Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Laptop hat ständig hohe Auslastung und friert ein

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.02.2016, 14:11   #1
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



fGuten Tag,

dieser Laptop hat ständig eine hohe Auslastung zwischen 60% bis zu 100% und friert ständig ein. Es wäre sehr freundlich wenn mir jemand damit helfen könnte herauszufinden ob es an der Software liegt oder schlicht und einfach daran das er schon ein bisschen älter ist und die Hardware nicht mehr mit macht oder ähnliches.

Vielen Dank im voraus!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (Administrator) auf LENOVO_T400-PC (09-02-2016 14:01:22)
Gestartet von C:\Users\l e n o v o_T400\Downloads
Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Windows\System32\DTS.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\00 Patrick\Steam\Steam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-10-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-10-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2011-05-31] (AuthenTec, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\ATFUS: 
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Steam] => C:\00 Patrick\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe -update plugin
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\MountPoints2: {091b345c-7992-11e5-bf0c-00216b9b33c8} - E:\LaunchU3.exe -a
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\MountPoints2: {66793dfa-906b-11e5-812e-002268e88b1a} - E:\Startme.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{48B1B533-B784-4602-A55F-94991A35C471}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A37D0D6C-8B78-429F-B0B0-32A3CA0E4DDB}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-09] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-116035449-3229059048-4235389283-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: Avira Browser Safety - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\abs@avira.com.xpi [2016-02-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-11-25]
FF Extension: Adblock Plus - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-28]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2011-05-31] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 ATService; C:\Windows\system32\ATService.exe [2715976 2011-05-31] (AuthenTec, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2011-05-31] () [Datei ist nicht signiert]
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
S3 Origin Client Service; C:\00 Patrick\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-03] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-09 13:54 - 2016-02-09 14:01 - 00014093 _____ C:\Users\l e n o v o_T400\Downloads\FRST.txt
2016-02-09 13:53 - 2016-02-09 13:53 - 00003432 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2016-02-09 13:53 - 2016-02-09 13:53 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Avira
2016-02-09 13:50 - 2015-12-03 15:24 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-02-09 13:50 - 2015-12-03 15:24 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-02-09 13:50 - 2015-12-03 15:24 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-02-09 13:50 - 2015-12-03 15:24 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-02-09 13:47 - 2016-02-09 13:47 - 00003094 _____ C:\Windows\System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954}
2016-02-09 13:46 - 2016-02-09 13:52 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-09 13:46 - 2016-02-09 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-09 13:46 - 2016-02-09 13:50 - 00000000 ____D C:\ProgramData\Avira
2016-02-09 13:45 - 2016-02-09 13:45 - 05427168 _____ (Avira Operations GmbH & Co. KG) C:\Users\l e n o v o_T400\Downloads\avira_de_av_56b9df3c40868__ws.exe
2016-02-09 13:40 - 2016-02-09 13:40 - 00064169 _____ C:\Users\l e n o v o_T400\Desktop\bookmarks.html
2016-02-09 13:26 - 2016-02-09 14:01 - 00000000 ____D C:\FRST
2016-02-09 13:25 - 2016-02-09 13:25 - 02370560 _____ (Farbar) C:\Users\l e n o v o_T400\Downloads\FRST64.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-09 13:49 - 2015-10-23 15:42 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Skype
2016-02-09 13:45 - 2015-11-10 01:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-09 13:39 - 2015-10-23 15:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 13:39 - 2015-10-23 15:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-09 13:39 - 2015-10-23 15:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 13:39 - 2015-10-23 15:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-09 13:35 - 2015-11-10 01:08 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-02-09 13:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-09 13:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Local\Ubisoft Game Launcher
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-02-09 13:29 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-09 13:29 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-09 13:19 - 2011-04-12 08:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2016-02-09 13:19 - 2011-04-12 08:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2016-02-09 13:19 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-09 13:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-01 08:29 - 2015-10-26 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-01 08:28 - 2015-10-26 18:04 - 00000000 ____D C:\Windows\system32\MRT
2016-02-01 08:25 - 2015-10-26 18:03 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-23 15:52 - 2015-10-23 15:52 - 0000116 _____ () C:\ProgramData\CameraRecorder.ini

Einige Dateien in TEMP:
====================
C:\Users\l e n o v o_T400\AppData\Local\Temp\avgnt.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\BRSVC_1212424_hlp.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\l e n o v o_T400\AppData\Local\Temp\KUIU.EXE
C:\Users\l e n o v o_T400\AppData\Local\Temp\SkypeSetup.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\xmlUpdater.exe
C:\Users\l e n o v o_T400\AppData\Local\Temp\YgoUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-30 19:36

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-09 14:02:03)
Gestartet von C:\Users\l e n o v o_T400\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-23 14:02:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-116035449-3229059048-4235389283-500 - Administrator - Disabled)
Gast (S-1-5-21-116035449-3229059048-4235389283-501 - Limited - Disabled)
l e n o v o_T400 (S-1-5-21-116035449-3229059048-4235389283-1000 - Administrator - Enabled) => C:\Users\l e n o v o_T400

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Anomaly 2 (HKLM-x32\...\Steam App 236730) (Version:  - 11 bit studios)
ATI Catalyst Install Manager (HKLM\...\{9B0EAC89-4331-A96E-C7D3-754192589BEE}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5.2-120504a-138564C-Lenovo - ATI Technologies, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
ccc-core-static (x32 Version: 2012.0504.2334.40448 - Ihr Firmenname) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
Final Dusk (HKLM-x32\...\Steam App 337420) (Version:  - Light Echo)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{8046A32C-88A7-45DA-B6D7-B6191E261031}) (Version: 7.03.0546 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.0.1980 - Electronic Arts, Inc.)
Outland (HKLM-x32\...\Steam App 305050) (Version:  - Housemarque)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YGOPro DevPro Launcher (HKLM-x32\...\{8D09DD74-E630-4629-80DC-7FB13AE58F3F}) (Version: 2.0.10 - DevPro, LLC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D483666-BD0C-48D5-82F4-F930ECA9F05A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {48F344EF-7EBF-49A9-8651-F290FF620395} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {78F84751-14B5-4A91-8DDD-1F0E4E255997} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {E6F170B4-1D97-4C90-B422-CB454FAEC109} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F3152822-05F2-45DA-ADF8-76BDFCFADDD4} - System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/de/go/help.faq.installer?LastError=1618

