2016-02-10 13:49 - 00000490 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.16_log.txt 2016-02-10 13:46 - 2016-02-10 13:48 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\l e n o v o_T400\Desktop\tdsskiller.exe 2016-02-09 14:02 - 2016-02-12 09:22 - 00029078 _____ C:\Users\l e n o v o_T400\Desktop\Addition.txt 2016-02-09 13:54 - 2016-02-13 11:03 - 00011853 _____ C:\Users\l e n o v o_T400\Desktop\FRST.txt 2016-02-09 13:47 - 2016-02-09 13:47 - 00003094 _____ C:\Windows\System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} 2016-02-09 13:46 - 2016-02-11 13:48 - 00000000 ____D C:\Program Files (x86)\Avira 2016-02-09 13:40 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-09 13:40 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-09 13:40 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-09 13:40 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-09 13:40 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-09 13:40 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-09 13:40 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-09 13:40 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-09 13:40 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-09 13:40 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-09 13:40 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-09 13:40 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-09 13:40 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-09 13:40 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-09 13:40 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-09 13:40 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-09 13:40 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-09 13:40 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-09 13:40 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-09 13:40 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-09 13:40 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-09 13:40 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-09 13:40 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-09 13:40 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-09 13:40 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-09 13:40 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-09 13:40 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-09 13:40 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-09 13:40 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-09 13:40 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-09 13:40 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-09 13:40 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-09 13:40 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-09 13:40 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-09 13:40 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-09 13:40 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-09 13:40 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-09 13:40 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-09 13:40 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-02-09 13:40 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-02-09 13:26 - 2016-02-13 11:03 - 00000000 ____D C:\FRST 2016-02-09 13:25 - 2016-02-09 13:25 - 02370560 _____ (Farbar) C:\Users\l e n o v o_T400\Desktop\FRST64.exe 2016-02-09 13:16 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-09 13:16 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-09 13:16 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-09 13:16 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-09 13:16 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-09 13:16 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-09 13:16 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-09 13:16 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-09 13:16 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-09 13:16 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-09 13:16 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-09 13:16 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-09 13:16 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-09 13:16 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-09 13:16 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-09 13:16 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-09 13:16 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-09 13:16 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-09 13:16 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-09 13:16 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-09 13:16 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-09 13:16 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-09 13:16 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-09 13:16 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-09 13:16 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-09 13:16 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-09 13:16 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-09 13:16 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-09 13:16 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-09 13:16 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-09 13:16 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-09 13:16 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-09 13:16 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-09 13:16 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-09 13:16 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-09 13:16 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-09 13:16 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-09 13:16 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-09 13:16 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-09 13:16 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-09 13:16 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-09 13:16 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-09 13:16 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-09 13:16 