Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.10.2015, 15:09   #1
lillisam
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Icon17

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Liebes Team von Trojaner-Board,

ich wende mich heute an euch, da ich leider nicht mehr weiter weiß. Seit einiger Zeit wird mein Laptop (Lenovo B570; Intel Core i3 2310M, 2,1GHz, 4GB RAM, 500GB HDD, Intel HD 3000, DVD, Win 7 HP) immer langsamer und die Lüftung dreht quasi durch. Besonders häufig treten lags beim surfen im Netz auf: Facebook, youtube, diverse Onlineshops etc.
Ich habe schon bemerkt, dass die CPU oftmals in die Höhe schießt und hatte Firefox als Auslöser ausgemacht. Nach dem Deinstallieren und dem Wechsel zu Chrome ist es zwar ein bisschen besser geworden, aber der Laptop kehrt noch nicht zur alten Qualität zurück.
Auch ein Virenscan mit Antivir hat nichts zu Tage gefördert. Was kann ich als Laie (und was Computer angeht bin ich wohl eher eine hohle Nuss) noch unternehmen um der Sache auf den Grund zu gehen.

Beste Grüße, lillisam

Alt 24.10.2015, 16:24   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Hi, wir können ja mal nachschauen ob Malware vorhanden ist.



Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 24.10.2015, 17:28   #3
lillisam
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Hallo Jürgen,

danke für die schnelle Antwort. Hier mal die geforderten Logfiles:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-10-2015
durchgeführt von Lisa (Administrator) auf LISA-PC (24-10-2015 18:01:02)
Gestartet von C:\Users\Lisa\Downloads
Geladene Profile: Lisa (Verfügbare Profile: Lisa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Egis Technology Inc. ) C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-08-24] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-08-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-08-24] (Lenovo)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2861600 2014-03-18] (Mister Group)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [383344 2010-12-14] (Egis Technology Inc. )
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-183688101-383788575-4159485337-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [SOS_Agent] => "C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe" -agent
HKU\S-1-5-18\...\Run: [SOS Browser Monitor] => "C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe"
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A80EC356-7488-42E8-949A-ABD8CC413FEF}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-183688101-383788575-4159485337-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-183688101-383788575-4159485337-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-183688101-383788575-4159485337-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-183688101-383788575-4159485337-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-183688101-383788575-4159485337-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-24] (Oracle Corporation)
BHO: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll [2010-12-14] (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-24] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-24] (Oracle Corporation)
BHO-x32: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll [2010-12-14] (Egis Technology Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-24] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-183688101-383788575-4159485337-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\kuqtb5ci.default-1408529912751
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-23] ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\windows\system32\npDeployJava1.dll [2013-09-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-04-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-08-12] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\cgpcfg.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\CgpCore.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\confmgr.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\ctxlogging.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\ctxmui.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\icafile.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\icalogon.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\msvcm80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\msvcp80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\msvcr80.dll [2007-03-16] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\npicaN.dll [2009-08-14] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\sslsdk_b.dll [2009-08-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lisa\AppData\Roaming\mozilla\plugins\TcpPServ.dll [2009-08-14] (Citrix Systems, Inc.)
FF Extension: YouTube Unblocker - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\kuqtb5ci.default-1408529912751\Extensions\youtubeunblocker__web@unblocker.yt [2015-09-17]
FF Extension: FTPShield - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\kuqtb5ci.default-1408529912751\Extensions\{1465f950-ffd1-456a-8dfa-20687301717e}.xpi [2015-09-19] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\kuqtb5ci.default-1408529912751\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-03] [ist nicht signiert]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\EgisTec BioExcess\FFExt
FF Extension:  Online Accounts Extension  - C:\Program Files (x86)\EgisTec BioExcess\FFExt [2011-08-24] [ist nicht signiert]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll => Keine Datei
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll => Keine Datei
CHR Profile: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Adblock Plus) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-04]
CHR Extension: (Google-Suche) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Skype Click to Call) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-17]
CHR Extension: (Google Mail) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [956192 2011-02-15] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-08] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-27] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
U3 BcmSqlStartupSvc; kein ImagePath
U2 CLKMSVC10_3A60B698; kein ImagePath
U2 CLKMSVC10_C3B3B687; kein ImagePath
U2 DriverService; kein ImagePath
U2 IAStorDataMgrSvc; kein ImagePath
U2 iATAgentService; kein ImagePath
U2 idealife Update Service; kein ImagePath
U3 IGRS; kein ImagePath
U2 IviRegMgr; kein ImagePath
U2 nvUpdatusService; kein ImagePath
U2 Oasis2Service; kein ImagePath
U2 PCCarerService; kein ImagePath
U2 ReadyComm.DirectRouter; kein ImagePath
U2 RichVideo; kein ImagePath
U2 RtLedService; kein ImagePath
U2 SeaPort; kein ImagePath
U2 SoftwareService; kein ImagePath
U3 SQLWriter; kein ImagePath
U2 Stereo Service; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-24 18:01 - 2015-10-24 18:01 - 00026393 _____ C:\Users\Lisa\Downloads\FRST.txt
2015-10-24 18:00 - 2015-10-24 18:01 - 00000000 ____D C:\FRST
2015-10-24 18:00 - 2015-10-24 18:00 - 02196480 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2015-10-24 16:28 - 2015-10-24 16:28 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-24 16:28 - 2015-10-24 16:28 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-24 16:28 - 2015-10-24 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-24 16:26 - 2015-10-24 16:26 - 00243888 _____ C:\Users\Lisa\Downloads\Firefox Setup Stub 41.0.2.exe
2015-10-23 20:02 - 2015-10-23 20:02 - 428024911 _____ C:\windows\MEMORY.DMP
2015-10-23 20:02 - 2015-10-23 20:02 - 00280392 _____ C:\windows\Minidump\102315-21996-01.dmp
2015-10-19 22:20 - 2015-10-23 19:06 - 00000000 ____D C:\Users\Lisa\Desktop\filofax
2015-10-17 16:51 - 2015-10-17 16:51 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-16 00:20 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-16 00:20 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-16 00:20 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-16 00:20 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-16 00:20 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-16 00:20 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-16 00:20 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-14 18:40 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-10-14 18:40 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-10-14 18:40 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-10-14 18:40 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-10-14 18:40 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-10-14 18:40 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-10-14 18:40 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-10-14 18:40 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-10-14 18:40 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-10-14 18:40 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-10-14 18:40 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-10-14 18:40 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-10-14 18:40 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-10-14 18:40 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-10-14 18:40 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-10-14 18:40 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-10-14 18:40 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-10-14 18:40 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-10-14 18:40 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-10-14 18:40 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-10-14 18:40 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-10-14 18:40 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-10-14 18:40 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 18:40 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-10-14 18:40 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-10-14 18:40 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-10-14 18:40 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-10-14 18:40 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-10-14 18:40 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-10-14 18:40 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-10-14 18:40 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-10-14 18:40 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-10-14 18:40 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-10-14 18:40 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-10-14 18:40 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-10-14 18:40 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-10-14 18:40 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-10-14 18:40 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-10-14 18:40 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-10-14 18:40 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-10-14 18:40 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-10-14 18:40 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-10-14 18:40 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-10-14 18:40 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-10-14 18:40 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-10-14 18:40 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-10-14 18:40 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-10-14 18:40 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-10-14 18:40 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 18:40 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-10-14 18:40 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-10-14 18:40 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-10-14 18:40 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-10-14 18:40 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-10-14 18:40 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-10-14 18:40 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-10-14 18:40 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-10-14 18:40 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-10-14 18:40 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-10-14 18:40 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-10-14 18:40 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-10-14 18:40 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-10-14 18:40 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-10-14 18:40 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-10-14 18:38 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-10-14 18:38 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2015-10-14 18:38 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-10-14 18:38 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2015-10-14 18:34 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-10-14 18:34 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-10-14 18:34 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-10-14 18:34 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-10-14 18:34 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-10-14 18:34 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-10-14 18:34 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-10-14 18:34 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-10-14 18:34 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-10-14 18:34 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-10-14 18:34 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-10-14 18:34 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-10-14 18:34 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-10-14 18:34 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-10-14 18:34 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-10-14 18:34 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-10-14 18:33 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-10-14 18:33 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-10-14 18:33 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-10-14 18:33 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-10-14 18:33 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-10-14 18:33 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-10-14 18:33 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-10-14 18:33 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-10-14 18:33 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-10-14 18:33 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-10-14 18:33 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-10-14 18:33 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-10-14 18:33 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-10-14 18:33 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-10-14 18:33 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-10-14 18:33 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-10-14 18:33 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-10-14 18:33 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-10-14 18:33 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-10-14 18:33 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-10-14 18:33 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-10-14 18:33 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-10-14 18:33 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-10-14 18:33 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-10-14 18:33 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-10-14 18:33 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-10-14 18:33 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-10-14 18:33 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-10-14 18:33 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-10-14 18:33 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-10-14 18:33 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-10-14 18:33 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-10-14 18:33 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-10-14 18:33 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-10-14 18:33 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-10-14 18:33 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-10-14 18:33 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-10-14 18:33 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-10-14 18:33 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-10-14 18:33 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-10-14 18:33 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-10-14 18:33 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 18:33 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 18:33 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-10-14 18:33 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-10-14 18:33 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-10-14 18:33 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-10-14 18:33 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-10-14 18:33 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-10-14 18:33 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-10-14 18:33 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-10-14 18:33 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-10-14 18:33 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-10-14 18:33 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-10-14 18:33 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-10-14 18:33 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-10-13 18:29 - 2015-10-24 12:18 - 00003758 _____ C:\windows\System32\Tasks\AutoKMS
2015-10-07 16:23 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-10-07 16:23 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-10-07 16:23 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-10-07 16:23 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-10-07 16:23 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-10-07 16:23 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-10-07 16:23 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-10-06 19:07 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-10-06 19:07 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-06 19:07 - 2015-06-03 22:17 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-10-06 19:06 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-10-04 17:14 - 2015-10-05 16:03 - 00157462 _____ C:\windows\PFRO.log
2015-10-04 16:36 - 2015-10-05 00:06 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-04 16:35 - 2015-10-04 16:35 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-04 16:35 - 2015-10-04 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-04 16:35 - 2015-10-04 16:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-04 16:35 - 2015-10-04 16:35 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-10-04 16:35 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-10-04 16:35 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-10-04 16:35 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-10-04 13:55 - 2015-10-04 13:55 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-04 13:41 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2015-10-04 13:41 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-10-04 13:41 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-10-04 13:41 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2015-10-04 13:41 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2015-10-04 13:41 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2015-10-04 13:41 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2015-10-04 13:41 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2015-10-04 13:41 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2015-10-04 13:41 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2015-10-04 13:21 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2015-10-04 13:21 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys
2015-10-04 13:21 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll
2015-10-04 13:21 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll
2015-10-04 13:17 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2015-10-04 13:17 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-10-04 13:11 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-04 13:11 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-01 13:07 - 2015-10-24 16:32 - 00003472 _____ C:\windows\setupact.log
2015-10-01 13:07 - 2015-10-01 13:07 - 00000000 _____ C:\windows\setuperr.log
2015-10-01 00:41 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-10-01 00:41 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2015-10-01 00:41 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2015-10-01 00:41 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2015-10-01 00:41 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2015-10-01 00:41 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2015-10-01 00:41 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2015-10-01 00:41 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2015-10-01 00:41 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2015-10-01 00:41 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2015-10-01 00:41 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2015-10-01 00:41 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2015-10-01 00:41 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2015-10-01 00:40 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-10-01 00:40 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-10-01 00:40 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-10-01 00:40 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2015-10-01 00:40 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2015-09-28 11:38 - 2015-09-30 16:23 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Steganos
2015-09-28 11:38 - 2015-09-30 16:21 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Steganos VPN
2015-09-28 11:37 - 2015-09-30 16:24 - 00000000 ____D C:\Program Files (x86)\Steganos Online Shield