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-05-31 06:29 - 2011-05-31 06:29 - 00117760 _____ () C:\Windows\system32\DTS.exe
2008-12-20 03:20 - 2015-10-27 11:14 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-04 23:33 - 2012-05-04 23:33 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-11-25 12:58 - 2015-11-17 14:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-29 21:03 - 2015-11-10 20:55 - 00778752 _____ () C:\00 Patrick\Steam\SDL2.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 04962816 _____ () C:\00 Patrick\Steam\v8.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01556992 _____ () C:\00 Patrick\Steam\icui18n.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01187840 _____ () C:\00 Patrick\Steam\icuuc.dll
2015-10-29 21:03 - 2015-12-14 21:01 - 02547280 _____ () C:\00 Patrick\Steam\video.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 02549248 _____ () C:\00 Patrick\Steam\libavcodec-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00442880 _____ () C:\00 Patrick\Steam\libavutil-54.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00491008 _____ () C:\00 Patrick\Steam\libavformat-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00332800 _____ () C:\00 Patrick\Steam\libavresample-2.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00485888 _____ () C:\00 Patrick\Steam\libswscale-3.dll
2015-10-29 21:03 - 2015-12-14 21:01 - 00804432 _____ () C:\00 Patrick\Steam\bin\chromehtml.DLL
2015-10-29 21:02 - 2015-11-03 23:00 - 00201728 _____ () C:\00 Patrick\Steam\bin\openvr_api.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-10-29 21:03 - 2015-11-17 01:31 - 47846176 _____ () C:\00 Patrick\Steam\bin\libcef.dll
2015-10-29 21:02 - 2015-09-25 00:56 - 00119208 _____ () C:\00 Patrick\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\l e n o v o_T400\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9F1B72D5-FC54-41E7-8C64-6D0D8C94717F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2F963EB-9CBC-4793-8399-CF2EE3B5341C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA40F968-1239-47BA-9910-BF1EDE28CC3A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{012F6B68-D295-41AB-9A17-FA6EE5CE7F47}] => (Allow) LPort=2869
FirewallRules: [{EBC949E9-EB04-4131-8C3D-5802F68F5AD9}] => (Allow) LPort=1900
FirewallRules: [{AFCB54A4-6BEF-4376-8FBE-9B0FFEAC7DBE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{07563221-6C4E-4FF2-B720-E1CC00950509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D375C97-D8A4-4EBC-A9EA-739A8C9E69AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{72868D83-C4A2-4AC2-820D-5C033836562B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{009CFA44-D550-4669-8351-2A9B9EB49FCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06BC55BF-52A5-4334-A46A-ECF2D8F45D15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{78C8E05C-7516-40B0-BCC5-AB8B7790310E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B3987217-92BF-4D1F-800D-981B2BCF9A6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6B2A6036-4605-4FFF-A7B2-8DF6B0D0601C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{FD0891A4-ADEA-4B5C-956F-F5A8EECBF98D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{79A90932-5DA3-431B-BA14-08DF350C623C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{CDB297EE-9D1A-4A73-8275-07A9C5D239F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{1F89DABE-467B-4F4F-9EBD-3B85DDB67C7A}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [{91A1A7F1-BC69-4960-AF4F-F4D1B59AB939}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [TCP Query User{913DF891-DD3E-46FA-B821-48A854141B7A}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [UDP Query User{79A11FC0-BECD-4855-AD7D-F362FBFBFB24}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [{C437FD31-D94B-4F8C-8C0F-804D02293745}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{974E794F-EE7C-4CAE-B173-18BF7E4431B9}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{FEBB9783-D452-4575-AF84-443D98B8DDC1}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{A2214476-9994-4910-87F9-B61A14A59635}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{35C0DF2D-3043-4479-9DFD-CED810814F87}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{FD4FA76C-9825-4DEF-BC4D-69A4A1821DE6}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{CFA718F6-8366-46F5-AB2B-1E5A2AA916FF}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7229F608-EC44-4384-B92E-07552E506BD9}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [{1401E6C4-615B-49F4-B599-6A8A7349DDEE}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BCE41C79-C138-4F01-8C8A-6C5D313806A6}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C4C6EFE2-A3D3-4D6C-A6DF-B13FD962BA2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C7D6879E-88CE-4F75-B9BD-4AB85C7D801A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7137B81-01C5-4B4A-866C-6C5E91C22509}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C283972A-8B8E-4402-BAE7-68FF00C3C6D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE13F4A3-9CEB-4909-B1D5-4228652301F6}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{C108768B-7704-4065-BF85-737ADBF5F18E}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF79A33D-134D-40B0-AEC0-841F6BDF1526}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037598EA-7072-4F8D-B418-23C8DDABAA0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C5D6C5-9E1B-428B-979C-AE3345DEAA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{64684FDC-2FAE-458F-89E6-6727F3471D63}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D7D4382D-8DE1-4C4D-8134-67F6C9858A01}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{7BB0AEC7-369E-42E5-9144-EC4C9CFBD70C}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{28292762-161E-4710-A38D-B48039438495}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{6601F52C-B9B4-4B07-A9C8-206B18D44202}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{20EC68C0-8861-4CEC-90E3-8743A749D309}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{CC60C3B7-C76E-4F04-9861-F0E45CC0C7E8}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [TCP Query User{813447D1-9988-4423-A07D-2A48C84814A9}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8113568B-25A4-42B4-81B0-2B3D358B6902}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{86918A03-D4F5-482F-8D07-00E54E47C593}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{50CD02A8-AEB8-4985-BD21-9EEA1F4CF886}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{177B25B5-080B-4475-AC38-36A5A236FD86}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{594EABC2-428A-4755-81FB-AED0DA33E3EB}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3B4AD008-7737-4088-A141-21CED53840A3}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{F25D5FC4-06A9-4A95-B334-BA7C00F556F0}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{DFAB99F8-9F93-438E-9D29-4D0FCDC5C5DF}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{5459E706-1BA5-4BEA-803E-58DDDA775F97}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{CD933E24-9EA9-4C0D-BC71-B56D00719B66}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{BFBDDC45-2DCD-4520-846B-8C802178B568}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{5BE08BEE-291E-41E4-BCF5-1948A3C4EA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{84CCB198-5B74-4126-9DD2-09B8E4E40AC7}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{67D5512F-BEAE-45A9-9BEB-6B086F0F0053}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{2284D28E-060F-40F6-894C-82B3B949E543}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe

==================== Wiederherstellungspunkte =========================

03-01-2016 19:35:35 DirectX wurde installiert
05-01-2016 12:18:37 Windows Update
01-02-2016 08:25:46 Windows Update
09-02-2016 13:17:41 Windows Update
09-02-2016 13:30:00 Removed WestwoodOnline

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/09/2016 01:14:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2016 10:52:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2016 08:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2016 07:10:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/08/2016 12:15:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/07/2016 07:34:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/06/2016 12:10:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/05/2016 12:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2016 11:52:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2016 09:05:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (02/09/2016 02:01:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:59:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:57:12 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:55:12 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:53:58 PM) (Source: TPM) (EventID: 15) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.

Error: (02/09/2016 01:53:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:51:13 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:49:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:47:11 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/09/2016 01:45:13 PM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 77%
Installierter physikalischer RAM: 1990.02 MB
Verfügbarer physikalischer RAM: 439.02 MB
Summe virtueller Speicher: 4976.02 MB
Verfügbarer virtueller Speicher: 2011.19 MB

==================== Laufwerke ================================

Drive c: (Windows 7 SSD) (Fixed) (Total:238.37 GB) (Free:167.91 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5DE8806A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 10.02.2016, 13:32   #2
M-K-D-B
/// TB-Ausbilder
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 10.02.2016, 14:01   #3
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Musste es auf zwei Posts aufteilen. Hoffe es fehlt nichts.