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-09 13:16 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-09 13:16 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-09 13:16 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-09 13:16 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-09 13:16 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-09 13:16 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-09 13:16 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-09 13:16 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-09 13:16 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-09 13:16 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-09 13:16 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-09 13:16 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-09 13:16 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-09 13:16 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-09 13:16 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-09 13:16 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-02-09 13:16 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2016-02-09 13:16 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-02-09 13:16 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-02-09 13:16 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-02-09 13:16 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-02-09 13:16 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-02-09 13:16 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-02-09 13:16 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2016-02-09 13:16 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-02-09 13:16 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-02-09 13:16 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-02-09 13:16 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-02-09 13:16 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-02-09 13:16 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-02-09 13:16 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-02-09 13:16 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-02-09 13:16 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-02-09 13:16 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-02-09 13:16 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-09 13:16 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-02-09 13:16 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2016-02-09 13:16 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2016-02-01 08:26 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-01 08:26 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-13 11:03 - 2015-10-23 15:42 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Skype 2016-02-13 10:59 - 2015-10-23 15:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-02-13 09:06 - 2016-01-07 00:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-13 08:26 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-13 08:26 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-13 08:19 - 2011-04-12 08:43 - 00699342 _____ C:\Windows\system32\perfh007.dat 2016-02-13 08:19 - 2011-04-12 08:43 - 00149450 _____ C:\Windows\system32\perfc007.dat 2016-02-13 08:19 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-13 08:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-02-13 08:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-11 17:39 - 2015-10-23 15:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-02-11 17:39 - 2015-10-23 15:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-11 17:39 - 2015-10-23 15:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-02-11 17:08 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini 2016-02-11 13:50 - 2015-10-23 15:42 - 00000000 ____D C:\ProgramData\Skype 2016-02-11 12:41 - 2015-11-10 01:22 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-10 13:42 - 2009-07-14 05:45 - 00294656 _____ C:\Windows\system32\FNTCACHE.DAT 2016-02-10 13:40 - 2015-10-27 11:15 - 00000000 ____D C:\Program Files\Lenovo 2016-02-09 14:16 - 2015-11-10 01:08 - 00000000 ____D C:\ProgramData\Origin 2016-02-09 14:14 - 2015-11-25 12:58 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\DVDVideoSoft 2016-02-09 14:14 - 2015-10-29 20:49 - 00000000 ____D C:\00 Patrick 2016-02-09 13:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Local\Ubisoft Game Launcher 2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-02-01 08:29 - 2015-10-26 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-02-01 08:28 - 2015-10-26 18:04 - 00000000 ____D C:\Windows\system32\MRT 2016-02-01 08:25 - 2015-10-26 18:03 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-10-23 15:52 - 2015-10-23 15:52 - 0000116 _____ () C:\ProgramData\CameraRecorder.ini ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-30 19:36 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-13 11:03:52)
Gestartet von C:\Users\l e n o v o_T400\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-23 14:02:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-116035449-3229059048-4235389283-500 - Administrator - Disabled)
Gast (S-1-5-21-116035449-3229059048-4235389283-501 - Limited - Disabled)
l e n o v o_T400 (S-1-5-21-116035449-3229059048-4235389283-1000 - Administrator - Enabled) => C:\Users\l e n o v o_T400
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Anomaly 2 (HKLM-x32\...\Steam App 236730) (Version: - 11 bit studios)
ATI Catalyst Install Manager (HKLM\...\{9B0EAC89-4331-A96E-C7D3-754192589BEE}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5.2-120504a-138564C-Lenovo - ATI Technologies, Inc.)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ccc-core-static (x32 Version: 2012.0504.2334.40448 - Ihr Firmenname) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Final Dusk (HKLM-x32\...\Steam App 337420) (Version: - Light Echo)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{8046A32C-88A7-45DA-B6D7-B6191E261031}) (Version: 7.03.0546 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Outland (HKLM-x32\...\Steam App 305050) (Version: - Housemarque)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YGOPro DevPro Launcher (HKLM-x32\...\{8D09DD74-E630-4629-80DC-7FB13AE58F3F}) (Version: 2.0.10 - DevPro, LLC)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {09093292-B941-4E1E-BB80-B50A0F011D99} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {0D483666-BD0C-48D5-82F4-F930ECA9F05A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated)