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-24 17:40 - 2015-06-21 20:31 - 00001220 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-183688101-383788575-4159485337-1001UA.job
2015-10-24 17:22 - 2011-08-24 12:51 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-24 16:28 - 2015-06-03 16:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-24 14:22 - 2011-08-24 12:51 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-24 12:42 - 2011-08-24 12:00 - 01979012 _____ C:\windows\WindowsUpdate.log
2015-10-24 12:23 - 2009-07-14 06:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-24 12:23 - 2009-07-14 06:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-24 12:19 - 2011-12-12 22:49 - 00000000 ___RD C:\Users\Lisa\Dropbox
2015-10-24 12:18 - 2011-12-12 22:46 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Dropbox
2015-10-24 12:18 - 2011-08-24 12:55 - 01110345 _____ C:\windows\system32\fastboot.set
2015-10-24 11:58 - 2011-08-19 00:07 - 00699682 _____ C:\windows\system32\perfh007.dat
2015-10-24 11:58 - 2011-08-19 00:07 - 00149790 _____ C:\windows\system32\perfc007.dat
2015-10-24 11:58 - 2009-07-14 07:13 - 01620684 _____ C:\windows\system32\PerfStringBackup.INI
2015-10-24 11:53 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-10-24 03:16 - 2011-11-18 21:25 - 01594964 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-10-23 20:05 - 2012-11-01 17:08 - 00000000 ____D C:\Users\Lisa\Rezepte
2015-10-23 20:04 - 2012-07-11 10:13 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-23 20:04 - 2011-11-21 01:21 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-23 20:02 - 2012-09-11 13:33 - 00000000 ____D C:\windows\Minidump
2015-10-23 14:58 - 2015-06-21 20:31 - 00001168 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-183688101-383788575-4159485337-1001Core.job
2015-10-23 10:12 - 2013-03-06 03:05 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-19 19:47 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-10-19 01:08 - 2015-09-20 17:29 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-19 01:08 - 2015-09-20 17:29 - 00000000 ____D C:\windows\system32\appraiser
2015-10-18 12:31 - 2014-03-30 13:46 - 00000000 ____D C:\windows\system32\MRT
2015-10-18 12:15 - 2012-03-20 17:40 - 143481208 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-10-18 12:14 - 2014-12-21 20:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-18 12:14 - 2011-11-18 21:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-18 12:08 - 2009-07-14 04:34 - 00000502 _____ C:\windows\win.ini
2015-10-14 17:51 - 2011-11-20 21:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-13 18:29 - 2014-08-15 18:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 18:29 - 2012-10-16 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-10 00:36 - 2015-09-20 13:20 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-10-10 00:36 - 2015-09-20 13:20 - 00000000 ___SD C:\windows\system32\GWX
2015-10-08 13:45 - 2011-11-18 21:12 - 00000000 ____D C:\Users\Lisa
2015-10-08 13:43 - 2012-11-01 17:11 - 00000000 ___RD C:\Users\Lisa\Desktop\Uni Köln
2015-10-08 13:41 - 2012-08-24 23:13 - 00102912 ___SH C:\Users\Lisa\Thumbs.db
2015-10-04 17:15 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-04 17:11 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-10-04 13:26 - 2011-08-24 12:11 - 00000000 ____D C:\Program Files (x86)\Intel
2015-10-04 12:46 - 2011-08-24 12:39 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-10-04 12:40 - 2012-10-27 15:00 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-10-04 12:40 - 2012-10-27 14:59 - 00000000 ____D C:\ProgramData\Cisco
2015-10-01 00:48 - 2011-11-21 17:41 - 00000000 ___RD C:\Users\Lisa\Desktop\Eigene Musik
2015-09-30 22:20 - 2014-09-03 14:35 - 00000000 ____D C:\Users\Lisa\Basteln
2015-09-29 20:32 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2015-09-27 20:48 - 2011-11-18 21:15 - 00000000 ____D C:\Users\Lisa\AppData\Local\Google
2015-09-27 15:48 - 2013-05-07 16:24 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-09-27 15:48 - 2013-03-20 11:53 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-15 19:09 - 2013-06-16 01:27 - 0004608 _____ () C:\Users\Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-30 01:08 - 2015-09-20 13:53 - 0007593 _____ () C:\Users\Lisa\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\avgnt.exe
C:\Users\Lisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpucfc9c.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-21 17:53

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-10-2015
durchgeführt von Lisa (2015-10-24 18:02:17)
Gestartet von C:\Users\Lisa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-11-18 19:12:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-183688101-383788575-4159485337-500 - Administrator - Disabled)
fbwuser42F4 (S-1-5-21-183688101-383788575-4159485337-1005 - Limited - Enabled)
fbwuser9FE8 (S-1-5-21-183688101-383788575-4159485337-1003 - Limited - Enabled)
fbwuserD868 (S-1-5-21-183688101-383788575-4159485337-1004 - Limited - Enabled)
Gast (S-1-5-21-183688101-383788575-4159485337-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-183688101-383788575-4159485337-1002 - Limited - Enabled)
Lisa (S-1-5-21-183688101-383788575-4159485337-1001 - Administrator - Enabled) => C:\Users\Lisa

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-183688101-383788575-4159485337-1001\...\Amazon Kindle) (Version:  - Amazon)
Any Video Converter 5 5.0.3 (HKLM-x32\...\Any Video Converter 5_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
BioExcess (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.67.0 - Egis Technology Inc.)
BioExcess (Version: 7.0.67.0 - Egis Technology Inc.) Hidden
BioExcess (x32 Version: 7.0.67.0 - Egis Technology Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Citrix XenApp Web Plugin (HKLM-x32\...\{C0B165DC-F037-483F-B1C9-D89D91529CEB}) (Version: 11.0.150.5357 - Citrix Systems, Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3623 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-183688101-383788575-4159485337-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
DVDStyler v2.5.2 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
EgisTec ES603 WDM Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.0.10.4 - Egis Technology Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.1 - Lenovo)
Energy Management (x32 Version: 6.0.2.1 - Lenovo) Hidden
ES603 WDM Driver (x32 Version: 3.0.10.4 - Egis Technology Inc.) Hidden
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free MP4 Video Converter version 5.0.25.610 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.25.610 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.3.610 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.3.610 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.11.0209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo Security Suite (HKLM-x32\...\InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}) (Version: 2.0.11.0 - Lenovo)
Lenovo Security Suite (x32 Version: 2.0.11.0 - Lenovo) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Port Locker (HKLM-x32\...\InstallShield_{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}) (Version: 1.0.5.24 - Egis Technology Inc.)
Port Locker (Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Port Locker (x32 Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6282 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated)
System Explorer 4.7.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XP Codec Pack (HKLM-x32\...\XP Codec Pack) (Version: 2.5.7 - XP Codec Pack team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-183688101-383788575-4159485337-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

10-10-2015 00:35:09 Windows Update
18-10-2015 11:43:12 Windows Update
24-10-2015 03:14:03 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0BC3C36C-030C-4D19-844A-4DB18C485240} - System32\Tasks\{0B343C43-5C2D-43E7-980C-BAF469CD3C70} => C:\Users\Lisa\AppData\Local\Amazon\Kindle\application\Kindle.exe [2012-12-04] (Amazon.com)
Task: {19D61668-D321-4FA4-9A63-119E10CB8000} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {32F65C4B-E5AC-496C-A115-0263C6695699} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {34C7BEA7-2C23-4AA8-A67D-9729F294B98E} - System32\Tasks\{3D3BEE55-C59B-4F07-9F43-91C691FBDE86} => C:\Users\Lisa\AppData\Local\Amazon\Kindle\application\Kindle.exe [2012-12-04] (Amazon.com)
Task: {46B7A3BC-6F72-43FC-AB9C-59FDC688FE32} - System32\Tasks\{E51A522C-89DB-4AD5-AD08-C6D93183EEFB} => pcalua.exe -a C:\Users\Lisa\Downloads\AudioBookConverter_018_Setup.exe -d C:\Users\Lisa\Downloads
Task: {5150ABAE-5614-4B43-AA8F-96303B565D21} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {59431150-962E-48FA-8F37-DE378EDBAC65} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-24] (CyberLink)
Task: {6DD0E5D9-EACC-4E9B-9A61-4E18D7F53DC0} - System32\Tasks\{E5635BFB-822B-4E36-8A75-F96747A49237} => pcalua.exe -a C:\Users\Lisa\Downloads\Sunbird_Setup_1.0_Beta_1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {7FECAAB0-E02A-4A92-A508-B666CFDCA31A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-183688101-383788575-4159485337-1001Core => C:\Users\Lisa\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {915063AE-8747-4D64-A1C1-92BC8F94E779} - System32\Tasks\{CD87401F-63FF-495B-BD63-7691A114976D} => C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
Task: {A7260CC0-6894-4E3E-AE8C-5B23F09B1849} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BF901E49-5A45-4C20-9A61-A92CEA2BABF4} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-12-21] ()
Task: {E556239E-F0A0-40AA-8548-513857499390} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-183688101-383788575-4159485337-1001UA => C:\Users\Lisa\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {EDB19AFB-67AD-4B72-B3FF-A9AFC838DE75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {F03A900C-841E-40DE-AC60-B24712150123} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-183688101-383788575-4159485337-1001Core.job => C:\Users\Lisa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-183688101-383788575-4159485337-1001UA.job => C:\Users\Lisa\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2009-01-21 18:45 - 2009-01-21 18:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec BioExcess\x64\LIBEAY32.dll
2011-12-05 19:23 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2008-12-20 05:20 - 2011-08-24 12:53 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2011-08-24 12:53 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-04-15 07:28 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-08-19 19:10 - 2015-08-19 19:10 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-24 12:18 - 2015-10-24 12:18 - 00071168 _____ () c:\users\lisa\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpucfc9c.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012800 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00779776 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 10:58 - 2015-09-24 01:07 - 00056320 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012288 _____ () C:\Users\Lisa\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Lisa\Desktop\filofax:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

IE trusted site: HKU\S-1-5-21-183688101-383788575-4159485337-1001\...\internet -> internet
IE trusted site: HKU\S-1-5-21-183688101-383788575-4159485337-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-183688101-383788575-4159485337-1001\...\mcafee.com -> hxxps://mcafee.com