Code:
ATTFilter
13:49:31.0733 0x0fb8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:49:36.0147 0x0fb8  ============================================================
13:49:36.0147 0x0fb8  Current date / time: 2016/02/10 13:49:36.0147
13:49:36.0147 0x0fb8  SystemInfo:
13:49:36.0147 0x0fb8  
13:49:36.0147 0x0fb8  OS Version: 6.1.7601 ServicePack: 1.0
13:49:36.0147 0x0fb8  Product type: Workstation
13:49:36.0147 0x0fb8  ComputerName: LENOVO_T400-PC
13:49:36.0147 0x0fb8  UserName: l e n o v o_T400
13:49:36.0147 0x0fb8  Windows directory: C:\Windows
13:49:36.0147 0x0fb8  System windows directory: C:\Windows
13:49:36.0147 0x0fb8  Running under WOW64
13:49:36.0147 0x0fb8  Processor architecture: Intel x64
13:49:36.0147 0x0fb8  Number of processors: 2
13:49:36.0147 0x0fb8  Page size: 0x1000
13:49:36.0147 0x0fb8  Boot type: Normal boot
13:49:36.0147 0x0fb8  ============================================================
13:49:36.0937 0x0fb8  KLMD registered as C:\Windows\system32\drivers\30643625.sys
13:49:37.0888 0x0fb8  System UUID: {5B1F67BF-DE8A-8576-05DD-CA5567F48681}
13:49:38.0571 0x0fb8  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x8134, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
13:49:38.0581 0x0fb8  ============================================================
13:49:38.0581 0x0fb8  \Device\Harddisk0\DR0:
13:49:38.0581 0x0fb8  MBR partitions:
13:49:38.0581 0x0fb8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:49:38.0581 0x0fb8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
13:49:38.0581 0x0fb8  ============================================================
13:49:38.0581 0x0fb8  C: <-> \Device\Harddisk0\DR0\Partition2
13:49:38.0591 0x0fb8  ============================================================
13:49:38.0591 0x0fb8  Initialize success
13:49:38.0591 0x0fb8  ============================================================
13:49:40.0291 0x12fc  ============================================================
13:49:40.0291 0x12fc  Scan started
13:49:40.0291 0x12fc  Mode: Manual; 
13:49:40.0291 0x12fc  ============================================================
13:49:40.0291 0x12fc  KSN ping started
13:49:43.0207 0x12fc  KSN ping finished: true
13:49:43.0327 0x12fc  ================ Scan system memory ========================
13:49:43.0327 0x12fc  System memory - ok
13:49:43.0327 0x12fc  ================ Scan services =============================
13:49:43.0389 0x12fc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:49:43.0399 0x12fc  1394ohci - ok
13:49:43.0429 0x12fc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:49:43.0439 0x12fc  ACPI - ok
13:49:43.0449 0x12fc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:49:43.0459 0x12fc  AcpiPmi - ok
13:49:43.0469 0x12fc  [ 92E9D1DEBDC9C6C367064EA403C68874, 8666A595BA2FBB4EAC66DE662B15143993A82033BF02C4DA0B8B3D7004286CDB ] ADMonitor       C:\Windows\system32\ADMonitor.exe
13:49:43.0529 0x12fc  ADMonitor - ok
13:49:43.0539 0x12fc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:43.0549 0x12fc  AdobeARMservice - ok
13:49:43.0619 0x12fc  [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:43.0769 0x12fc  AdobeFlashPlayerUpdateSvc - ok
13:49:43.0789 0x12fc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:49:43.0809 0x12fc  adp94xx - ok
13:49:43.0829 0x12fc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:49:43.0849 0x12fc  adpahci - ok
13:49:43.0869 0x12fc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:49:43.0879 0x12fc  adpu320 - ok
13:49:43.0889 0x12fc  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:49:43.0889 0x12fc  AeLookupSvc - ok
13:49:43.0909 0x12fc  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
13:49:43.0919 0x12fc  AFD - ok
13:49:43.0929 0x12fc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:49:43.0939 0x12fc  agp440 - ok
13:49:43.0939 0x12fc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:49:43.0949 0x12fc  ALG - ok
13:49:43.0959 0x12fc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:49:43.0959 0x12fc  aliide - ok
13:49:43.0969 0x12fc  [ F23C8B2011900E7D0F1940CA75975B90, D9E9907D8C71BE92D36FF1287F81D3C87CA3F2AC07229D2B53284473ED0B688A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:49:43.0989 0x12fc  AMD External Events Utility - ok
13:49:43.0989 0x12fc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:49:43.0999 0x12fc  amdide - ok
13:49:44.0009 0x12fc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:49:44.0019 0x12fc  AmdK8 - ok
13:49:44.0239 0x12fc  [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:49:44.0471 0x12fc  amdkmdag - ok
13:49:44.0503 0x12fc  [ 7FDAAE73445C2C9F8360AB45E22C03BE, 012825F5EC538CCB8A194BA8914D1DBCB283D5125C04B2B065909717CDCCA5BA ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:49:44.0519 0x12fc  amdkmdap - ok
13:49:44.0525 0x12fc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:49:44.0535 0x12fc  AmdPPM - ok
13:49:44.0535 0x12fc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:49:44.0555 0x12fc  amdsata - ok
13:49:44.0565 0x12fc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:49:44.0575 0x12fc  amdsbs - ok
13:49:44.0585 0x12fc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:49:44.0595 0x12fc  amdxata - ok
13:49:44.0625 0x12fc  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
13:49:44.0755 0x12fc  AntiVirMailService - ok
13:49:44.0775 0x12fc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
13:49:44.0785 0x12fc  AntiVirSchedulerService - ok
13:49:44.0805 0x12fc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
13:49:44.0825 0x12fc  AntiVirService - ok
13:49:44.0865 0x12fc  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
13:49:44.0985 0x12fc  AntiVirWebService - ok
13:49:44.0995 0x12fc  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
13:49:45.0005 0x12fc  AppID - ok
13:49:45.0015 0x12fc  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:49:45.0025 0x12fc  AppIDSvc - ok
13:49:45.0035 0x12fc  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
13:49:45.0045 0x12fc  Appinfo - ok
13:49:45.0055 0x12fc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:49:45.0065 0x12fc  arc - ok
13:49:45.0075 0x12fc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:49:45.0085 0x12fc  arcsas - ok
13:49:45.0105 0x12fc  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:49:45.0125 0x12fc  aspnet_state - ok
13:49:45.0135 0x12fc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:49:45.0145 0x12fc  AsyncMac - ok
13:49:45.0145 0x12fc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:49:45.0145 0x12fc  atapi - ok
13:49:45.0367 0x12fc  [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:49:45.0497 0x12fc  atikmdag - ok
13:49:45.0587 0x12fc  [ 7FE1E7697D611E3638E237543D51B56A, 0F43CFF95EF4DC54E4E5BD78A9A8A06507490C28C465E51ED764F6C746122469 ] ATService       C:\Windows\system32\ATService.exe
13:49:45.0657 0x12fc  ATService - ok
13:49:45.0687 0x12fc  [ 599FDE158B87EB33538FB0CEA1A5813F, F1470CD94A778CCCFC3FC89AA3D0F9FF62BD151A8E94C1EE1102ECE76729B008 ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
13:49:45.0737 0x12fc  ATSwpWDF - ok
13:49:45.0757 0x12fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:49:45.0787 0x12fc  AudioEndpointBuilder - ok
13:49:45.0807 0x12fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:49:45.0817 0x12fc  AudioSrv - ok
13:49:45.0827 0x12fc  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:49:45.0867 0x12fc  avgntflt - ok
13:49:45.0877 0x12fc  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:49:45.0917 0x12fc  avipbb - ok
13:49:45.0927 0x12fc  [ DFF7C7E8DB2A8F520BF0550AAD17FF99, 350E4E41E3932B155C93A061B7209645969FD6EE597CF5BBF4BBF7AB0EBBB7FD ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:49:45.0937 0x12fc  Avira.ServiceHost - ok
13:49:45.0937 0x12fc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:49:45.0947 0x12fc  avkmgr - ok
13:49:45.0957 0x12fc  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
13:49:45.0997 0x12fc  avnetflt - ok
13:49:45.0997 0x12fc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:49:46.0017 0x12fc  AxInstSV - ok
13:49:46.0037 0x12fc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:49:46.0069 0x12fc  b06bdrv - ok
13:49:46.0089 0x12fc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:49:46.0114 0x12fc  b57nd60a - ok
13:49:46.0123 0x12fc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:49:46.0137 0x12fc  BDESVC - ok
13:49:46.0142 0x12fc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:49:46.0148 0x12fc  Beep - ok
13:49:46.0169 0x12fc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:49:46.0202 0x12fc  BFE - ok
13:49:46.0235 0x12fc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:49:46.0291 0x12fc  BITS - ok
13:49:46.0301 0x12fc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:49:46.0311 0x12fc  blbdrive - ok
13:49:46.0321 0x12fc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:49:46.0331 0x12fc  bowser - ok
13:49:46.0336 0x12fc  BRDriver64_1_3_3_E02B25FC - ok
13:49:46.0341 0x12fc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:49:46.0343 0x12fc  BrFiltLo - ok
13:49:46.0343 0x12fc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:49:46.0353 0x12fc  BrFiltUp - ok
13:49:46.0363 0x12fc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:49:46.0373 0x12fc  Browser - ok
13:49:46.0393 0x12fc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:49:46.0413 0x12fc  Brserid - ok
13:49:46.0413 0x12fc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:49:46.0423 0x12fc  BrSerWdm - ok
13:49:46.0433 0x12fc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:49:46.0433 0x12fc  BrUsbMdm - ok
13:49:46.0443 0x12fc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:49:46.0443 0x12fc  BrUsbSer - ok
13:49:46.0453 0x12fc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:49:46.0463 0x12fc  BthEnum - ok
13:49:46.0463 0x12fc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:49:46.0473 0x12fc  BTHMODEM - ok
13:49:46.0483 0x12fc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:49:46.0493 0x12fc  BthPan - ok
13:49:46.0503 0x12fc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:49:46.0523 0x12fc  BTHPORT - ok
13:49:46.0533 0x12fc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:49:46.0543 0x12fc  bthserv - ok
13:49:46.0553 0x12fc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:49:46.0563 0x12fc  BTHUSB - ok
13:49:46.0573 0x12fc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:49:46.0583 0x12fc  cdfs - ok
13:49:46.0593 0x12fc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:49:46.0613 0x12fc  cdrom - ok
13:49:46.0623 0x12fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:49:46.0643 0x12fc  CertPropSvc - ok
13:49:46.0643 0x12fc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:49:46.0653 0x12fc  circlass - ok
13:49:46.0663 0x12fc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
13:49:46.0673 0x12fc  CLFS - ok
13:49:46.0693 0x12fc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:49:46.0703 0x12fc  clr_optimization_v2.0.50727_32 - ok
13:49:46.0713 0x12fc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:49:46.0723 0x12fc  clr_optimization_v2.0.50727_64 - ok
13:49:46.0753 0x12fc  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:49:46.0773 0x12fc  clr_optimization_v4.0.30319_32 - ok
13:49:46.0783 0x12fc  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:49:46.0793 0x12fc  clr_optimization_v4.0.30319_64 - ok
13:49:46.0813 0x12fc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:49:46.0813 0x12fc  CmBatt - ok