Task: {CDB63A93-539B-488F-8375-CF3C07B4B8D3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F3152822-05F2-45DA-ADF8-76BDFCFADDD4} - System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/de/go/help.faq.installer?LastError=1618
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-05-31 06:29 - 2011-05-31 06:29 - 00117760 _____ () C:\Windows\system32\DTS.exe
2008-12-20 03:20 - 2015-10-27 11:14 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-04 23:33 - 2012-05-04 23:33 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-10-29 21:03 - 2015-12-15 06:54 - 00782336 _____ () C:\00 Patrick\Steam\SDL2.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 04962816 _____ () C:\00 Patrick\Steam\v8.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01556992 _____ () C:\00 Patrick\Steam\icui18n.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01187840 _____ () C:\00 Patrick\Steam\icuuc.dll
2015-10-29 21:03 - 2016-02-04 22:02 - 02546768 _____ () C:\00 Patrick\Steam\video.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 02549248 _____ () C:\00 Patrick\Steam\libavcodec-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00442880 _____ () C:\00 Patrick\Steam\libavutil-54.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00491008 _____ () C:\00 Patrick\Steam\libavformat-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00332800 _____ () C:\00 Patrick\Steam\libavresample-2.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00485888 _____ () C:\00 Patrick\Steam\libswscale-3.dll
2015-10-29 21:03 - 2016-02-04 22:01 - 00802896 _____ () C:\00 Patrick\Steam\bin\chromehtml.DLL
2015-10-29 21:02 - 2015-12-30 02:51 - 00208896 _____ () C:\00 Patrick\Steam\bin\openvr_api.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-10-29 21:03 - 2016-01-06 02:52 - 48387872 _____ () C:\00 Patrick\Steam\bin\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-02-11 17:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\l e n o v o_T400\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{9F1B72D5-FC54-41E7-8C64-6D0D8C94717F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2F963EB-9CBC-4793-8399-CF2EE3B5341C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA40F968-1239-47BA-9910-BF1EDE28CC3A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{012F6B68-D295-41AB-9A17-FA6EE5CE7F47}] => (Allow) LPort=2869
FirewallRules: [{EBC949E9-EB04-4131-8C3D-5802F68F5AD9}] => (Allow) LPort=1900
FirewallRules: [{AFCB54A4-6BEF-4376-8FBE-9B0FFEAC7DBE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{07563221-6C4E-4FF2-B720-E1CC00950509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D375C97-D8A4-4EBC-A9EA-739A8C9E69AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{72868D83-C4A2-4AC2-820D-5C033836562B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{009CFA44-D550-4669-8351-2A9B9EB49FCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06BC55BF-52A5-4334-A46A-ECF2D8F45D15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{78C8E05C-7516-40B0-BCC5-AB8B7790310E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B3987217-92BF-4D1F-800D-981B2BCF9A6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6B2A6036-4605-4FFF-A7B2-8DF6B0D0601C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{FD0891A4-ADEA-4B5C-956F-F5A8EECBF98D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{79A90932-5DA3-431B-BA14-08DF350C623C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{CDB297EE-9D1A-4A73-8275-07A9C5D239F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{1F89DABE-467B-4F4F-9EBD-3B85DDB67C7A}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [{91A1A7F1-BC69-4960-AF4F-F4D1B59AB939}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [TCP Query User{913DF891-DD3E-46FA-B821-48A854141B7A}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [UDP Query User{79A11FC0-BECD-4855-AD7D-F362FBFBFB24}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [{C437FD31-D94B-4F8C-8C0F-804D02293745}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{974E794F-EE7C-4CAE-B173-18BF7E4431B9}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{FEBB9783-D452-4575-AF84-443D98B8DDC1}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{A2214476-9994-4910-87F9-B61A14A59635}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{35C0DF2D-3043-4479-9DFD-CED810814F87}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{FD4FA76C-9825-4DEF-BC4D-69A4A1821DE6}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{CFA718F6-8366-46F5-AB2B-1E5A2AA916FF}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7229F608-EC44-4384-B92E-07552E506BD9}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [{1401E6C4-615B-49F4-B599-6A8A7349DDEE}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BCE41C79-C138-4F01-8C8A-6C5D313806A6}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C4C6EFE2-A3D3-4D6C-A6DF-B13FD962BA2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C7D6879E-88CE-4F75-B9BD-4AB85C7D801A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7137B81-01C5-4B4A-866C-6C5E91C22509}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C283972A-8B8E-4402-BAE7-68FF00C3C6D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE13F4A3-9CEB-4909-B1D5-4228652301F6}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{C108768B-7704-4065-BF85-737ADBF5F18E}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF79A33D-134D-40B0-AEC0-841F6BDF1526}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037598EA-7072-4F8D-B418-23C8DDABAA0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C5D6C5-9E1B-428B-979C-AE3345DEAA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{64684FDC-2FAE-458F-89E6-6727F3471D63}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D7D4382D-8DE1-4C4D-8134-67F6C9858A01}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{7BB0AEC7-369E-42E5-9144-EC4C9CFBD70C}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{28292762-161E-4710-A38D-B48039438495}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{6601F52C-B9B4-4B07-A9C8-206B18D44202}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{20EC68C0-8861-4CEC-90E3-8743A749D309}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{CC60C3B7-C76E-4F04-9861-F0E45CC0C7E8}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [TCP