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-183688101-383788575-4159485337-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lisa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Lisa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Lisa\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PLTSR => "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SOS_Agent => "C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe" -agent
MSCONFIG\startupreg: Spotify => "C:\Users\Lisa\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lisa\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: UpdateP2GShortCut => "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{64078CE7-36CD-48F5-827C-8CF60805465B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F71D4C5C-1436-424D-8E5D-B34A856A32DC}] => (Allow) LPort=2869
FirewallRules: [{CE283CD0-68C6-4346-8C5A-D955ED1F6494}] => (Allow) LPort=1900
FirewallRules: [{9500822E-9F88-4960-9452-B9EE4C5266CC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4456A87E-410E-4E9A-8E10-5EABD17E2A30}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C94D9ED6-0A15-41A8-88D5-2A1A0AF24C99}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{92B32C7D-3167-495C-AC4D-1335F0B57B6C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{39F1D228-5022-4CDD-9986-92C82EAD83E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B4B4B539-0D7B-4754-8C88-EA2C9B142B8A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A75A59D5-C359-4D05-A576-3E347B0EE4B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7CAEF7B8-0285-478C-8F9B-366F5D3496D2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B6B03F14-D8D1-4EA9-8B38-ABEAF38ABC00}] => (Allow) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A5176C95-8B4C-4A29-856B-1669A0A313B2}] => (Allow) C:\Users\Lisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{FC4F20F6-538A-40CD-BA55-DFCFF3C8F3F7}C:\users\lisa\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lisa\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BD119390-038B-47CB-98F2-FBA041BC758B}C:\users\lisa\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\lisa\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{D1129C60-1BBA-45F9-838B-14BB473D37DC}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F9B57001-A59E-45B0-864E-202696DF0F90}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{DE8FA572-781D-4102-9F18-DE3A22D3CC99}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{667B2014-E67A-4BA5-B256-55A8722B0757}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4CD01CB0-84AB-43A0-9676-F298057D763C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{4BDE1C41-E212-4393-896F-168384370A96}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8C8D4EF5-CB1C-4563-B3DC-1FFFC6FE1DB0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B0E6800E-B2E1-49E5-9F1B-084D6A3AC660}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F256ED23-FC45-4837-AFC7-1E222BE00800}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8F8DAAAC-B0EB-474B-BD3B-F06216DC1B33}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B247A9CC-1745-4F4E-9152-BB1CCDB0A14B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{041968BB-6417-4721-9D03-735A04AC0DC0}] => (Allow) C:\Users\Lisa\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe
FirewallRules: [{46B68AA8-8E31-4072-925E-9696B3C52770}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{377405A1-CEC7-4698-91DE-41BB5E84BC9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B3EBDBD-3444-4871-BCC6-13984B50D54B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Broadcom Bluetooth 2.1 USB
Description: Broadcom Bluetooth 2.1 USB
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/24/2015 11:54:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2015 08:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EgisTSR.exe, Version: 7.0.43.0, Zeitstempel: 0x4d064023
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00025e37
ID des fehlerhaften Prozesses: 0xde0
Startzeit der fehlerhaften Anwendung: 0xEgisTSR.exe0
Pfad der fehlerhaften Anwendung: EgisTSR.exe1
Pfad des fehlerhaften Moduls: EgisTSR.exe2
Berichtskennung: EgisTSR.exe3

Error: (10/23/2015 08:03:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2015 11:07:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1061

Error: (10/23/2015 11:07:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1061

Error: (10/23/2015 11:07:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2015 01:58:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067

Error: (10/23/2015 01:58:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7067

Error: (10/23/2015 01:58:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2015 01:58:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6069


Systemfehler:
=============
Error: (10/23/2015 08:08:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (10/23/2015 08:04:02 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (10/23/2015 08:02:29 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff800039a2c08, 0xfffff88009ac38d8, 0xfffff88009ac3130)C:\windows\MEMORY.DMP102315-21996-01

Error: (10/23/2015 08:02:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎10.‎2015 um 20:01:07 unerwartet heruntergefahren.

Error: (10/19/2015 01:10:47 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Modules Installer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (10/17/2015 02:05:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst EgisTec Service erreicht.

Error: (10/13/2015 11:21:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (10/13/2015 07:19:40 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{A80EC356-7488-42E8-949A-ABD8CC413FEF}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (10/13/2015 06:27:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/13/2015 06:27:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMService erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 4010.17 MB
Verfügbarer physikalischer RAM: 1797.93 MB
Summe virtueller Speicher: 8018.55 MB
Verfügbarer virtueller Speicher: 5382.98 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:421.81 GB) (Free:297.85 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.87 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A34C3D58)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== Ende von Addition.txt ============================
         
Liebe Grüße, lillisam
__________________

Alt 24.10.2015, 17:34   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Hi,

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 24.10.2015, 19:04   #5
lillisam
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Hi,