13:49:46.0823 0x12fc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:49:46.0823 0x12fc  cmdide - ok
13:49:46.0843 0x12fc  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:49:46.0863 0x12fc  CNG - ok
13:49:46.0873 0x12fc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:49:46.0873 0x12fc  Compbatt - ok
13:49:46.0883 0x12fc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:49:46.0893 0x12fc  CompositeBus - ok
13:49:46.0893 0x12fc  COMSysApp - ok
13:49:46.0903 0x12fc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:49:46.0913 0x12fc  crcdisk - ok
13:49:46.0923 0x12fc  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:49:46.0943 0x12fc  CryptSvc - ok
13:49:46.0953 0x12fc  DAUpdaterSvc - ok
13:49:46.0953 0x12fc  [ 881D881EA7B54BA294F01FD028F034BD, F79569D463C98374DEE491D0C6FD1D916E27CFB8B0529113B8229C9751DDBDD8 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
13:49:46.0973 0x12fc  dc3d - ok
13:49:46.0993 0x12fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:49:47.0013 0x12fc  DcomLaunch - ok
13:49:47.0023 0x12fc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:49:47.0043 0x12fc  defragsvc - ok
13:49:47.0053 0x12fc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:49:47.0063 0x12fc  DfsC - ok
13:49:47.0073 0x12fc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:49:47.0093 0x12fc  Dhcp - ok
13:49:47.0133 0x12fc  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:49:47.0175 0x12fc  DiagTrack - ok
13:49:47.0185 0x12fc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:49:47.0185 0x12fc  discache - ok
13:49:47.0195 0x12fc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:49:47.0205 0x12fc  Disk - ok
13:49:47.0215 0x12fc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:49:47.0235 0x12fc  Dnscache - ok
13:49:47.0245 0x12fc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:49:47.0265 0x12fc  dot3svc - ok
13:49:47.0275 0x12fc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:49:47.0295 0x12fc  DPS - ok
13:49:47.0295 0x12fc  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:49:47.0315 0x12fc  drmkaud - ok
13:49:47.0315 0x12fc  [ 369E422B4BB5641718D212F713E646D0, 72D0A3692FCE903A08ADB3F7D619D67ED063539131C39C63CAE250E0D2D4307B ] dtsvc           C:\Windows\system32\DTS.exe
13:49:47.0365 0x12fc  dtsvc - ok
13:49:47.0395 0x12fc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:49:47.0425 0x12fc  DXGKrnl - ok
13:49:47.0445 0x12fc  [ D608110ADB132E683360FCA0F6B2BB53, 99CD78973BB16B2CD37F5AA451876DB06E9DC1757F7B6BBA51241936C6E85EFE ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
13:49:47.0465 0x12fc  e1yexpress - ok
13:49:47.0475 0x12fc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:49:47.0475 0x1374  Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
13:49:47.0485 0x12fc  EapHost - ok
13:49:47.0575 0x12fc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:49:47.0685 0x12fc  ebdrv - ok
13:49:47.0695 0x12fc  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS             C:\Windows\System32\lsass.exe
13:49:47.0705 0x12fc  EFS - ok
13:49:47.0725 0x12fc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:49:47.0755 0x12fc  ehRecvr - ok
13:49:47.0755 0x12fc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:49:47.0765 0x12fc  ehSched - ok
13:49:47.0795 0x12fc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:49:47.0825 0x12fc  elxstor - ok
13:49:47.0825 0x12fc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:49:47.0835 0x12fc  ErrDev - ok
13:49:47.0855 0x12fc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:49:47.0885 0x12fc  EventSystem - ok
13:49:47.0895 0x12fc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:49:47.0905 0x12fc  exfat - ok
13:49:47.0925 0x12fc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:49:47.0935 0x12fc  fastfat - ok
13:49:47.0965 0x12fc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:49:48.0005 0x12fc  Fax - ok
13:49:48.0005 0x12fc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:49:48.0015 0x12fc  fdc - ok
13:49:48.0025 0x12fc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:49:48.0025 0x12fc  fdPHost - ok
13:49:48.0035 0x12fc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:49:48.0045 0x12fc  FDResPub - ok
13:49:48.0055 0x12fc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:49:48.0065 0x12fc  FileInfo - ok
13:49:48.0065 0x12fc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:49:48.0075 0x12fc  Filetrace - ok
13:49:48.0085 0x12fc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:49:48.0095 0x12fc  flpydisk - ok
13:49:48.0105 0x12fc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:49:48.0125 0x12fc  FltMgr - ok
13:49:48.0155 0x12fc  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
13:49:48.0215 0x12fc  FontCache - ok
13:49:48.0225 0x12fc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:49:48.0235 0x12fc  FontCache3.0.0.0 - ok
13:49:48.0235 0x12fc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:49:48.0245 0x12fc  FsDepends - ok
13:49:48.0255 0x12fc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:49:48.0265 0x12fc  Fs_Rec - ok
13:49:48.0275 0x12fc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:49:48.0275 0x12fc  fvevol - ok
13:49:48.0285 0x12fc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:49:48.0295 0x12fc  gagp30kx - ok
13:49:48.0325 0x12fc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:49:48.0355 0x12fc  gpsvc - ok
13:49:48.0365 0x12fc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:49:48.0375 0x12fc  hcw85cir - ok
13:49:48.0395 0x12fc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:49:48.0425 0x12fc  HdAudAddService - ok
13:49:48.0435 0x12fc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:49:48.0445 0x12fc  HDAudBus - ok
13:49:48.0445 0x12fc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:49:48.0455 0x12fc  HidBatt - ok
13:49:48.0465 0x12fc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:49:48.0475 0x12fc  HidBth - ok
13:49:48.0475 0x12fc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:49:48.0485 0x12fc  HidIr - ok
13:49:48.0495 0x12fc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:49:48.0505 0x12fc  hidserv - ok
13:49:48.0515 0x12fc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:49:48.0525 0x12fc  HidUsb - ok
13:49:48.0535 0x12fc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:49:48.0555 0x12fc  hkmsvc - ok
13:49:48.0565 0x12fc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:49:48.0585 0x12fc  HomeGroupListener - ok
13:49:48.0595 0x12fc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:49:48.0615 0x12fc  HomeGroupProvider - ok
13:49:48.0625 0x12fc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:49:48.0635 0x12fc  HpSAMD - ok
13:49:48.0655 0x12fc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:49:48.0665 0x12fc  HTTP - ok
13:49:48.0675 0x12fc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:49:48.0675 0x12fc  hwpolicy - ok
13:49:48.0685 0x12fc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:49:48.0695 0x12fc  i8042prt - ok
13:49:48.0715 0x12fc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:49:48.0735 0x12fc  iaStorV - ok
13:49:48.0735 0x12fc  [ 99B71816BA253098E8374E641CB2F886, E65CAD462722DF165FC51EA27617445D4B6E2F59B0A1454F9DF2EFD841EF130A ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
13:49:48.0765 0x12fc  IBMPMDRV - ok
13:49:48.0775 0x12fc  [ 833139BADAEEA68515DD877BC800C1DF, 581B1823185391978D417C4607BF7EF2A09A0622C2FC677A5183040C76636434 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
13:49:48.0805 0x12fc  IBMPMSVC - ok
13:49:48.0835 0x12fc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:49:48.0855 0x12e4  Object required for P2P: [ DFF7C7E8DB2A8F520BF0550AAD17FF99 ] Avira.ServiceHost
13:49:48.0875 0x12fc  idsvc - ok
13:49:48.0875 0x12fc  IEEtwCollectorService - ok
13:49:49.0135 0x12fc  [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:49:49.0395 0x12fc  igfx - ok
13:49:49.0435 0x12fc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:49:49.0445 0x12fc  iirsp - ok
13:49:49.0465 0x12fc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:49:49.0495 0x12fc  IKEEXT - ok
13:49:49.0505 0x12fc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:49:49.0515 0x12fc  intelide - ok
13:49:49.0745 0x12fc  [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
13:49:50.0005 0x12fc  intelkmd - ok
13:49:50.0035 0x12fc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:49:50.0035 0x12fc  intelppm - ok
13:49:50.0045 0x12fc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:49:50.0065 0x12fc  IPBusEnum - ok
13:49:50.0065 0x12fc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:49:50.0075 0x12fc  IpFilterDriver - ok
13:49:50.0095 0x12fc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:49:50.0105 0x1374  Object send P2P result: true
13:49:50.0105 0x12fc  iphlpsvc - ok
13:49:50.0115 0x1374  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
13:49:50.0115 0x12fc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:49:50.0135 0x12fc  IPMIDRV - ok
13:49:50.0135 0x12fc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:49:50.0156 0x12fc  IPNAT - ok
13:49:50.0160 0x12fc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:49:50.0167 0x12fc  IRENUM - ok
13:49:50.0171 0x12fc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:49:50.0177 0x12fc  isapnp - ok
13:49:50.0187 0x12fc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:49:50.0207 0x12fc  iScsiPrt - ok
13:49:50.0217 0x12fc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:49:50.0227 0x12fc  kbdclass - ok
13:49:50.0227 0x12fc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:49:50.0247 0x12fc  kbdhid - ok
13:49:50.0257 0x12fc  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso          C:\Windows\system32\lsass.exe
13:49:50.0257 0x12fc  KeyIso - ok
13:49:50.0267 0x12fc  [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:49:50.0277 0x12fc  KSecDD - ok
13:49:50.0287 0x12fc  [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:49:50.0287 0x12fc  KSecPkg - ok
13:49:50.0297 0x12fc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:49:50.0297 0x12fc  ksthunk - ok
13:49:50.0317 0x12fc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:49:50.0337 0x12fc  KtmRm - ok
13:49:50.0347 0x12fc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:49:50.0367 0x12fc  LanmanServer - ok
13:49:50.0367 0x12fc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:49:50.0387 0x12fc  LanmanWorkstation - ok
13:49:50.0387 0x12fc  [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi      C:\Windows\system32\DRIVERS\smiifx64.sys
13:49:50.0397 0x12fc  lenovo.smi - ok
13:49:50.0407 0x12fc  [ 606DA892A53FA863B67F8D3F8FF016A0, FB026285C07C8A77C1702698E40C2EA694B054C35C62E45C9A5C498BC94BAD49 ] LenovoRd        C:\Windows\system32\Drivers\LenovoRd.sys
13:49:50.0417 0x12fc  LenovoRd - ok
13:49:50.0427 0x12fc  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\Windows\system32\DRIVERS\LhdX64.sys
13:49:50.0427 0x12fc  LHDmgr - ok
13:49:50.0437 0x12fc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:49:50.0447 0x12fc  lltdio - ok
13:49:50.0457 0x12fc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:49:50.0477 0x12fc  lltdsvc - ok
13:49:50.0487 0x12fc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:49:50.0497 0x12fc  lmhosts - ok
13:49:50.0507 0x12fc  [ 7F697D6EB3E47FBC7757229DAEE406B4, 9F2C5ED88ACFB16FD5D2B9372A17D322BD816A57C00FB0BD0835A27A25616F94 ] LMS             C:\Program Files (x86)\Intel\AMT\LMS.exe
13:49:50.0507 0x12fc  LMS - ok
13:49:50.0517 0x12fc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:49:50.0527 0x12fc  LSI_FC - ok