Query User{813447D1-9988-4423-A07D-2A48C84814A9}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8113568B-25A4-42B4-81B0-2B3D358B6902}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{86918A03-D4F5-482F-8D07-00E54E47C593}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{50CD02A8-AEB8-4985-BD21-9EEA1F4CF886}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{177B25B5-080B-4475-AC38-36A5A236FD86}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{594EABC2-428A-4755-81FB-AED0DA33E3EB}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3B4AD008-7737-4088-A141-21CED53840A3}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{F25D5FC4-06A9-4A95-B334-BA7C00F556F0}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{DFAB99F8-9F93-438E-9D29-4D0FCDC5C5DF}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{5459E706-1BA5-4BEA-803E-58DDDA775F97}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{CD933E24-9EA9-4C0D-BC71-B56D00719B66}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{BFBDDC45-2DCD-4520-846B-8C802178B568}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{5BE08BEE-291E-41E4-BCF5-1948A3C4EA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{84CCB198-5B74-4126-9DD2-09B8E4E40AC7}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
==================== Wiederherstellungspunkte =========================
09-02-2016 15:37:40 Windows Update
11-02-2016 12:39:33 Removed Avira Browser Safety
12-02-2016 09:19:14 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/13/2016 08:29:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (02/13/2016 08:28:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (02/13/2016 08:28:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (02/13/2016 08:28:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (02/13/2016 08:27:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (02/13/2016 08:27:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (02/13/2016 08:14:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/13/2016 08:09:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/12/2016 09:08:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/12/2016 08:58:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (02/13/2016 11:03:15 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/13/2016 11:01:15 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/13/2016 10:59:18 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/13/2016 10:59:17 AM) (Source: TPM) (EventID: 15) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.
Error: (02/13/2016 10:59:17 AM) (Source: TPM) (EventID: 2) (User: )
Description: Fehler des TPM-Selbsttestbefehls.
Error: (02/13/2016 09:07:26 AM) (Source: TPM) (EventID: 12) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein Fehler in der TPM-Hardware aufgetreten, der dazu führen kann, dass einige Anwendungen, die TPM-Dienste verwenden, nicht ordnungsgemäß ausgeführt werden. Starten Sie den Computer neu, um die TPM-Hardware zurückzusetzen. Wenn Sie weitere Unterstützung benötigen, wenden Sie sich an den Computerhersteller, um weitere Informationen zu erhalten.
Error: (02/13/2016 09:07:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/13/2016 09:05:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/13/2016 09:03:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
Error: (02/13/2016 09:01:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS. Fehlercode: 0x8028001c.
CodeIntegrity:
===================================
Date: 2016-02-11 17:06:24.119
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-02-11 17:06:24.081
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 77%
Installierter physikalischer RAM: 1990.02 MB
Verfügbarer physikalischer RAM: 456.09 MB
Summe virtueller Speicher: 4976.02 MB
Verfügbarer virtueller Speicher: 2483.13 MB
==================== Laufwerke ================================
Drive c: (Windows 7 SSD) (Fixed) (Total:238.37 GB) (Free:177.85 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5DE8806A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von Senkay (13.02.2016 um 11:22 Uhr) |
|
13.02.2016, 21:45
| #13 |
| /// TB-Ausbilder | Laptop hat ständig hohe Auslastung und friert ein Ich sehe keine Malware, die für dein Problem verantwortlich sein könnte. Bitte mal lesen: PC wird immer langsamer - was tun? Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
14.02.2016, 13:05
| #14 |
| | Laptop hat ständig hohe Auslastung und friert ein Kurz nach dem Neustart hat sich der Laptop abgeschaltet und ich kann ihn nicht mehr starte. Es leuchtet auch kein Licht mehr, das z.B. anzeigt das er geladen wird. Heiß ist er auch nicht. Das Problem hat sich erledigt. Es lag am Akku. Habe ihn kurz rausgenommen, wieder rein gesteckt und er fährt wieder hoch. Es scheint soweit ich das sehen kann alles in Ordung zu sein. Die Auslastung verwirrt mich immer noch aber er ist nicht wieder eingefroren bislang. |
|
14.02.2016, 20:36
| #15 |
| /// TB-Ausbilder | Laptop hat ständig hohe Auslastung und friert ein Dann ist es wohl ein Hardwareproblem, nicht Malware. Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Laptop hat ständig hohe Auslastung und friert ein |
| 100%, antivirus, auslastung, avira, converter, cpu, desktop, dnsapi.dll, error, firefox, flash player, freundlich, gerätetreiber, home, homepage, mozilla, mp3, prozesse, registry, scan, security, services.exe, software, starten, svchost.exe, system, udp, windows |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