hier der Report des TDSSKiller Scans

Code:
ATTFilter
20:00:33.0360 0x0d84  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:00:39.0994 0x0d84  ============================================================
20:00:39.0994 0x0d84  Current date / time: 2015/10/24 20:00:39.0994
20:00:39.0994 0x0d84  SystemInfo:
20:00:39.0994 0x0d84  
20:00:39.0995 0x0d84  OS Version: 6.1.7601 ServicePack: 1.0
20:00:39.0995 0x0d84  Product type: Workstation
20:00:39.0995 0x0d84  ComputerName: LISA-PC
20:00:39.0995 0x0d84  UserName: Lisa
20:00:39.0995 0x0d84  Windows directory: C:\windows
20:00:39.0995 0x0d84  System windows directory: C:\windows
20:00:39.0995 0x0d84  Running under WOW64
20:00:39.0995 0x0d84  Processor architecture: Intel x64
20:00:39.0995 0x0d84  Number of processors: 2
20:00:39.0995 0x0d84  Page size: 0x1000
20:00:39.0995 0x0d84  Boot type: Normal boot
20:00:39.0996 0x0d84  ============================================================
20:00:40.0893 0x0d84  KLMD registered as C:\windows\system32\drivers\76758030.sys
20:00:42.0107 0x0d84  System UUID: {058B9083-614F-EDAD-FDDD-208725B0782D}
20:00:43.0595 0x0d84  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:00:43.0604 0x0d84  ============================================================
20:00:43.0604 0x0d84  \Device\Harddisk0\DR0:
20:00:43.0604 0x0d84  MBR partitions:
20:00:43.0604 0x0d84  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
20:00:43.0604 0x0d84  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
20:00:43.0643 0x0d84  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
20:00:43.0643 0x0d84  ============================================================
20:00:43.0695 0x0d84  C: <-> \Device\Harddisk0\DR0\Partition2
20:00:43.0734 0x0d84  D: <-> \Device\Harddisk0\DR0\Partition3
20:00:43.0734 0x0d84  ============================================================
20:00:43.0735 0x0d84  Initialize success
20:00:43.0735 0x0d84  ============================================================
20:01:48.0305 0x15bc  ============================================================
20:01:48.0305 0x15bc  Scan started
20:01:48.0305 0x15bc  Mode: Manual; SigCheck; TDLFS; 
20:01:48.0305 0x15bc  ============================================================
20:01:48.0305 0x15bc  KSN ping started
20:01:50.0840 0x15bc  KSN ping finished: true
20:01:52.0463 0x15bc  ================ Scan system memory ========================
20:01:52.0463 0x15bc  System memory - ok
20:01:52.0464 0x15bc  ================ Scan services =============================
20:01:52.0651 0x15bc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
20:01:52.0741 0x15bc  1394ohci - ok
20:01:52.0789 0x15bc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:01:52.0811 0x15bc  ACPI - ok
20:01:52.0833 0x15bc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
20:01:52.0868 0x15bc  AcpiPmi - ok
20:01:52.0912 0x15bc  [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC         C:\windows\system32\DRIVERS\AcpiVpc.sys
20:01:52.0942 0x15bc  ACPIVPC - ok
20:01:53.0064 0x15bc  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:01:53.0083 0x15bc  AdobeARMservice - ok
20:01:53.0156 0x15bc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
20:01:53.0192 0x15bc  adp94xx - ok
20:01:53.0235 0x15bc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
20:01:53.0256 0x15bc  adpahci - ok
20:01:53.0307 0x15bc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
20:01:53.0326 0x15bc  adpu320 - ok
20:01:53.0356 0x15bc  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
20:01:53.0373 0x15bc  AeLookupSvc - ok
20:01:53.0422 0x15bc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
20:01:53.0456 0x15bc  AFD - ok
20:01:53.0486 0x15bc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
20:01:53.0498 0x15bc  agp440 - ok
20:01:53.0539 0x15bc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
20:01:53.0556 0x15bc  ALG - ok
20:01:53.0612 0x15bc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
20:01:53.0637 0x15bc  aliide - ok
20:01:53.0651 0x15bc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
20:01:53.0664 0x15bc  amdide - ok
20:01:53.0683 0x15bc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
20:01:53.0699 0x15bc  AmdK8 - ok
20:01:53.0718 0x15bc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
20:01:53.0733 0x15bc  AmdPPM - ok
20:01:53.0759 0x15bc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
20:01:53.0774 0x15bc  amdsata - ok
20:01:53.0795 0x15bc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:01:53.0812 0x15bc  amdsbs - ok
20:01:53.0824 0x15bc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
20:01:53.0837 0x15bc  amdxata - ok
20:01:53.0969 0x15bc  [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:01:54.0008 0x15bc  AntiVirMailService - ok
20:01:54.0085 0x15bc  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:01:54.0110 0x15bc  AntiVirSchedulerService - ok
20:01:54.0157 0x15bc  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:01:54.0185 0x15bc  AntiVirService - ok
20:01:54.0303 0x15bc  [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:01:54.0349 0x15bc  AntiVirWebService - ok
20:01:54.0409 0x15bc  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\windows\system32\drivers\appid.sys
20:01:54.0446 0x15bc  AppID - ok
20:01:54.0463 0x15bc  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:01:54.0479 0x15bc  AppIDSvc - ok
20:01:54.0515 0x15bc  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\windows\System32\appinfo.dll
20:01:54.0532 0x15bc  Appinfo - ok
20:01:54.0583 0x15bc  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:01:54.0603 0x15bc  Apple Mobile Device - ok
20:01:54.0637 0x15bc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
20:01:54.0656 0x15bc  arc - ok
20:01:54.0662 0x15bc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:01:54.0676 0x15bc  arcsas - ok
20:01:54.0805 0x15bc  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:01:54.0840 0x15bc  aspnet_state - ok
20:01:54.0876 0x15bc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:01:54.0926 0x15bc  AsyncMac - ok
20:01:54.0963 0x15bc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
20:01:55.0042 0x15bc  atapi - ok
20:01:55.0267 0x15bc  [ 782D36BAD8DDBF008D02E055DBE70F82, AFB7A4B52C86A9CA48ED46A2CE5415119F1C75912A0E233EF1CAE120DA534CAE ] athr            C:\windows\system32\DRIVERS\athrx.sys
20:01:55.0360 0x15bc  athr - ok
20:01:55.0452 0x15bc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:01:55.0509 0x15bc  AudioEndpointBuilder - ok
20:01:55.0533 0x15bc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
20:01:55.0567 0x15bc  AudioSrv - ok
20:01:55.0646 0x15bc  [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
20:01:55.0680 0x15bc  avgntflt - ok
20:01:55.0708 0x15bc  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
20:01:55.0726 0x15bc  avipbb - ok
20:01:55.0824 0x15bc  [ 76648BCBEB840B391E85DAD2DC04FFC9, F30FC3CB49DE1B79E8EFA78ED4679E870ADD17B3101219A1EC2D18DDE7712F66 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:01:55.0861 0x15bc  Avira.ServiceHost - ok
20:01:55.0908 0x15bc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
20:01:55.0919 0x15bc  avkmgr - ok
20:01:55.0945 0x15bc  [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt        C:\windows\system32\DRIVERS\avnetflt.sys
20:01:55.0960 0x15bc  avnetflt - ok
20:01:55.0992 0x15bc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:01:56.0018 0x15bc  AxInstSV - ok
20:01:56.0071 0x15bc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
20:01:56.0110 0x15bc  b06bdrv - ok
20:01:56.0158 0x15bc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
20:01:56.0185 0x15bc  b57nd60a - ok
20:01:56.0215 0x15bc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
20:01:56.0233 0x15bc  BDESVC - ok
20:01:56.0260 0x15bc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
20:01:56.0320 0x15bc  Beep - ok
20:01:56.0387 0x15bc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
20:01:56.0429 0x15bc  BFE - ok
20:01:56.0487 0x15bc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
20:01:56.0589 0x15bc  BITS - ok
20:01:56.0610 0x15bc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
20:01:56.0625 0x15bc  blbdrive - ok
20:01:56.0682 0x15bc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:01:56.0707 0x15bc  Bonjour Service - ok
20:01:56.0730 0x15bc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:01:56.0754 0x15bc  bowser - ok
20:01:56.0818 0x15bc  [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv         C:\windows\system32\drivers\BPntDrv.sys
20:01:56.0842 0x15bc  BPntDrv - ok
20:01:56.0871 0x15bc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
20:01:56.0894 0x15bc  BrFiltLo - ok
20:01:56.0903 0x15bc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
20:01:56.0924 0x15bc  BrFiltUp - ok
20:01:56.0989 0x15bc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
20:01:57.0010 0x15bc  Browser - ok
20:01:57.0037 0x15bc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
20:01:57.0060 0x15bc  Brserid - ok
20:01:57.0087 0x15bc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
20:01:57.0107 0x15bc  BrSerWdm - ok
20:01:57.0125 0x15bc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
20:01:57.0143 0x15bc  BrUsbMdm - ok
20:01:57.0168 0x15bc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
20:01:57.0183 0x15bc  BrUsbSer - ok
20:01:57.0243 0x15bc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
20:01:57.0288 0x15bc  BthEnum - ok
20:01:57.0320 0x15bc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
20:01:57.0356 0x15bc  BTHMODEM - ok
20:01:57.0387 0x15bc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
20:01:57.0408 0x15bc  BthPan - ok
20:01:57.0485 0x15bc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
20:01:57.0546 0x15bc  BTHPORT - ok
20:01:57.0579 0x15bc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
20:01:57.0632 0x15bc  bthserv - ok
20:01:57.0654 0x15bc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
20:01:57.0670 0x15bc  BTHUSB - ok
20:01:57.0740 0x15bc  [ A0DFB69ADE3444C78B17636FCF28E898, 21B1E76F056C2AFD5DEAFD620D2F90F4F617F8E76A88CEA2196E69D2CFBEE88B ] BTWAMPFL        C:\windows\system32\DRIVERS\btwampfl.sys
20:01:57.0769 0x15bc  BTWAMPFL - ok
20:01:57.0782 0x15bc  [ 7CF028CE78696882B327FF13D2DFA534, 624C88C3CB511DE5F8279B7E982632F81FDFCAC8F2B038B69FEB686400E0C4F8 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
20:01:57.0795 0x15bc  btwaudio - ok
20:01:57.0823 0x15bc  [ 3DEF2370E414B4E299673558BA171A51, 5A0923D9F941ABD34EC9BEE0EB62A62F135CBF128061239CC6EA0E6752791636 ] btwavdt         C:\windows\system32\drivers\btwavdt.sys
20:01:57.0837 0x15bc  btwavdt - ok
20:01:57.0938 0x15bc  [ 3D5E7FB2CB69A6186C7954C0859173F4, B6697707EAAA99E04DBB8525DBEA227F9B8BC09F8A41EFD053EF749DFB8C71F7 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
20:01:57.0986 0x15bc  btwdins - ok
20:01:58.0015 0x15bc  [ 346B4051B3D7FF70E8F027869B8ECA6E, 7C0485F592368016C6BAB8B1BC24C89454D4B305C3E6DFB8AAF4CDB26062D4EB ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
20:01:58.0026 0x15bc  btwl2cap - ok
20:01:58.0053 0x15bc  [ 9937E0E4DFC0030560A6DFE9D3A94B39, 0B9CF1932D4534BD7B1F5D7B7BD5FBF9C8D156838D24ABBDE475E79EEF1150F1 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
20:01:58.0063 0x15bc  btwrchid - ok
20:01:58.0235 0x15bc  [ 68BD23A0AD9E934F037A1D8A1929D1E2, 7104B04435930D085D01779065C8F293A265800D90C9DEFB19C998D9326E44E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:01:58.0297 0x15bc  c2cautoupdatesvc - ok
20:01:58.0426 0x15bc  [ 13297729C696656F990A5DBA53023129, EB2B34B04B79756199DBBBDE99ACBB576D20C7C0AF3E4F3C0CF0040948216AAC ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:01:58.0499 0x15bc  c2cpnrsvc - ok
20:01:58.0550 0x15bc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:01:58.0594 0x15bc  cdfs - ok
20:01:58.0618 0x15bc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
20:01:58.0638 0x15bc  cdrom - ok
20:01:58.0684 0x15bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
20:01:58.0753 0x15bc  CertPropSvc - ok
20:01:58.0788 0x15bc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
20:01:58.0808 0x15bc  circlass - ok
20:01:58.0871 0x15bc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
20:01:58.0899 0x15bc  CLFS - ok
20:01:59.0007 0x15bc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:59.0037 0x15bc  clr_optimization_v2.0.50727_32 - ok
20:01:59.0085 0x15bc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:01:59.0104 0x15bc  clr_optimization_v2.0.50727_64 - ok
20:01:59.0207 0x15bc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:01:59.0276 0x15bc  clr_optimization_v4.0.30319_32 - ok
20:01:59.0313 0x15bc  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:01:59.0350 0x15bc  clr_optimization_v4.0.30319_64 - ok
20:01:59.0379 0x15bc  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\windows\system32\DRIVERS\clwvd.sys
20:01:59.0392 0x15bc  clwvd - ok
20:01:59.0413 0x15bc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
20:01:59.0428 0x15bc  CmBatt - ok
20:01:59.0441 0x15bc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
20:01:59.0452 0x15bc  cmdide - ok
20:01:59.0507 0x15bc  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
20:01:59.0542 0x15bc  CNG - ok
20:01:59.0578 0x15bc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
20:01:59.0590 0x15bc  Compbatt - ok
20:01:59.0628 0x15bc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
20:01:59.0647 0x15bc  CompositeBus - ok
20:01:59.0658 0x15bc  COMSysApp - ok
20:01:59.0661 0x07fc  Object required for P2P: [ 76648BCBEB840B391E85DAD2DC04FFC9 ] Avira.ServiceHost
20:01:59.0784 0x15bc  [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
20:01:59.0835 0x15bc  cphs - ok
20:01:59.0869 0x15bc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
20:01:59.0883 0x15bc  crcdisk - ok
20:01:59.0941 0x15bc  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:01:59.0978 0x15bc  CryptSvc - ok
20:02:00.0036 0x15bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
20:02:00.0095 0x15bc  DcomLaunch - ok
20:02:00.0136 0x15bc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
20:02:00.0186 0x15bc  defragsvc - ok
20:02:00.0225 0x15bc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
20:02:00.0265 0x15bc  DfsC - ok
20:02:00.0313 0x15bc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:02:00.0344 0x15bc  Dhcp - ok
20:02:00.0467 0x15bc  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\windows\system32\diagtrack.dll
20:02:00.0534 0x15bc  DiagTrack - ok
20:02:00.0555 0x15bc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
20:02:00.0595 0x15bc  discache - ok
20:02:00.0635 0x15bc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
20:02:00.0649 0x15bc  Disk - ok
20:02:00.0684 0x15bc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:02:00.0719 0x15bc  Dnscache - ok
20:02:00.0738 0x15bc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
20:02:00.0788 0x15bc  dot3svc - ok
20:02:00.0815 0x15bc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
20:02:00.0859 0x15bc  DPS - ok
20:02:00.0915 0x15bc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
20:02:00.0945 0x15bc  drmkaud - ok
20:02:01.0018 0x15bc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
20:02:01.0067 0x15bc  DXGKrnl - ok
20:02:01.0121 0x15bc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