13:49:50.0537 0x12fc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:49:50.0547 0x12fc  LSI_SAS - ok
13:49:50.0557 0x12fc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:49:50.0567 0x12fc  LSI_SAS2 - ok
13:49:50.0567 0x12fc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:49:50.0587 0x12fc  LSI_SCSI - ok
13:49:50.0587 0x12fc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:49:50.0607 0x12fc  luafv - ok
13:49:50.0607 0x12fc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:49:50.0627 0x12fc  Mcx2Svc - ok
13:49:50.0627 0x12fc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:49:50.0637 0x12fc  megasas - ok
13:49:50.0657 0x12fc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:49:50.0677 0x12fc  MegaSR - ok
13:49:50.0677 0x12fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:49:50.0687 0x12fc  MMCSS - ok
13:49:50.0697 0x12fc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:49:50.0697 0x12fc  Modem - ok
13:49:50.0707 0x12fc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:49:50.0707 0x12fc  monitor - ok
13:49:50.0707 0x12fc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:49:50.0717 0x12fc  mouclass - ok
13:49:50.0727 0x12fc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:49:50.0747 0x12fc  mouhid - ok
13:49:50.0757 0x12fc  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:49:50.0757 0x12fc  mountmgr - ok
13:49:50.0767 0x12fc  [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:49:50.0827 0x12fc  MozillaMaintenance - ok
13:49:50.0837 0x12fc  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:49:50.0857 0x12fc  MpFilter - ok
13:49:50.0867 0x12fc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:49:50.0887 0x12fc  mpio - ok
13:49:50.0897 0x12fc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:49:50.0907 0x12fc  mpsdrv - ok
13:49:50.0927 0x12fc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:49:50.0957 0x12fc  MpsSvc - ok
13:49:50.0967 0x12fc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:49:50.0987 0x12fc  MRxDAV - ok
13:49:50.0987 0x12fc  [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:49:51.0017 0x12fc  mrxsmb - ok
13:49:51.0027 0x12fc  [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:49:51.0047 0x12fc  mrxsmb10 - ok
13:49:51.0057 0x12fc  [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:49:51.0087 0x12fc  mrxsmb20 - ok
13:49:51.0087 0x12fc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:49:51.0097 0x12fc  msahci - ok
13:49:51.0107 0x12fc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:49:51.0117 0x12fc  msdsm - ok
13:49:51.0127 0x12fc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:49:51.0137 0x12fc  MSDTC - ok
13:49:51.0147 0x12fc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:49:51.0157 0x12fc  Msfs - ok
13:49:51.0157 0x12fc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:49:51.0167 0x12fc  mshidkmdf - ok
13:49:51.0177 0x12fc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:49:51.0177 0x12fc  msisadrv - ok
13:49:51.0187 0x12fc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:49:51.0207 0x12fc  MSiSCSI - ok
13:49:51.0207 0x12fc  msiserver - ok
13:49:51.0217 0x12fc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:49:51.0227 0x12fc  MSKSSRV - ok
13:49:51.0227 0x12fc  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:49:51.0227 0x12fc  MsMpSvc - ok
13:49:51.0237 0x12fc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:49:51.0237 0x12fc  MSPCLOCK - ok
13:49:51.0247 0x12fc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:49:51.0247 0x12fc  MSPQM - ok
13:49:51.0267 0x12fc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:49:51.0287 0x12fc  MsRPC - ok
13:49:51.0297 0x12fc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:49:51.0297 0x12fc  mssmbios - ok
13:49:51.0297 0x12fc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:49:51.0307 0x12fc  MSTEE - ok
13:49:51.0317 0x12fc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:49:51.0317 0x12fc  MTConfig - ok
13:49:51.0327 0x12fc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:49:51.0337 0x12fc  Mup - ok
13:49:51.0347 0x12e4  Object send P2P result: true
13:49:51.0367 0x12fc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:49:51.0397 0x12fc  napagent - ok
13:49:51.0417 0x12fc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:49:51.0437 0x12fc  NativeWifiP - ok
13:49:51.0467 0x12fc  [ 6D8FCDD5BB3B676EF58FA234073492C6, 07A69DD00E45C59CBB6FABFBD62FE897655970BE2D09997CF29D20241ED9AF13 ] NBService       C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
13:49:51.0497 0x12fc  NBService - ok
13:49:51.0527 0x12fc  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:49:51.0547 0x12fc  NDIS - ok
13:49:51.0547 0x12fc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:49:51.0557 0x12fc  NdisCap - ok
13:49:51.0567 0x12fc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:49:51.0577 0x12fc  NdisTapi - ok
13:49:51.0577 0x12fc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:49:51.0587 0x12fc  Ndisuio - ok
13:49:51.0597 0x12fc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:49:51.0617 0x12fc  NdisWan - ok
13:49:51.0617 0x12fc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:49:51.0627 0x12fc  NDProxy - ok
13:49:51.0637 0x12fc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:49:51.0647 0x12fc  NetBIOS - ok
13:49:51.0657 0x12fc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:49:51.0667 0x12fc  NetBT - ok
13:49:51.0667 0x12fc  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon        C:\Windows\system32\lsass.exe
13:49:51.0677 0x12fc  Netlogon - ok
13:49:51.0687 0x12fc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:49:51.0707 0x12fc  Netman - ok
13:49:51.0717 0x12fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0747 0x12fc  NetMsmqActivator - ok
13:49:51.0757 0x12fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0757 0x12fc  NetPipeActivator - ok
13:49:51.0767 0x12fc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:49:51.0797 0x12fc  netprofm - ok
13:49:51.0807 0x12fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0807 0x12fc  NetTcpActivator - ok
13:49:51.0817 0x12fc  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:49:51.0817 0x12fc  NetTcpPortSharing - ok
13:49:51.0967 0x12fc  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
13:49:52.0127 0x12fc  NETw5s64 - ok
13:49:52.0277 0x12fc  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
13:49:52.0397 0x12fc  netw5v64 - ok
13:49:52.0417 0x12fc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:49:52.0427 0x12fc  nfrd960 - ok
13:49:52.0440 0x12fc  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:49:52.0456 0x12fc  NisDrv - ok
13:49:52.0473 0x12fc  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:49:52.0479 0x12fc  NisSrv - ok
13:49:52.0489 0x12fc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:49:52.0509 0x12fc  NlaSvc - ok
13:49:52.0529 0x12fc  [ E584D6668E6A3923FF32E026A5ED2A03, 5DB5BE3410989AD92B2B4F48C363659D93E808A81411CE0DFA28098D2EA19DE3 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
13:49:52.0559 0x12fc  NMIndexingService - ok
13:49:52.0569 0x12fc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:49:52.0579 0x12fc  Npfs - ok
13:49:52.0579 0x12fc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:49:52.0589 0x12fc  nsi - ok
13:49:52.0599 0x12fc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:49:52.0599 0x12fc  nsiproxy - ok
13:49:52.0649 0x12fc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:49:52.0719 0x12fc  Ntfs - ok
13:49:52.0729 0x12fc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:49:52.0729 0x12fc  Null - ok
13:49:52.0739 0x12fc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:49:52.0749 0x12fc  nvraid - ok
13:49:52.0759 0x12fc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:49:52.0769 0x12fc  nvstor - ok
13:49:52.0779 0x12fc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:49:52.0789 0x12fc  nv_agp - ok
13:49:52.0789 0x12fc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:49:52.0799 0x12fc  ohci1394 - ok
13:49:52.0819 0x12fc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:49:52.0829 0x12fc  p2pimsvc - ok
13:49:52.0849 0x12fc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:49:52.0879 0x12fc  p2psvc - ok
13:49:52.0889 0x12fc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:49:52.0909 0x12fc  Parport - ok
13:49:52.0909 0x12fc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:49:52.0919 0x12fc  partmgr - ok
13:49:52.0929 0x12fc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:49:52.0949 0x12fc  PcaSvc - ok
13:49:52.0959 0x12fc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:49:52.0969 0x12fc  pci - ok
13:49:52.0969 0x12fc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:49:52.0979 0x12fc  pciide - ok
13:49:52.0989 0x12fc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:49:53.0009 0x12fc  pcmcia - ok
13:49:53.0019 0x12fc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:49:53.0029 0x12fc  pcw - ok
13:49:53.0049 0x12fc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:49:53.0069 0x12fc  PEAUTH - ok
13:49:53.0099 0x12fc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:49:53.0139 0x12fc  PerfHost - ok
13:49:53.0189 0x12fc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:49:53.0229 0x12fc  pla - ok
13:49:53.0249 0x12fc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:49:53.0279 0x12fc  PlugPlay - ok
13:49:53.0289 0x12fc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:49:53.0299 0x12fc  PNRPAutoReg - ok
13:49:53.0319 0x12fc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:49:53.0329 0x12fc  PNRPsvc - ok
13:49:53.0349 0x12fc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:49:53.0379 0x12fc  PolicyAgent - ok
13:49:53.0389 0x12fc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:49:53.0399 0x12fc  Power - ok
13:49:53.0409 0x12fc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:49:53.0419 0x12fc  PptpMiniport - ok
13:49:53.0429 0x12fc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:49:53.0439 0x12fc  Processor - ok
13:49:53.0449 0x12fc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:49:53.0469 0x12fc  ProfSvc - ok
13:49:53.0479 0x12fc  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:49:53.0479 0x12fc  ProtectedStorage - ok
13:49:53.0489 0x12fc  [ C2C5F5D150605FD14FA2ABDE88DB2020, 1AE35D1FB3C48EC725013F840F7FEC09D2511D9FAE0D6902CF5BF52447A18857 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
13:49:53.0499 0x12fc  psadd - ok
13:49:53.0509 0x12fc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:49:53.0509 0x12fc  Psched - ok
13:49:53.0559 0x12fc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:49:53.0599 0x12fc  ql2300 - ok
13:49:53.0609 0x12fc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:49:53.0619 0x12fc  ql40xx - ok
13:49:53.0629 0x12fc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:49:53.0659 0x12fc  QWAVE - ok
13:49:53.0659 0x12fc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:49:53.0669 0x12fc  QWAVEdrv - ok
13:49:53.0669 0x12fc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:49:53.0679 0x12fc  RasAcd - ok
13:49:53.0679 0x12fc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:49:53.0689 0x12fc  RasAgileVpn - ok
13:49:53.0699 0x12fc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:49:53.0719 0x12fc  RasAuto - ok
13:49:53.0729 0x12fc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:49:53.0739 0x12fc  Rasl2tp - ok
13:49:53.0759 0x12fc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:49:53.0779 0x12fc  RasMan - ok