20:02:01.0179 0x15bc  EapHost - ok
20:02:01.0345 0x15bc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
20:02:01.0510 0x15bc  ebdrv - ok
20:02:01.0555 0x15bc  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS             C:\windows\System32\lsass.exe
20:02:01.0584 0x15bc  EFS - ok
20:02:01.0683 0x15bc  [ 2C1A297638E4319179A1112D4D6522B8, A5A9A82245D631EE50C9F5BF22C85B18E4BAABAB1C559E1833164578C2EC618F ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
20:02:01.0719 0x15bc  EgisTec Service - ok
20:02:01.0764 0x15bc  [ 0AC3BAA7DF250C76DD9BCFC51565CB5F, 018F0DABF6B948E39423CE899BEFC864240402D5F31B86BEAD655ABEF4AFAFC3 ] EgisTec Service Help C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
20:02:01.0786 0x15bc  EgisTec Service Help - ok
20:02:01.0877 0x15bc  [ 7745AAFFB61438C28C75E18CE98D4E64, 236FFA327A6EC1DB952B23ECAAA4969241F15376D374CDFD39916E1C0882B216 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
20:02:01.0914 0x15bc  EgisTec Ticket Service - ok
20:02:01.0936 0x15bc  [ 33708C6D915F8DE734CF3ABB0731515B, AE4FFC410C0A90C94C196E04DEACD0E707750D14DEC460D6DD79140320FE62B0 ] EgisTecFF       C:\windows\system32\DRIVERS\EgisTecFF.sys
20:02:01.0947 0x15bc  EgisTecFF - ok
20:02:02.0012 0x15bc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
20:02:02.0065 0x15bc  ehRecvr - ok
20:02:02.0095 0x15bc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
20:02:02.0114 0x15bc  ehSched - ok
20:02:02.0165 0x15bc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
20:02:02.0197 0x15bc  elxstor - ok
20:02:02.0217 0x15bc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
20:02:02.0231 0x15bc  ErrDev - ok
20:02:02.0301 0x15bc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
20:02:02.0358 0x15bc  EventSystem - ok
20:02:02.0382 0x15bc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
20:02:02.0428 0x15bc  exfat - ok
20:02:02.0442 0x15bc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
20:02:02.0488 0x15bc  fastfat - ok
20:02:02.0540 0x15bc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
20:02:02.0579 0x15bc  Fax - ok
20:02:02.0618 0x15bc  [ 3191ACA33088EE2481044FC0DB736442, 9311069BCA14FB7D5FDFFDB29566D045AB55A8657574C8BD864F8ED9527DEAF5 ] fbfmon          C:\windows\system32\drivers\fbfmon.sys
20:02:02.0630 0x15bc  fbfmon - ok
20:02:02.0650 0x15bc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
20:02:02.0665 0x15bc  fdc - ok
20:02:02.0688 0x15bc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
20:02:02.0729 0x15bc  fdPHost - ok
20:02:02.0758 0x15bc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
20:02:02.0800 0x15bc  FDResPub - ok
20:02:02.0811 0x07fc  Object send P2P result: true
20:02:02.0823 0x15bc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:02:02.0840 0x15bc  FileInfo - ok
20:02:02.0865 0x15bc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
20:02:02.0903 0x15bc  Filetrace - ok
20:02:02.0920 0x15bc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
20:02:02.0934 0x15bc  flpydisk - ok
20:02:02.0967 0x15bc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:02:02.0997 0x15bc  FltMgr - ok
20:02:03.0099 0x15bc  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\windows\system32\FntCache.dll
20:02:03.0168 0x15bc  FontCache - ok
20:02:03.0214 0x15bc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:02:03.0238 0x15bc  FontCache3.0.0.0 - ok
20:02:03.0268 0x15bc  [ 1899D0FB4C5AD0D6D0BFA258C54903F7, 017090A7DB940CA65A713415B922F36FA7E10EAD226ECB9350ED1D43FD625E0F ] FPSensor        C:\windows\system32\Drivers\FPSensor.sys
20:02:03.0282 0x15bc  FPSensor - ok
20:02:03.0295 0x15bc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
20:02:03.0308 0x15bc  FsDepends - ok
20:02:03.0333 0x15bc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:02:03.0346 0x15bc  Fs_Rec - ok
20:02:03.0399 0x15bc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:02:03.0423 0x15bc  fvevol - ok
20:02:03.0450 0x15bc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
20:02:03.0465 0x15bc  gagp30kx - ok
20:02:03.0506 0x15bc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:02:03.0529 0x15bc  GEARAspiWDM - ok
20:02:03.0597 0x15bc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
20:02:03.0672 0x15bc  gpsvc - ok
20:02:03.0757 0x15bc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:02:03.0780 0x15bc  gupdate - ok
20:02:03.0806 0x15bc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:02:03.0821 0x15bc  gupdatem - ok
20:02:03.0842 0x15bc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
20:02:03.0870 0x15bc  hcw85cir - ok
20:02:03.0904 0x15bc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:02:03.0933 0x15bc  HdAudAddService - ok
20:02:03.0977 0x15bc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
20:02:03.0999 0x15bc  HDAudBus - ok
20:02:04.0025 0x15bc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
20:02:04.0041 0x15bc  HidBatt - ok
20:02:04.0058 0x15bc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
20:02:04.0079 0x15bc  HidBth - ok
20:02:04.0111 0x15bc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
20:02:04.0132 0x15bc  HidIr - ok
20:02:04.0163 0x15bc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
20:02:04.0232 0x15bc  hidserv - ok
20:02:04.0277 0x15bc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
20:02:04.0305 0x15bc  HidUsb - ok
20:02:04.0343 0x15bc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:02:04.0410 0x15bc  hkmsvc - ok
20:02:04.0427 0x15bc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:02:04.0456 0x15bc  HomeGroupListener - ok
20:02:04.0480 0x15bc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:02:04.0501 0x15bc  HomeGroupProvider - ok
20:02:04.0536 0x15bc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:02:04.0550 0x15bc  HpSAMD - ok
20:02:04.0629 0x15bc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:02:04.0685 0x15bc  HTTP - ok
20:02:04.0723 0x15bc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:02:04.0737 0x15bc  hwpolicy - ok
20:02:04.0769 0x15bc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
20:02:04.0787 0x15bc  i8042prt - ok
20:02:04.0828 0x15bc  [ 53CC5BF8B5A219119953C7ABB19A7705, F342A9732978D893729EA2591CB72E5F5BD1B3E6C9E4DBFFE54EC866E534A8C0 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
20:02:04.0851 0x15bc  iaStor - ok
20:02:04.0898 0x15bc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
20:02:04.0924 0x15bc  iaStorV - ok
20:02:05.0053 0x15bc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:02:05.0101 0x15bc  idsvc - ok
20:02:05.0106 0x15bc  IEEtwCollectorService - ok
20:02:05.0354 0x15bc  [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
20:02:05.0706 0x15bc  igfx - ok
20:02:05.0735 0x15bc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
20:02:05.0747 0x15bc  iirsp - ok
20:02:05.0822 0x15bc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
20:02:05.0866 0x15bc  IKEEXT - ok
20:02:06.0016 0x15bc  [ 03076F51AF9F78A272CCCDE03E9340CE, 60B6B236618FD8A0ACCC17EB086F0573A5CC4FFE78CE26702981580D5F68FB0D ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:02:06.0117 0x15bc  IntcAzAudAddService - ok
20:02:06.0172 0x15bc  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
20:02:06.0209 0x15bc  IntcDAud - ok
20:02:06.0247 0x15bc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
20:02:06.0259 0x15bc  intelide - ok
20:02:06.0287 0x15bc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
20:02:06.0305 0x15bc  intelppm - ok
20:02:06.0338 0x15bc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
20:02:06.0382 0x15bc  IPBusEnum - ok
20:02:06.0405 0x15bc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:02:06.0445 0x15bc  IpFilterDriver - ok
20:02:06.0507 0x15bc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:02:06.0542 0x15bc  iphlpsvc - ok
20:02:06.0566 0x15bc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
20:02:06.0583 0x15bc  IPMIDRV - ok
20:02:06.0605 0x15bc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
20:02:06.0649 0x15bc  IPNAT - ok
20:02:06.0781 0x15bc  [ 6E50CFA46527B39015B750AAD161C5CC, 93F99EF7771C56EBE41FBC0C668F686644FBDF94E31456D3F5A9A8AE2F70EAB6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:02:06.0824 0x15bc  iPod Service - ok
20:02:06.0862 0x15bc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:02:06.0902 0x15bc  IRENUM - ok
20:02:06.0934 0x15bc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:02:06.0955 0x15bc  isapnp - ok
20:02:07.0013 0x15bc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
20:02:07.0037 0x15bc  iScsiPrt - ok
20:02:07.0079 0x15bc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
20:02:07.0121 0x15bc  kbdclass - ok
20:02:07.0138 0x15bc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
20:02:07.0156 0x15bc  kbdhid - ok
20:02:07.0167 0x15bc  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso          C:\windows\system32\lsass.exe
20:02:07.0182 0x15bc  KeyIso - ok
20:02:07.0229 0x15bc  [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:02:07.0265 0x15bc  KSecDD - ok
20:02:07.0290 0x15bc  [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
20:02:07.0312 0x15bc  KSecPkg - ok
20:02:07.0343 0x15bc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
20:02:07.0421 0x15bc  ksthunk - ok
20:02:07.0459 0x15bc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
20:02:07.0512 0x15bc  KtmRm - ok
20:02:07.0577 0x15bc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
20:02:07.0643 0x15bc  LanmanServer - ok
20:02:07.0682 0x15bc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:02:07.0726 0x15bc  LanmanWorkstation - ok
20:02:07.0761 0x15bc  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\windows\system32\DRIVERS\LhdX64.sys
20:02:07.0787 0x15bc  LHDmgr - ok
20:02:07.0828 0x15bc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:02:07.0890 0x15bc  lltdio - ok
20:02:07.0926 0x15bc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
20:02:07.0987 0x15bc  lltdsvc - ok
20:02:08.0006 0x15bc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
20:02:08.0046 0x15bc  lmhosts - ok
20:02:08.0115 0x15bc  [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:02:08.0141 0x15bc  LMS - ok
20:02:08.0190 0x15bc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
20:02:08.0221 0x15bc  LSI_FC - ok
20:02:08.0239 0x15bc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
20:02:08.0256 0x15bc  LSI_SAS - ok
20:02:08.0271 0x15bc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
20:02:08.0284 0x15bc  LSI_SAS2 - ok
20:02:08.0317 0x15bc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
20:02:08.0332 0x15bc  LSI_SCSI - ok
20:02:08.0356 0x15bc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
20:02:08.0400 0x15bc  luafv - ok
20:02:08.0442 0x15bc  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
20:02:08.0452 0x15bc  MBAMProtector - ok
20:02:08.0551 0x15bc  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:02:08.0598 0x15bc  MBAMService - ok
20:02:08.0641 0x15bc  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
20:02:08.0667 0x15bc  MBAMWebAccessControl - ok
20:02:08.0691 0x15bc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
20:02:08.0715 0x15bc  Mcx2Svc - ok
20:02:08.0748 0x15bc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
20:02:08.0761 0x15bc  megasas - ok
20:02:08.0812 0x15bc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
20:02:08.0838 0x15bc  MegaSR - ok
20:02:08.0857 0x15bc  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
20:02:08.0867 0x15bc  MEIx64 - ok
20:02:08.0889 0x15bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
20:02:08.0931 0x15bc  MMCSS - ok
20:02:08.0952 0x15bc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
20:02:08.0992 0x15bc  Modem - ok
20:02:09.0041 0x15bc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
20:02:09.0078 0x15bc  monitor - ok
20:02:09.0113 0x15bc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:02:09.0131 0x15bc  mouclass - ok
20:02:09.0153 0x15bc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
20:02:09.0169 0x15bc  mouhid - ok
20:02:09.0215 0x15bc  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:02:09.0242 0x15bc  mountmgr - ok
20:02:09.0324 0x15bc  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:02:09.0360 0x15bc  MozillaMaintenance - ok
20:02:09.0395 0x15bc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
20:02:09.0418 0x15bc  mpio - ok
20:02:09.0444 0x15bc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:02:09.0487 0x15bc  mpsdrv - ok
20:02:09.0543 0x15bc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
20:02:09.0611 0x15bc  MpsSvc - ok
20:02:09.0649 0x15bc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:02:09.0683 0x15bc  MRxDAV - ok
20:02:09.0717 0x15bc  [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:02:09.0749 0x15bc  mrxsmb - ok
20:02:09.0772 0x15bc  [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:02:09.0798 0x15bc  mrxsmb10 - ok
20:02:09.0844 0x15bc  [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:02:09.0888 0x15bc  mrxsmb20 - ok
20:02:09.0921 0x15bc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
20:02:09.0938 0x15bc  msahci - ok
20:02:09.0974 0x15bc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
20:02:09.0996 0x15bc  msdsm - ok
20:02:10.0014 0x15bc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
20:02:10.0041 0x15bc  MSDTC - ok
20:02:10.0065 0x15bc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:02:10.0123 0x15bc  Msfs - ok
20:02:10.0170 0x15bc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
20:02:10.0232 0x15bc  mshidkmdf - ok
20:02:10.0239 0x15bc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:02:10.0251 0x15bc  msisadrv - ok
20:02:10.0284 0x15bc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
20:02:10.0331 0x15bc  MSiSCSI - ok
20:02:10.0335 0x15bc  msiserver - ok
20:02:10.0370 0x15bc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
20:02:10.0410 0x15bc  MSKSSRV - ok
20:02:10.0425 0x15bc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:02:10.0463 0x15bc  MSPCLOCK - ok
20:02:10.0473 0x15bc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
20:02:10.0513 0x15bc  MSPQM - ok
20:02:10.0546 0x15bc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
20:02:10.0570 0x15bc  MsRPC - ok
20:02:10.0593 0x15bc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
20:02:10.0605 0x15bc  mssmbios - ok
20:02:10.0618 0x15bc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
20:02:10.0656 0x15bc  MSTEE - ok
20:02:10.0663 0x15bc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
20:02:10.0677 0x15bc  MTConfig - ok
20:02:10.0698 0x15bc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
20:02:10.0711 0x15bc  Mup - ok
20:02:10.0735 0x15bc  [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter    C:\windows\system32\DRIVERS\mwlPSDFilter.sys
20:02:10.0746 0x15bc  mwlPSDFilter - ok
20:02:10.0757 0x15bc  [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ     C:\windows\system32\DRIVERS\mwlPSDNServ.sys
20:02:10.0767 0x15bc  mwlPSDNServ - ok
20:02:10.0776 0x15bc  [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk     C:\windows\system32\DRIVERS\mwlPSDVDisk.sys
20:02:10.0787 0x15bc  mwlPSDVDisk - ok
20:02:10.0830 0x15bc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
20:02:10.0886 0x15bc  napagent - ok