13:49:53.0789 0x12fc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:49:53.0799 0x12fc  RasPppoe - ok
13:49:53.0809 0x12fc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:49:53.0819 0x12fc  RasSstp - ok
13:49:53.0829 0x12fc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:49:53.0859 0x12fc  rdbss - ok
13:49:53.0859 0x12fc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:49:53.0869 0x12fc  rdpbus - ok
13:49:53.0869 0x12fc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:49:53.0879 0x12fc  RDPCDD - ok
13:49:53.0879 0x12fc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:49:53.0879 0x12fc  RDPENCDD - ok
13:49:53.0889 0x12fc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:49:53.0889 0x12fc  RDPREFMP - ok
13:49:53.0899 0x12fc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:49:53.0909 0x12fc  RdpVideoMiniport - ok
13:49:53.0909 0x12fc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:49:53.0929 0x12fc  RDPWD - ok
13:49:53.0939 0x12fc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:49:53.0959 0x12fc  rdyboost - ok
13:49:53.0959 0x12fc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:49:53.0979 0x12fc  RemoteAccess - ok
13:49:53.0989 0x12fc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:49:54.0009 0x12fc  RemoteRegistry - ok
13:49:54.0019 0x12fc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:49:54.0029 0x12fc  RFCOMM - ok
13:49:54.0039 0x12fc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:49:54.0049 0x12fc  RpcEptMapper - ok
13:49:54.0049 0x12fc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:49:54.0059 0x12fc  RpcLocator - ok
13:49:54.0079 0x12fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:49:54.0089 0x12fc  RpcSs - ok
13:49:54.0099 0x12fc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:49:54.0109 0x12fc  rspndr - ok
13:49:54.0109 0x12fc  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs           C:\Windows\system32\lsass.exe
13:49:54.0119 0x12fc  SamSs - ok
13:49:54.0119 0x12fc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:49:54.0139 0x12fc  sbp2port - ok
13:49:54.0149 0x12fc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:49:54.0169 0x12fc  SCardSvr - ok
13:49:54.0169 0x12fc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:49:54.0179 0x12fc  scfilter - ok
13:49:54.0209 0x12fc  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
13:49:54.0249 0x12fc  Schedule - ok
13:49:54.0259 0x12fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:49:54.0259 0x12fc  SCPolicySvc - ok
13:49:54.0269 0x12fc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:49:54.0289 0x12fc  SDRSVC - ok
13:49:54.0299 0x12fc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:49:54.0309 0x12fc  secdrv - ok
13:49:54.0309 0x12fc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:49:54.0329 0x12fc  seclogon - ok
13:49:54.0329 0x12fc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:49:54.0339 0x12fc  SENS - ok
13:49:54.0349 0x12fc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:49:54.0359 0x12fc  SensrSvc - ok
13:49:54.0369 0x12fc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:49:54.0379 0x12fc  Serenum - ok
13:49:54.0379 0x12fc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:49:54.0399 0x12fc  Serial - ok
13:49:54.0399 0x12fc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:49:54.0409 0x12fc  sermouse - ok
13:49:54.0419 0x12fc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:49:54.0439 0x12fc  SessionEnv - ok
13:49:54.0439 0x12fc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:49:54.0449 0x12fc  sffdisk - ok
13:49:54.0449 0x12fc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:49:54.0459 0x12fc  sffp_mmc - ok
13:49:54.0459 0x12fc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:49:54.0469 0x12fc  sffp_sd - ok
13:49:54.0479 0x12fc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:49:54.0479 0x12fc  sfloppy - ok
13:49:54.0499 0x12fc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:49:54.0529 0x12fc  SharedAccess - ok
13:49:54.0539 0x12fc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:49:54.0559 0x12fc  ShellHWDetection - ok
13:49:54.0569 0x12fc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:49:54.0579 0x12fc  SiSRaid2 - ok
13:49:54.0579 0x12fc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:49:54.0589 0x12fc  SiSRaid4 - ok
13:49:54.0609 0x12fc  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:49:54.0619 0x12fc  SkypeUpdate - ok
13:49:54.0629 0x12fc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:49:54.0639 0x12fc  Smb - ok
13:49:54.0649 0x12fc  [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
13:49:54.0679 0x12fc  SmbDrvI - ok
13:49:54.0679 0x12fc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:49:54.0689 0x12fc  SNMPTRAP - ok
13:49:54.0699 0x12fc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:49:54.0699 0x12fc  spldr - ok
13:49:54.0719 0x12fc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:49:54.0749 0x12fc  Spooler - ok
13:49:54.0829 0x12fc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:49:54.0919 0x12fc  sppsvc - ok
13:49:54.0939 0x12fc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:49:54.0949 0x12fc  sppuinotify - ok
13:49:54.0959 0x12fc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:49:54.0979 0x12fc  srv - ok
13:49:54.0999 0x12fc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:49:55.0019 0x12fc  srv2 - ok
13:49:55.0029 0x12fc  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:49:55.0049 0x12fc  SrvHsfHDA - ok
13:49:55.0099 0x12fc  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:49:55.0139 0x12fc  SrvHsfV92 - ok
13:49:55.0169 0x12fc  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:49:55.0189 0x12fc  SrvHsfWinac - ok
13:49:55.0199 0x12fc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:49:55.0219 0x12fc  srvnet - ok
13:49:55.0229 0x12fc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:49:55.0239 0x12fc  SSDPSRV - ok
13:49:55.0249 0x12fc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:49:55.0259 0x12fc  SstpSvc - ok
13:49:55.0289 0x12fc  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:49:55.0309 0x12fc  Steam Client Service - ok
13:49:55.0319 0x12fc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:49:55.0371 0x12fc  stexstor - ok
13:49:55.0389 0x12fc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:49:55.0411 0x12fc  stisvc - ok
13:49:55.0421 0x12fc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:49:55.0431 0x12fc  swenum - ok
13:49:55.0441 0x12fc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:49:55.0471 0x12fc  swprv - ok
13:49:55.0491 0x12fc  [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:49:55.0531 0x12fc  SynTP - ok
13:49:55.0581 0x12fc  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
13:49:55.0631 0x12fc  SysMain - ok
13:49:55.0641 0x12fc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:49:55.0661 0x12fc  TabletInputService - ok
13:49:55.0671 0x12fc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:49:55.0691 0x12fc  TapiSrv - ok
13:49:55.0691 0x12fc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:49:55.0701 0x12fc  TBS - ok
13:49:55.0943 0x1374  Object send P2P result: true
13:49:55.0943 0x1374  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
13:49:55.0973 0x12fc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:49:56.0285 0x12fc  Tcpip - ok
13:49:56.0457 0x12fc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:49:56.0497 0x12fc  TCPIP6 - ok
13:49:56.0527 0x12fc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:49:56.0559 0x12fc  tcpipreg - ok
13:49:56.0579 0x12fc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:49:56.0609 0x12fc  TDPIPE - ok
13:49:56.0629 0x12fc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:49:56.0659 0x12fc  TDTCP - ok
13:49:56.0689 0x12fc  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:49:56.0729 0x12fc  tdx - ok
13:49:56.0759 0x12fc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:49:56.0779 0x12fc  TermDD - ok
13:49:56.0899 0x12fc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
13:49:56.0929 0x12fc  TermService - ok
13:49:56.0939 0x12fc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:49:56.0949 0x12fc  Themes - ok
13:49:56.0959 0x12fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:49:56.0959 0x12fc  THREADORDER - ok
13:49:56.0969 0x12fc  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
13:49:56.0969 0x12fc  TPM - ok
13:49:56.0979 0x12fc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:49:56.0989 0x12fc  TrkWks - ok
13:49:56.0999 0x12fc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:49:57.0009 0x12fc  TrustedInstaller - ok
13:49:57.0019 0x12fc  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:49:57.0029 0x12fc  tssecsrv - ok
13:49:57.0029 0x12fc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:49:57.0039 0x12fc  TsUsbFlt - ok
13:49:57.0049 0x12fc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:49:57.0059 0x12fc  TsUsbGD - ok
13:49:57.0069 0x12fc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:49:57.0079 0x12fc  tunnel - ok
13:49:57.0079 0x12fc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:49:57.0089 0x12fc  uagp35 - ok
13:49:57.0099 0x12fc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:49:57.0119 0x12fc  udfs - ok
13:49:57.0129 0x12fc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:49:57.0139 0x12fc  UI0Detect - ok
13:49:57.0149 0x12fc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:49:57.0149 0x12fc  uliagpkx - ok
13:49:57.0159 0x12fc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:49:57.0173 0x12fc  umbus - ok
13:49:57.0178 0x12fc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:49:57.0186 0x12fc  UmPass - ok
13:49:57.0238 0x12fc  [ 86DEAC5CED845D55C63B125E0908685E, E9AC1AFFEEB657F16E3F2115C53B919FD43C917B1EDE97AFA0E18C02A8ACB2DD ] UNS             C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
13:49:57.0281 0x12fc  UNS - ok
13:49:57.0291 0x12fc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:49:57.0321 0x12fc  upnphost - ok
13:49:57.0321 0x12fc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:49:57.0331 0x12fc  usbaudio - ok
13:49:57.0341 0x12fc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:49:57.0361 0x12fc  usbccgp - ok
13:49:57.0371 0x12fc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:49:57.0381 0x12fc  usbcir - ok
13:49:57.0381 0x12fc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:49:57.0391 0x12fc  usbehci - ok
13:49:57.0401 0x12fc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:49:57.0421 0x12fc  usbhub - ok
13:49:57.0431 0x12fc  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:49:57.0431 0x12fc  usbohci - ok
13:49:57.0441 0x12fc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:49:57.0441 0x12fc  usbprint - ok
13:49:57.0451 0x12fc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:49:57.0471 0x12fc  USBSTOR - ok
13:49:57.0481 0x12fc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:49:57.0481 0x12fc  usbuhci - ok
13:49:57.0491 0x12fc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:49:57.0511 0x12fc  usbvideo - ok
13:49:57.0511 0x12fc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:49:57.0521 0x12fc  UxSms - ok
13:49:57.0521 0x12fc  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc        C:\Windows\system32\lsass.exe
13:49:57.0531 0x12fc  VaultSvc - ok
13:49:57.0531 0x12fc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:49:57.0541 0x12fc  vdrvroot - ok