20:02:10.0930 0x15bc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
20:02:10.0963 0x15bc  NativeWifiP - ok
20:02:11.0082 0x15bc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
20:02:11.0129 0x15bc  NDIS - ok
20:02:11.0168 0x15bc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
20:02:11.0209 0x15bc  NdisCap - ok
20:02:11.0234 0x15bc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:02:11.0275 0x15bc  NdisTapi - ok
20:02:11.0306 0x15bc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
20:02:11.0346 0x15bc  Ndisuio - ok
20:02:11.0370 0x15bc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
20:02:11.0413 0x15bc  NdisWan - ok
20:02:11.0431 0x15bc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
20:02:11.0490 0x15bc  NDProxy - ok
20:02:11.0533 0x15bc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
20:02:11.0575 0x15bc  NetBIOS - ok
20:02:11.0596 0x15bc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
20:02:11.0648 0x15bc  NetBT - ok
20:02:11.0655 0x15bc  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon        C:\windows\system32\lsass.exe
20:02:11.0674 0x15bc  Netlogon - ok
20:02:11.0704 0x15bc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
20:02:11.0754 0x15bc  Netman - ok
20:02:11.0848 0x15bc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:11.0885 0x15bc  NetMsmqActivator - ok
20:02:11.0918 0x15bc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:11.0936 0x15bc  NetPipeActivator - ok
20:02:11.0974 0x15bc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
20:02:12.0029 0x15bc  netprofm - ok
20:02:12.0078 0x15bc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:12.0096 0x15bc  NetTcpActivator - ok
20:02:12.0103 0x15bc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:02:12.0121 0x15bc  NetTcpPortSharing - ok
20:02:12.0158 0x15bc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
20:02:12.0172 0x15bc  nfrd960 - ok
20:02:12.0205 0x15bc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
20:02:12.0234 0x15bc  NlaSvc - ok
20:02:12.0255 0x15bc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:02:12.0315 0x15bc  Npfs - ok
20:02:12.0345 0x15bc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
20:02:12.0386 0x15bc  nsi - ok
20:02:12.0397 0x15bc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:02:12.0438 0x15bc  nsiproxy - ok
20:02:12.0546 0x15bc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:02:12.0617 0x15bc  Ntfs - ok
20:02:12.0647 0x15bc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
20:02:12.0686 0x15bc  Null - ok
20:02:12.0714 0x15bc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:02:12.0731 0x15bc  nvraid - ok
20:02:12.0739 0x15bc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:02:12.0756 0x15bc  nvstor - ok
20:02:12.0810 0x15bc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:02:12.0827 0x15bc  nv_agp - ok
20:02:12.0872 0x15bc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
20:02:12.0889 0x15bc  ohci1394 - ok
20:02:12.0983 0x15bc  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:02:13.0007 0x15bc  ose64 - ok
20:02:13.0271 0x15bc  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:02:13.0524 0x15bc  osppsvc - ok
20:02:13.0565 0x15bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:02:13.0602 0x15bc  p2pimsvc - ok
20:02:13.0641 0x15bc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
20:02:13.0670 0x15bc  p2psvc - ok
20:02:13.0698 0x15bc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
20:02:13.0715 0x15bc  Parport - ok
20:02:13.0753 0x15bc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
20:02:13.0767 0x15bc  partmgr - ok
20:02:13.0803 0x15bc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:02:13.0830 0x15bc  PcaSvc - ok
20:02:13.0872 0x15bc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
20:02:13.0891 0x15bc  pci - ok
20:02:13.0915 0x15bc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
20:02:13.0927 0x15bc  pciide - ok
20:02:13.0960 0x15bc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
20:02:13.0987 0x15bc  pcmcia - ok
20:02:14.0027 0x15bc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
20:02:14.0040 0x15bc  pcw - ok
20:02:14.0101 0x15bc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:02:14.0140 0x15bc  PEAUTH - ok
20:02:14.0233 0x15bc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
20:02:14.0261 0x15bc  PerfHost - ok
20:02:14.0400 0x15bc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
20:02:14.0504 0x15bc  pla - ok
20:02:14.0570 0x15bc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:02:14.0601 0x15bc  PlugPlay - ok
20:02:14.0626 0x15bc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
20:02:14.0646 0x15bc  PNRPAutoReg - ok
20:02:14.0666 0x15bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
20:02:14.0690 0x15bc  PNRPsvc - ok
20:02:14.0734 0x15bc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
20:02:14.0790 0x15bc  PolicyAgent - ok
20:02:14.0819 0x15bc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
20:02:14.0864 0x15bc  Power - ok
20:02:14.0910 0x15bc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:02:14.0976 0x15bc  PptpMiniport - ok
20:02:14.0994 0x15bc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
20:02:15.0011 0x15bc  Processor - ok
20:02:15.0046 0x15bc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
20:02:15.0088 0x15bc  ProfSvc - ok
20:02:15.0100 0x15bc  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\windows\system32\lsass.exe
20:02:15.0117 0x15bc  ProtectedStorage - ok
20:02:15.0150 0x15bc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:02:15.0194 0x15bc  Psched - ok
20:02:15.0282 0x15bc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
20:02:15.0354 0x15bc  ql2300 - ok
20:02:15.0401 0x15bc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
20:02:15.0417 0x15bc  ql40xx - ok
20:02:15.0454 0x15bc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
20:02:15.0499 0x15bc  QWAVE - ok
20:02:15.0514 0x15bc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:02:15.0535 0x15bc  QWAVEdrv - ok
20:02:15.0552 0x15bc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:02:15.0599 0x15bc  RasAcd - ok
20:02:15.0626 0x15bc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
20:02:15.0669 0x15bc  RasAgileVpn - ok
20:02:15.0707 0x15bc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
20:02:15.0765 0x15bc  RasAuto - ok
20:02:15.0790 0x15bc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
20:02:15.0834 0x15bc  Rasl2tp - ok
20:02:15.0869 0x15bc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
20:02:15.0932 0x15bc  RasMan - ok
20:02:15.0958 0x15bc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:02:16.0001 0x15bc  RasPppoe - ok
20:02:16.0022 0x15bc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
20:02:16.0065 0x15bc  RasSstp - ok
20:02:16.0096 0x15bc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
20:02:16.0144 0x15bc  rdbss - ok
20:02:16.0164 0x15bc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
20:02:16.0182 0x15bc  rdpbus - ok
20:02:16.0210 0x15bc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:02:16.0250 0x15bc  RDPCDD - ok
20:02:16.0272 0x15bc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
20:02:16.0312 0x15bc  RDPENCDD - ok
20:02:16.0322 0x15bc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
20:02:16.0361 0x15bc  RDPREFMP - ok
20:02:16.0439 0x15bc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:02:16.0484 0x15bc  RdpVideoMiniport - ok
20:02:16.0519 0x15bc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
20:02:16.0550 0x15bc  RDPWD - ok
20:02:16.0585 0x15bc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:02:16.0607 0x15bc  rdyboost - ok
20:02:16.0645 0x15bc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:02:16.0688 0x15bc  RemoteAccess - ok
20:02:16.0727 0x15bc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:02:16.0774 0x15bc  RemoteRegistry - ok
20:02:16.0805 0x15bc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
20:02:16.0827 0x15bc  RFCOMM - ok
20:02:16.0854 0x15bc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:02:16.0896 0x15bc  RpcEptMapper - ok
20:02:16.0928 0x15bc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
20:02:16.0945 0x15bc  RpcLocator - ok
20:02:17.0011 0x15bc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
20:02:17.0069 0x15bc  RpcSs - ok
20:02:17.0141 0x15bc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:02:17.0199 0x15bc  rspndr - ok
20:02:17.0233 0x15bc  [ E54A5586A28D0630A79A68BBAB84BFCF, F6FBF1E4C64351CEB205DDCD17C35EA26439E98F3528F96AE326959A7C26B488 ] RSUSBVSTOR      C:\windows\system32\Drivers\RtsUVStor.sys
20:02:17.0253 0x15bc  RSUSBVSTOR - ok
20:02:17.0321 0x15bc  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
20:02:17.0350 0x15bc  RTL8167 - ok
20:02:17.0378 0x15bc  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs           C:\windows\system32\lsass.exe
20:02:17.0407 0x15bc  SamSs - ok
20:02:17.0431 0x15bc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:02:17.0447 0x15bc  sbp2port - ok
20:02:17.0495 0x15bc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:02:17.0544 0x15bc  SCardSvr - ok
20:02:17.0556 0x15bc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:02:17.0595 0x15bc  scfilter - ok
20:02:17.0689 0x15bc  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\windows\system32\schedsvc.dll
20:02:17.0763 0x15bc  Schedule - ok
20:02:17.0793 0x15bc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
20:02:17.0834 0x15bc  SCPolicySvc - ok
20:02:17.0864 0x15bc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
20:02:17.0885 0x15bc  SDRSVC - ok
20:02:17.0919 0x15bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:02:17.0975 0x15bc  secdrv - ok
20:02:18.0008 0x15bc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
20:02:18.0055 0x15bc  seclogon - ok
20:02:18.0066 0x15bc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
20:02:18.0109 0x15bc  SENS - ok
20:02:18.0153 0x15bc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:02:18.0181 0x15bc  SensrSvc - ok
20:02:18.0198 0x15bc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
20:02:18.0214 0x15bc  Serenum - ok
20:02:18.0256 0x15bc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
20:02:18.0274 0x15bc  Serial - ok
20:02:18.0300 0x15bc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
20:02:18.0315 0x15bc  sermouse - ok
20:02:18.0351 0x15bc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
20:02:18.0394 0x15bc  SessionEnv - ok
20:02:18.0408 0x15bc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
20:02:18.0425 0x15bc  sffdisk - ok
20:02:18.0441 0x15bc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
20:02:18.0459 0x15bc  sffp_mmc - ok
20:02:18.0470 0x15bc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
20:02:18.0488 0x15bc  sffp_sd - ok
20:02:18.0501 0x15bc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
20:02:18.0515 0x15bc  sfloppy - ok
20:02:18.0557 0x15bc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:02:18.0610 0x15bc  SharedAccess - ok
20:02:18.0651 0x15bc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:02:18.0704 0x15bc  ShellHWDetection - ok
20:02:18.0729 0x15bc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
20:02:18.0742 0x15bc  SiSRaid2 - ok
20:02:18.0772 0x15bc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
20:02:18.0787 0x15bc  SiSRaid4 - ok
20:02:18.0886 0x15bc  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:02:18.0930 0x15bc  SkypeUpdate - ok
20:02:18.0951 0x15bc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
20:02:18.0998 0x15bc  Smb - ok
20:02:19.0034 0x15bc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:02:19.0050 0x15bc  SNMPTRAP - ok
20:02:19.0076 0x15bc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
20:02:19.0089 0x15bc  spldr - ok
20:02:19.0165 0x15bc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
20:02:19.0219 0x15bc  Spooler - ok
20:02:19.0403 0x15bc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
20:02:19.0612 0x15bc  sppsvc - ok
20:02:19.0628 0x15bc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
20:02:19.0671 0x15bc  sppuinotify - ok
20:02:19.0712 0x15bc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
20:02:19.0745 0x15bc  srv - ok
20:02:19.0768 0x15bc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:02:19.0796 0x15bc  srv2 - ok
20:02:19.0817 0x15bc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:02:19.0836 0x15bc  srvnet - ok
20:02:19.0868 0x15bc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
20:02:19.0914 0x15bc  SSDPSRV - ok
20:02:19.0927 0x15bc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
20:02:19.0970 0x15bc  SstpSvc - ok
20:02:19.0996 0x15bc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
20:02:20.0009 0x15bc  stexstor - ok
20:02:20.0046 0x15bc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
20:02:20.0086 0x15bc  stisvc - ok
20:02:20.0112 0x15bc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
20:02:20.0126 0x15bc  swenum - ok
20:02:20.0170 0x15bc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
20:02:20.0228 0x15bc  swprv - ok
20:02:20.0308 0x15bc  [ 08425CD92972C6430F350A9697F4A553, F6DAA0EB637232BEA34B73AB1E59F55A6602F209A10529D486B8134AA002762D ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
20:02:20.0370 0x15bc  SynTP - ok
20:02:20.0464 0x15bc  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\windows\system32\sysmain.dll
20:02:20.0544 0x15bc  SysMain - ok
20:02:20.0658 0x15bc  [ 196E20CE11EDB0EA3EDA491FCD3C943B, DDE0CA36C1E2C15621CAB6CCD84EB3F415F800B62629C213016B0C2FB04E7035 ] SystemExplorerHelpService C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
20:02:20.0698 0x15bc  SystemExplorerHelpService - ok
20:02:20.0725 0x15bc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
20:02:20.0748 0x15bc  TabletInputService - ok
20:02:20.0782 0x15bc  [ B70DF208E97536CA9F29289E609F5B16, 5D2AF3DE64A6DAF8F0EA8C1F05B13660EA9428450516A6B3FA8AB0C3B3218E2D ] taphss          C:\windows\system32\DRIVERS\taphss.sys
20:02:20.0792 0x15bc  taphss - ok
20:02:20.0830 0x15bc  [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6         C:\windows\system32\DRIVERS\taphss6.sys
20:02:20.0841 0x15bc  taphss6 - ok
20:02:20.0867 0x15bc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
20:02:20.0917 0x15bc  TapiSrv - ok
20:02:20.0937 0x15bc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
20:02:20.0980 0x15bc  TBS - ok
20:02:21.0123 0x15bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
20:02:21.0199 0x15bc  Tcpip - ok
20:02:21.0287 0x15bc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:02:21.0360 0x15bc  TCPIP6 - ok
20:02:21.0401 0x15bc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:02:21.0415 0x15bc  tcpipreg - ok
20:02:21.0441 0x15bc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
20:02:21.0462 0x15bc  TDPIPE - ok
20:02:21.0495 0x15bc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
20:02:21.0510 0x15bc  TDTCP - ok
20:02:21.0545 0x15bc  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
20:02:21.0567 0x15bc  tdx - ok
20:02:21.0603 0x15bc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
20:02:21.0618 0x15bc  TermDD - ok
20:02:21.0713 0x15bc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
20:02:21.0756 0x15bc  TermService - ok
20:02:21.0779 0x15bc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