13:49:57.0561 0x12fc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:49:57.0581 0x12fc  vds - ok
13:49:57.0581 0x12fc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:49:57.0591 0x12fc  vga - ok
13:49:57.0601 0x12fc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:49:57.0601 0x12fc  VgaSave - ok
13:49:57.0611 0x12fc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:49:57.0631 0x12fc  vhdmp - ok
13:49:57.0631 0x12fc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:49:57.0641 0x12fc  viaide - ok
13:49:57.0641 0x12fc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:49:57.0651 0x12fc  volmgr - ok
13:49:57.0661 0x12fc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:49:57.0671 0x12fc  volmgrx - ok
13:49:57.0691 0x12fc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:49:57.0701 0x12fc  volsnap - ok
13:49:57.0711 0x12fc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:49:57.0721 0x12fc  vsmraid - ok
13:49:57.0771 0x12fc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:49:57.0822 0x12fc  VSS - ok
13:49:57.0831 0x12fc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:49:57.0839 0x12fc  vwifibus - ok
13:49:57.0845 0x12fc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:49:57.0855 0x12fc  vwififlt - ok
13:49:57.0863 0x12fc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:49:57.0883 0x12fc  W32Time - ok
13:49:57.0893 0x12fc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:49:57.0903 0x12fc  WacomPen - ok
13:49:57.0903 0x12fc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:49:57.0913 0x12fc  WANARP - ok
13:49:57.0923 0x12fc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:49:57.0923 0x12fc  Wanarpv6 - ok
13:49:57.0963 0x12fc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:49:58.0003 0x12fc  wbengine - ok
13:49:58.0013 0x12fc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:49:58.0033 0x12fc  WbioSrvc - ok
13:49:58.0053 0x12fc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:49:58.0073 0x12fc  wcncsvc - ok
13:49:58.0073 0x12fc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:49:58.0093 0x12fc  WcsPlugInService - ok
13:49:58.0093 0x12fc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:49:58.0103 0x12fc  Wd - ok
13:49:58.0131 0x12fc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:49:58.0155 0x12fc  Wdf01000 - ok
13:49:58.0165 0x12fc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:49:58.0175 0x12fc  WdiServiceHost - ok
13:49:58.0185 0x12fc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:49:58.0185 0x12fc  WdiSystemHost - ok
13:49:58.0195 0x12fc  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
13:49:58.0222 0x12fc  WebClient - ok
13:49:58.0233 0x12fc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:49:58.0256 0x12fc  Wecsvc - ok
13:49:58.0263 0x12fc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:49:58.0277 0x12fc  wercplsupport - ok
13:49:58.0283 0x12fc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:49:58.0298 0x12fc  WerSvc - ok
13:49:58.0304 0x12fc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:49:58.0310 0x12fc  WfpLwf - ok
13:49:58.0314 0x12fc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:49:58.0321 0x12fc  WIMMount - ok
13:49:58.0325 0x12fc  WinDefend - ok
13:49:58.0327 0x12fc  WinHttpAutoProxySvc - ok
13:49:58.0347 0x12fc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:49:58.0357 0x12fc  Winmgmt - ok
13:49:58.0417 0x12fc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
13:49:58.0479 0x12fc  WinRM - ok
13:49:58.0489 0x12fc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:49:58.0510 0x1374  Object send P2P result: true
13:49:58.0510 0x1374  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
13:49:58.0526 0x12fc  WinUsb - ok
13:49:58.0553 0x12fc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:49:58.0597 0x12fc  Wlansvc - ok
13:49:58.0651 0x12fc  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:49:58.0750 0x12fc  wlidsvc - ok
13:49:58.0776 0x12fc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:49:58.0784 0x12fc  WmiAcpi - ok
13:49:58.0815 0x12fc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:49:58.0865 0x12fc  wmiApSrv - ok
13:49:58.0875 0x12fc  WMPNetworkSvc - ok
13:49:58.0905 0x12fc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:49:58.0935 0x12fc  WPCSvc - ok
13:49:58.0965 0x12fc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:49:59.0005 0x12fc  WPDBusEnum - ok
13:49:59.0025 0x12fc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:49:59.0045 0x12fc  ws2ifsl - ok
13:49:59.0055 0x12fc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
13:49:59.0065 0x12fc  wscsvc - ok
13:49:59.0075 0x12fc  WSearch - ok
13:49:59.0138 0x12fc  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:49:59.0198 0x12fc  wuauserv - ok
13:49:59.0209 0x12fc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:49:59.0219 0x12fc  WudfPf - ok
13:49:59.0228 0x12fc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:49:59.0241 0x12fc  WUDFRd - ok
13:49:59.0248 0x12fc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:49:59.0259 0x12fc  wudfsvc - ok
13:49:59.0269 0x12fc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:49:59.0289 0x12fc  WwanSvc - ok
13:49:59.0289 0x12fc  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
13:49:59.0309 0x12fc  xusb21 - ok
13:49:59.0309 0x12fc  ================ Scan global ===============================
13:49:59.0319 0x12fc  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
13:49:59.0339 0x12fc  [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:49:59.0379 0x12fc  [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:49:59.0389 0x12fc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:49:59.0409 0x12fc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:49:59.0438 0x12fc  [ Global ] - ok
13:49:59.0438 0x12fc  ================ Scan MBR ==================================
13:49:59.0441 0x12fc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:49:59.0501 0x12fc  \Device\Harddisk0\DR0 - ok
13:49:59.0501 0x12fc  ================ Scan VBR ==================================
13:49:59.0511 0x12fc  [ C0EC9A950FE4861ECAA06A82E97868A7 ] \Device\Harddisk0\DR0\Partition1
13:49:59.0511 0x12fc  \Device\Harddisk0\DR0\Partition1 - ok
13:49:59.0511 0x12fc  [ 8D56DAEC90BB7EF0FE642186CD6A4C45 ] \Device\Harddisk0\DR0\Partition2
13:49:59.0511 0x12fc  \Device\Harddisk0\DR0\Partition2 - ok
13:49:59.0511 0x12fc  ================ Scan generic autorun ======================
13:49:59.0511 0x12fc  SynTPEnh - ok
13:49:59.0551 0x12fc  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
13:49:59.0581 0x12fc  MSC - ok
13:49:59.0779 0x12fc  [ 0C971FB9C511505E16D5E8A1340FD37E, 46B14D1EE5C9CBCAEFC8B952DCFFEC0F994D8897DDA8F0A53696615EC1149F88 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
13:49:59.0956 0x12fc  Energy Management - ok
13:50:00.0128 0x12fc  [ A0C651367C263C89212B3684977D8FBC, 2269C27E2A5509093733471D794E094EFCEBD8BFA7B0C0615B4C97AB9A0C9DD1 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
13:50:00.0261 0x12fc  EnergyUtility - ok
13:50:00.0287 0x12fc  [ 1A2B569E0D2598CB043DB830DD1468EE, D22C9E3FAAD8EAA11693A30C50FD38C4F264152C3AE29FF9FF00A32BDB051ACC ] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe
13:50:00.0291 0x12fc  picon - ok
13:50:00.0331 0x12fc  [ D83DCBE9F5C247438087D82B774A685E, 5542CACEA72E61D95CA629199F166CDF3214B9FEF700C83B1A8C615571BB0524 ] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe
13:50:00.0367 0x12fc  FingerPrintSoftware - ok
13:50:00.0377 0x12fc  [ B401E52C6E9FDEF1ACF89E43D806F9FA, 69EF697697562A6B280652B538FF3D34AE3AD17A51EB30712F824F238A9F34D5 ] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe
13:50:00.0464 0x12fc  FingerPrintSoftwareSplashScreen - ok
13:50:00.0472 0x12fc  [ 820D1184C0B9C426B71567DF3641DEE3, ABC8F4E1018ACD89F0473634DC38A25D864E577EB0F345E777E015AF02F70F89 ] C:\Windows\system32\igfxtray.exe
13:50:00.0478 0x12fc  IgfxTray - ok
13:50:00.0494 0x12fc  [ 09ED9D98114525A7F6913CDC4B14F5E9, AB0850698A3E3F53B96F3AA81E4981CEE336DC01FC5BB5AB0538F342CCFCE0FA ] C:\Windows\system32\hkcmd.exe
13:50:00.0504 0x12fc  HotKeysCmds - ok
13:50:00.0513 0x12fc  [ 764998FAC5233DA8E2A896799DB1A991, 2B1CA708A253A3F65BDC3B21924058C8A19EDF7255A6975BABF9B26B71FE5330 ] C:\Windows\system32\igfxpers.exe
13:50:00.0523 0x12fc  Persistence - ok
13:50:00.0553 0x12fc  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
13:50:00.0573 0x12fc  XboxStat - ok
13:50:00.0606 0x12fc  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:50:00.0630 0x12fc  Adobe ARM - ok
13:50:00.0644 0x12fc  [ 94B2521BBE8ED7ACED6EB4D697859C2C, 09DD4E8286A6E4A0CB5461C4E33994610879AE767548CFE17379AE83D0DF1F7A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:50:00.0725 0x12fc  StartCCC - ok
13:50:00.0787 0x12fc  [ 0B867A6BAB305C186AD57B6CEA53D981, 226DD3DEA47BA402CBADDC5AD6EE65254599582C9A0BDD1D502D109740B6690B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:50:01.0009 0x12fc  Avira SystrayStartTrigger - ok
13:50:01.0029 0x12fc  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
13:50:01.0049 0x12fc  avgnt - ok
13:50:01.0079 0x12fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:50:01.0079 0x1374  Object send P2P result: true
13:50:01.0079 0x1374  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
13:50:01.0146 0x12fc  Sidebar - ok
13:50:01.0153 0x12fc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:50:01.0165 0x12fc  mctadmin - ok
13:50:01.0194 0x12fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:50:01.0214 0x12fc  Sidebar - ok
13:50:01.0226 0x12fc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:50:01.0229 0x12fc  mctadmin - ok
13:50:01.0302 0x12fc  [ FF74D2A2E3A3615A765B5181DB18551D, C38F06705B4E3264ABA10317BF3DE6D022E9B9D5B3016B08121512E84880963C ] C:\00 Patrick\Steam\steam.exe
13:50:01.0366 0x12fc  Steam - ok
13:50:01.0376 0x12fc  Skype - ok
13:50:01.0378 0x12fc  Waiting for KSN requests completion. In queue: 304
13:50:02.0385 0x12fc  Waiting for KSN requests completion. In queue: 304
13:50:03.0385 0x12fc  Waiting for KSN requests completion. In queue: 304
13:50:03.0605 0x1374  Object send P2P result: true
13:50:04.0165 0x03d0  Object required for P2P: [ FF74D2A2E3A3615A765B5181DB18551D ] C:\00 Patrick\Steam\steam.exe
13:50:04.0387 0x12fc  Waiting for KSN requests completion. In queue: 1
13:50:05.0389 0x12fc  Waiting for KSN requests completion. In queue: 1
13:50:06.0389 0x12fc  Waiting for KSN requests completion. In queue: 1
13:50:06.0699 0x03d0  Object send P2P result: true
13:50:07.0499 0x12fc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
13:50:07.0499 0x12fc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
13:50:07.0509 0x12fc  Win FW state via NFP2: enabled ( trusted )
13:50:10.0049 0x12fc  ============================================================
13:50:10.0049 0x12fc  Scan finished
13:50:10.0049 0x12fc  ============================================================
13:50:10.0069 0x02f0  Detected object count: 0
13:50:10.0069 0x02f0  Actual detected object count: 0
13:51:22.0681 0x1200  ============================================================
13:51:22.0681 0x1200  Scan started
13:51:22.0681 0x1200  Mode: Manual; SigCheck; TDLFS; 
13:51:22.0681 0x1200  ============================================================
13:51:22.0681 0x1200  KSN ping started
13:51:28.0045 0x1200  KSN ping finished: true
13:51:28.0500 0x1200  ================ Scan system memory ========================
13:51:28.0500 0x1200  System memory - ok
13:51:28.0500 0x1200  ================ Scan services =============================
         