20:02:21.0801 0x15bc  Themes - ok
20:02:21.0823 0x15bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
20:02:21.0864 0x15bc  THREADORDER - ok
20:02:21.0892 0x15bc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
20:02:21.0935 0x15bc  TrkWks - ok
20:02:22.0012 0x15bc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:02:22.0110 0x15bc  TrustedInstaller - ok
20:02:22.0153 0x15bc  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
20:02:22.0184 0x15bc  tssecsrv - ok
20:02:22.0224 0x15bc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:02:22.0240 0x15bc  TsUsbFlt - ok
20:02:22.0275 0x15bc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
20:02:22.0295 0x15bc  TsUsbGD - ok
20:02:22.0326 0x15bc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:02:22.0369 0x15bc  tunnel - ok
20:02:22.0390 0x15bc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
20:02:22.0403 0x15bc  uagp35 - ok
20:02:22.0424 0x15bc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:02:22.0474 0x15bc  udfs - ok
20:02:22.0493 0x15bc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
20:02:22.0510 0x15bc  UI0Detect - ok
20:02:22.0544 0x15bc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:02:22.0569 0x15bc  uliagpkx - ok
20:02:22.0591 0x15bc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
20:02:22.0607 0x15bc  umbus - ok
20:02:22.0635 0x15bc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
20:02:22.0650 0x15bc  UmPass - ok
20:02:22.0830 0x15bc  [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:02:22.0929 0x15bc  UNS - ok
20:02:22.0966 0x15bc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
20:02:23.0033 0x15bc  upnphost - ok
20:02:23.0065 0x15bc  [ AF1B9474D67897D0C2CFF58E0ACEACCC, 5ED9836EC7BEEB6706C327EF199E9B674863ED8C83890DDE5E5A6554C2DA5288 ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
20:02:23.0100 0x15bc  USBAAPL64 - ok
20:02:23.0134 0x15bc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
20:02:23.0166 0x15bc  usbccgp - ok
20:02:23.0200 0x15bc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
20:02:23.0233 0x15bc  usbcir - ok
20:02:23.0271 0x15bc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
20:02:23.0287 0x15bc  usbehci - ok
20:02:23.0321 0x15bc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
20:02:23.0348 0x15bc  usbhub - ok
20:02:23.0387 0x15bc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
20:02:23.0411 0x15bc  usbohci - ok
20:02:23.0437 0x15bc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
20:02:23.0456 0x15bc  usbprint - ok
20:02:23.0512 0x15bc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
20:02:23.0567 0x15bc  usbscan - ok
20:02:23.0580 0x15bc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
20:02:23.0600 0x15bc  USBSTOR - ok
20:02:23.0632 0x15bc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
20:02:23.0655 0x15bc  usbuhci - ok
20:02:23.0701 0x15bc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
20:02:23.0744 0x15bc  usbvideo - ok
20:02:23.0779 0x15bc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
20:02:23.0829 0x15bc  UxSms - ok
20:02:23.0845 0x15bc  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc        C:\windows\system32\lsass.exe
20:02:23.0878 0x15bc  VaultSvc - ok
20:02:23.0911 0x15bc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:02:23.0924 0x15bc  vdrvroot - ok
20:02:23.0977 0x15bc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
20:02:24.0044 0x15bc  vds - ok
20:02:24.0079 0x15bc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
20:02:24.0097 0x15bc  vga - ok
20:02:24.0116 0x15bc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
20:02:24.0157 0x15bc  VgaSave - ok
20:02:24.0178 0x15bc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
20:02:24.0197 0x15bc  vhdmp - ok
20:02:24.0237 0x15bc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
20:02:24.0265 0x15bc  viaide - ok
20:02:24.0301 0x15bc  [ 5CB80AFA98111FC6ED6E8702A0D7AC5B, ECA8B155EA48A509B443A2189AE1A98A5E2E49BA98601A55A089207C4555C4F5 ] vm2uvcflt       C:\windows\system32\Drivers\vm2uvcflt.sys
20:02:24.0313 0x15bc  vm2uvcflt - ok
20:02:24.0339 0x15bc  [ D8BD0784AADCE2AAEE8F8E2C57A0BC7C, 5206426C2EAAEBFF529DEBD2BCB765D4FA17B113BB8F548B1CF422E638C2EA78 ] vm332avs        C:\windows\system32\Drivers\vm332avs.sys
20:02:24.0361 0x15bc  vm332avs - ok
20:02:24.0390 0x15bc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:02:24.0404 0x15bc  volmgr - ok
20:02:24.0424 0x15bc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
20:02:24.0450 0x15bc  volmgrx - ok
20:02:24.0475 0x15bc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
20:02:24.0496 0x15bc  volsnap - ok
20:02:24.0540 0x15bc  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\windows\system32\DRIVERS\vpnva64-6.sys
20:02:24.0552 0x15bc  vpnva - ok
20:02:24.0576 0x15bc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
20:02:24.0594 0x15bc  vsmraid - ok
20:02:24.0673 0x15bc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
20:02:24.0767 0x15bc  VSS - ok
20:02:24.0795 0x15bc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
20:02:24.0813 0x15bc  vwifibus - ok
20:02:24.0824 0x15bc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:02:24.0846 0x15bc  vwififlt - ok
20:02:24.0867 0x15bc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
20:02:24.0949 0x15bc  W32Time - ok
20:02:24.0976 0x15bc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
20:02:24.0990 0x15bc  WacomPen - ok
20:02:25.0018 0x15bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
20:02:25.0060 0x15bc  WANARP - ok
20:02:25.0065 0x15bc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
20:02:25.0104 0x15bc  Wanarpv6 - ok
20:02:25.0214 0x15bc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
20:02:25.0269 0x15bc  WatAdminSvc - ok
20:02:25.0376 0x15bc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
20:02:25.0441 0x15bc  wbengine - ok
20:02:25.0484 0x15bc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:02:25.0511 0x15bc  WbioSrvc - ok
20:02:25.0541 0x15bc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
20:02:25.0573 0x15bc  wcncsvc - ok
20:02:25.0602 0x15bc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:02:25.0630 0x15bc  WcsPlugInService - ok
20:02:25.0660 0x15bc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
20:02:25.0672 0x15bc  Wd - ok
20:02:25.0734 0x15bc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:02:25.0774 0x15bc  Wdf01000 - ok
20:02:25.0823 0x15bc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:02:25.0849 0x15bc  WdiServiceHost - ok
20:02:25.0855 0x15bc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
20:02:25.0874 0x15bc  WdiSystemHost - ok
20:02:25.0929 0x15bc  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\windows\System32\webclnt.dll
20:02:25.0977 0x15bc  WebClient - ok
20:02:26.0006 0x15bc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
20:02:26.0058 0x15bc  Wecsvc - ok
20:02:26.0068 0x15bc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
20:02:26.0111 0x15bc  wercplsupport - ok
20:02:26.0148 0x15bc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
20:02:26.0192 0x15bc  WerSvc - ok
20:02:26.0224 0x15bc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
20:02:26.0268 0x15bc  WfpLwf - ok
20:02:26.0297 0x15bc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:02:26.0309 0x15bc  WIMMount - ok
20:02:26.0334 0x15bc  WinDefend - ok
20:02:26.0350 0x15bc  WinHttpAutoProxySvc - ok
20:02:26.0412 0x15bc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
20:02:26.0472 0x15bc  Winmgmt - ok
20:02:26.0597 0x15bc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
20:02:26.0687 0x15bc  WinRM - ok
20:02:26.0765 0x15bc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\drivers\WinUsb.sys
20:02:26.0799 0x15bc  WinUsb - ok
20:02:26.0864 0x15bc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
20:02:26.0919 0x15bc  Wlansvc - ok
20:02:27.0020 0x15bc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:02:27.0043 0x15bc  wlcrasvc - ok
20:02:27.0214 0x15bc  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:02:27.0300 0x15bc  wlidsvc - ok
20:02:27.0409 0x15bc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
20:02:27.0445 0x15bc  WmiAcpi - ok
20:02:27.0513 0x15bc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:02:27.0548 0x15bc  wmiApSrv - ok
20:02:27.0571 0x15bc  WMPNetworkSvc - ok
20:02:27.0602 0x15bc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:02:27.0645 0x15bc  WPCSvc - ok
20:02:27.0659 0x15bc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:02:27.0691 0x15bc  WPDBusEnum - ok
20:02:27.0719 0x15bc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
20:02:27.0759 0x15bc  ws2ifsl - ok
20:02:27.0789 0x15bc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
20:02:27.0818 0x15bc  wscsvc - ok
20:02:27.0822 0x15bc  WSearch - ok
20:02:27.0859 0x15bc  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
20:02:27.0872 0x15bc  wsvd - ok
20:02:28.0052 0x15bc  [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv        C:\windows\system32\wuaueng.dll
20:02:28.0162 0x15bc  wuauserv - ok
20:02:28.0205 0x15bc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:02:28.0232 0x15bc  WudfPf - ok
20:02:28.0270 0x15bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\drivers\WUDFRd.sys
20:02:28.0290 0x15bc  WUDFRd - ok
20:02:28.0320 0x15bc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
20:02:28.0338 0x15bc  wudfsvc - ok
20:02:28.0372 0x15bc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
20:02:28.0409 0x15bc  WwanSvc - ok
20:02:28.0431 0x15bc  ================ Scan global ===============================
20:02:28.0457 0x15bc  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
20:02:28.0520 0x15bc  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\windows\system32\winsrv.dll
20:02:28.0539 0x15bc  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\windows\system32\winsrv.dll
20:02:28.0574 0x15bc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
20:02:28.0633 0x15bc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
20:02:28.0653 0x15bc  [ Global ] - ok
20:02:28.0653 0x15bc  ================ Scan MBR ==================================
20:02:28.0669 0x15bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:02:29.0113 0x15bc  \Device\Harddisk0\DR0 - ok
20:02:29.0114 0x15bc  ================ Scan VBR ==================================
20:02:29.0123 0x15bc  [ 50499EEACCFFC1AA07E515AA6CE41C7C ] \Device\Harddisk0\DR0\Partition1
20:02:29.0127 0x15bc  \Device\Harddisk0\DR0\Partition1 - ok
20:02:29.0143 0x15bc  [ 6EC04B1A87A01C726C136F56E0577186 ] \Device\Harddisk0\DR0\Partition2
20:02:29.0147 0x15bc  \Device\Harddisk0\DR0\Partition2 - ok
20:02:29.0180 0x15bc  [ C2B7EB22544FC677064B1C99B16ECA72 ] \Device\Harddisk0\DR0\Partition3
20:02:29.0183 0x15bc  \Device\Harddisk0\DR0\Partition3 - ok
20:02:29.0184 0x15bc  ================ Scan generic autorun ======================
20:02:29.0687 0x15bc  [ 02D4B89754302FC728FF8549ED259B84, 8F7E12C788D229790696DBE01B77FEE4AEF436B220CB5355DE296BFAC33E5BD6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:02:30.0171 0x15bc  RtHDVCpl - ok
20:02:30.0183 0x15bc  SynTPEnh - ok
20:02:30.0630 0x15bc  [ 39F53D30AAF0427A02D6F1223C18DC5B, 0916F1A2F53BD2D65538A3E215A80BA7EA87D52D8B9C1885E0FB2D365A68BEDB ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
20:02:30.0966 0x15bc  Energy Management - ok
20:02:31.0268 0x15bc  [ F43AB67D41349AD8BB1FE045C5C49832, E79C50F6EA022AA41A502D780CB72232AC094FD008C31EDC51A1F58EF00B1F08 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
20:02:31.0458 0x15bc  EnergyUtility - ok
20:02:31.0496 0x15bc  [ 03998CA1B0F0B50A5062A38D35CFDB4D, 359907A8B7EC0C693FA95F296DF7BB70451EBA865C0CF5BB9C55720FEFB5936E ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
20:02:31.0522 0x15bc  Lenovo EE Boot Optimizer - detected UnsignedFile.Multi.Generic ( 1 )
20:02:34.0043 0x15bc  Detect skipped due to KSN trusted
20:02:34.0043 0x15bc  Lenovo EE Boot Optimizer - ok
20:02:34.0124 0x15bc  [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\windows\system32\igfxtray.exe
20:02:34.0157 0x15bc  IgfxTray - ok
20:02:34.0182 0x15bc  [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\windows\system32\hkcmd.exe
20:02:34.0208 0x15bc  HotKeysCmds - ok
20:02:34.0277 0x15bc  [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\windows\system32\igfxpers.exe
20:02:34.0317 0x15bc  Persistence - ok
20:02:34.0360 0x15bc  [ B7A36B59F77C1A088FE3A19BFADCB9F0, 88C33C26391F6D0773BB2AB8ACA3A10B781453954AF1E4F665898CA75F49CAE4 ] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
20:02:34.0421 0x15bc  332BigDog - ok
20:02:34.0494 0x15bc  [ 0453907E40313F95371CF0CA603E5EE3, 7E62A05070BCF45391AA3C2A06F4197795BB95ABA3737CDC2E979A993C47F2F7 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
20:02:34.0522 0x15bc  EgisTecPMMUpdate - ok
20:02:34.0541 0x15bc  [ 12F639E4677756AF38F1B036D6CD78E5, 0E0430DA3A42A35254E92BC419EA8A93D69F3DFC58A0723BAC58A7C90CE9610E ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
20:02:34.0555 0x15bc  EgisUpdate - ok
20:02:34.0723 0x15bc  [ 6582AFC30FD66BB2351A1130534A7974, 2D7EDF0C630AECB6E810B9C3F3016EA0AA2E766CD2D4F42619E99313671A2FE8 ] C:\Program Files (x86)\System Explorer\SystemExplorer.exe
20:02:34.0818 0x15bc  SystemExplorerAutoStart - ok
20:02:34.0921 0x15bc  [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:02:34.0956 0x15bc  avgnt - ok
20:02:35.0078 0x15bc  [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:02:35.0112 0x15bc  SunJavaUpdateSched - ok
20:02:35.0165 0x15bc  [ D52A9F078EA114D3465FC1CD9E900DF1, 841F6055435278A93230C3F5E33E6C530D6FDF5A331EC31E992A35DD084A7C64 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
20:02:35.0194 0x15bc  Avira SystrayStartTrigger - ok
20:02:35.0271 0x15bc  [ 0B0E1595C3546F94013015ECADD79210, 2BBBA4CBFDDDC994F0AAFEC3B835EFB7FCA4677590D58FBA7609EC79F66ABE5C ] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
20:02:35.0295 0x15bc  VitaKeyTSR - ok
20:02:35.0371 0x15bc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:02:35.0522 0x15bc  Sidebar - ok
20:02:35.0554 0x15bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:02:35.0596 0x15bc  mctadmin - ok
20:02:35.0649 0x15bc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:02:35.0698 0x15bc  Sidebar - ok
20:02:35.0717 0x15bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:02:35.0739 0x15bc  mctadmin - ok
20:02:35.0839 0x15bc  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
20:02:35.0914 0x15bc  Sidebar - ok
20:02:36.0267 0x15bc  [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
20:02:36.0667 0x15bc  CCleaner Monitoring - ok
20:02:36.0677 0x15bc  Waiting for KSN requests completion. In queue: 97
20:02:37.0677 0x15bc  Waiting for KSN requests completion. In queue: 97
20:02:38.0677 0x15bc  Waiting for KSN requests completion. In queue: 97
20:02:39.0713 0x15bc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x40000 ( disabled : updated )
20:02:39.0718 0x15bc  Win FW state via NFP2: enabled ( trusted )
20:02:45.0234 0x15bc  ============================================================
20:02:45.0234 0x15bc  Scan finished
20:02:45.0234 0x15bc  ============================================================
20:02:45.0255 0x152c  Detected object count: 0
20:02:45.0255 0x152c  Actual detected object count: 0
         
Liebe Grüße, lillisam


Alt 24.10.2015, 19:08   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



OK,

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2
Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.

__________________
--> Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn

Alt 24.10.2015, 21:44   #7
lillisam
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Da bin ich wieder

Der Scan hat leider etwas gedauert. Hier das logfile

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1c93076c10922f40b6d1e1a609cf0c53
# end=init
# utc_time=2015-10-24 06:13:58
# local_time=2015-10-24 08:13:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26399
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1c93076c10922f40b6d1e1a609cf0c53
# end=updated
# utc_time=2015-10-24 06:20:28
# local_time=2015-10-24 08:20:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1c93076c10922f40b6d1e1a609cf0c53
# engine=26399
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-24 08:36:39
# local_time=2015-10-24 10:36:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3061319 197348849 0 0
# scanned=203486
# found=8
# cleaned=0
# scan_time=8170
sh=DA4B31E04C87C85EAB4DF653675AADF4EF0BDAEE ft=1 fh=c71c0011ca3d8895 vn="Variante von Win32/AdWare.PricePeep.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PricePeep\pricepeep.dll.vir"
sh=6A30B483987A046EF6023FB227F7E00F892E7D69 ft=1 fh=4b5f36b1efa3715b vn="Variante von Win32/Adware.PricePeep.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PricePeep\unutil.exe.vir"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lisa\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lisa\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lisa\AppData\Roaming\OpenCandy\42C014ABC8EA4597824AF03A124B16BA\DeltaTB.exe.vir"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lisa\AppData\Roaming\OpenCandy\5B602A85BE3244B593302BD580542210\DeltaTB.exe.vir"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lisa\AppData\Roaming\OpenCandy\D06FD832C1184040911985391B952C33\DeltaTB.exe.vir"
sh=1234511A27F5BFFB499DF38E92C217CC7F5BDE16 ft=1 fh=0e2ee79a7e1207f4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lisa\Downloads\Minetest - CHIP-Installer.exe"
         
TFC lief auch schon durch, kein Neustart.

Liebe Grüße, lillisam

Alt 24.10.2015, 22:26   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Wie verhält sich der PC denn jetzt?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 24.10.2015, 22:47   #9
lillisam
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Vom ersten Empfinden her würde ich sagen definitiv besser. CPU bleibt niedrig und auch der Lüfter scheint sich gefangen zu haben

Der Schlag den Raab Livestream von Pro7 hat zwar ein paar Ruckler, aber das kann bestimmt auch an was anderem liegen.

Es ist aber deutlich besser als noch vor ein paar Stunden

Lieben Gruß, lillisam

Alt 25.10.2015, 15:22   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Hm...also Malware sehe ich keine. Kann es sein, dass Dir jemand eine Office-Raubkopie installiert hat? Da muss man schon aufpassen. Cracks & Co. sind praktisch immer verseucht.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 25.10.2015, 15:51   #11
lillisam
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Hi,

ne eigentlich kann das nicht sein.

Ich hab aber auch immer das Gefühl, wenn ich mal den Taskmanager anschmeisse und mir die aktiven Prozesse anschaue, dass da so einiges vor sich geht. Da ich aber leider meist nicht verstehe, was das für Prozesse sind, lass ich die einfach machen.

Aber ich kann nur nochmal betonen, dass es seit gestern besser ist. Vor allem ist mir beim herunterfahren auch aufgefallen, dass dies problemlos ging. Vorher poppte immer ein Fenster auf, das angab, dass noch ein Programm beendet werden müsse, aber nie angezeigt wurde was für ein Programm (ich hoffe du verstehst, was ich meine)?

Gruß, lillisam

Alt 25.10.2015, 16:29   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Wie gesagt, aktive Malware ist da keine zu sehen. Der TFC hat ja etwas den PC entmüllt. Weiteren Support brauchst Du eigentlich nicht, diesen würde ich Dir auch erst nach Entfernung
des gecrackten Office geben können.

http://www.trojaner-board.de/95394-c...-software.html

Code:
ATTFilter
Task: {BF901E49-5A45-4C20-9A61-A92CEA2BABF4} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-12-21] ()
         
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 25.10.2015, 17:20   #13
lillisam
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



Hi,

alles klar. Viele Dank für deine Hilfe und dass du alles so genau und verständlich erklärt hast

Liebe Grüße und noch einen schönen Rest-Sonntag, lillisam

Alt 25.10.2015, 17:25   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Standard

Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn



OK.

Machs gut.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn
500gb, antivir, auslastung, besser, computer, cpu, cpu auslastung, cpu-auslastung, diverse, dvd, firefox, heute, intel, langsamer, laptop, lenovo, lüfter, nicht mehr, nichts, ram, sache, scan, schießt, surfen, virenscan, win, youtube



Ähnliche Themen: Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn


  1. Datenträgerauslastung ständig auf 100%-iger Auslastung, Lüfter dreht permanent, Notebook wird heiß
    Plagegeister aller Art und deren Bekämpfung - 14.06.2015 (3)
  2. Laptop wird immer langsamer - Lüfter arbeitet auf Hochtouren
    Plagegeister aller Art und deren Bekämpfung - 14.05.2015 (9)
  3. Laptop Lüfter wird zu heiss und PC verabschiedet sich!
    Plagegeister aller Art und deren Bekämpfung - 13.02.2015 (8)
  4. Lollipop Virus auf Laptop , Laptop wird immer Langsamer! Deinstellieren fehlerhaft
    Log-Analyse und Auswertung - 03.02.2014 (3)
  5. Laptop wird zu heiß, neuer Lüfter notwendig?
    Netzwerk und Hardware - 20.06.2013 (5)
  6. Prozessor auslastung Hoch und langsamer Start
    Plagegeister aller Art und deren Bekämpfung - 02.08.2010 (21)
  7. Laptop fährt langsamer hoch
    Log-Analyse und Auswertung - 25.12.2008 (6)
  8. Mein PC treibt mich in den Wahnsinn
    Log-Analyse und Auswertung - 02.10.2008 (0)
  9. Unbekannter Virus treibt mich in den Wahnsinn
    Plagegeister aller Art und deren Bekämpfung - 19.03.2008 (4)
  10. TR/Dldr.ConHook.Gen treibt mich in den Wahnsinn
    Log-Analyse und Auswertung - 22.06.2007 (2)
  11. TR/Drop.Small.apk treibt mich in den Wahnsinn...
    Plagegeister aller Art und deren Bekämpfung - 01.09.2006 (1)
  12. Popup treibt mich in den Wahnsinn...
    Plagegeister aller Art und deren Bekämpfung - 01.03.2006 (12)
  13. Firefoxx Treibt Mich In Den Wahnsinn
    Plagegeister aller Art und deren Bekämpfung - 04.11.2005 (1)
  14. trojan.hosts --- er treibt mich in den wahnsinn !!!
    Plagegeister aller Art und deren Bekämpfung - 01.12.2004 (4)
  15. Hilfe! bargains.exe treibt mich in den Wahnsinn
    Log-Analyse und Auswertung - 21.11.2004 (5)
  16. BDS/Agent treibt mich in den Wahnsinn!
    Log-Analyse und Auswertung - 26.10.2004 (8)
  17. Hijacker treibt mich in den Wahnsinn!
    Log-Analyse und Auswertung - 11.09.2004 (3)

Zum Thema Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn - Liebes Team von Trojaner-Board, ich wende mich heute an euch, da ich leider nicht mehr weiter weiß. Seit einiger Zeit wird mein Laptop (Lenovo B570; Intel Core i3 2310M, 2,1GHz, - Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn...
Archiv
Du betrachtest: Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.