__________________

Alt 10.02.2016, 14:02   #4
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Code:
ATTFilter
13:51:28.0500 0x1200  ================ Scan services =============================
13:51:28.0547 0x1200  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:51:28.0629 0x1200  1394ohci - ok
13:51:28.0642 0x1200  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:51:28.0668 0x1200  ACPI - ok
13:51:28.0673 0x1200  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:51:28.0709 0x1200  AcpiPmi - ok
13:51:28.0716 0x1200  [ 92E9D1DEBDC9C6C367064EA403C68874, 8666A595BA2FBB4EAC66DE662B15143993A82033BF02C4DA0B8B3D7004286CDB ] ADMonitor       C:\Windows\system32\ADMonitor.exe
13:51:28.0776 0x1200  ADMonitor - detected UnsignedFile.Multi.Generic ( 1 )
13:51:28.0776 0x1200  Detect skipped due to KSN trusted
13:51:28.0776 0x1200  ADMonitor - ok
13:51:28.0783 0x1200  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:51:28.0798 0x1200  AdobeARMservice - ok
13:51:28.0828 0x1200  [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:51:28.0930 0x1200  AdobeFlashPlayerUpdateSvc - ok
13:51:28.0930 0x1200  Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
13:51:31.0441 0x1200  Object send P2P result: true
13:51:31.0461 0x1200  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:51:31.0491 0x1200  adp94xx - ok
13:51:31.0501 0x1200  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:51:31.0531 0x1200  adpahci - ok
13:51:31.0541 0x1200  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:51:31.0551 0x1200  adpu320 - ok
13:51:31.0568 0x1200  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:51:31.0583 0x1200  AeLookupSvc - ok
13:51:31.0603 0x1200  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
13:51:31.0643 0x1200  AFD - ok
13:51:31.0653 0x1200  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:51:31.0673 0x1200  agp440 - ok
13:51:31.0673 0x1200  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:51:31.0703 0x1200  ALG - ok
13:51:31.0703 0x1200  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:51:31.0723 0x1200  aliide - ok
13:51:31.0733 0x1200  [ F23C8B2011900E7D0F1940CA75975B90, D9E9907D8C71BE92D36FF1287F81D3C87CA3F2AC07229D2B53284473ED0B688A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:51:31.0775 0x1200  AMD External Events Utility - ok
13:51:31.0775 0x1200  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:51:31.0795 0x1200  amdide - ok
13:51:31.0795 0x1200  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:51:31.0815 0x1200  AmdK8 - ok
13:51:31.0998 0x1200  [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:51:32.0239 0x1200  amdkmdag - ok
13:51:32.0267 0x1200  [ 7FDAAE73445C2C9F8360AB45E22C03BE, 012825F5EC538CCB8A194BA8914D1DBCB283D5125C04B2B065909717CDCCA5BA ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:51:32.0291 0x1200  amdkmdap - ok
13:51:32.0296 0x1200  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:51:32.0313 0x1200  AmdPPM - ok
13:51:32.0319 0x1200  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:51:32.0329 0x1200  amdsata - ok
13:51:32.0339 0x1200  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:51:32.0359 0x1200  amdsbs - ok
13:51:32.0359 0x1200  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:51:32.0379 0x1200  amdxata - ok
13:51:32.0409 0x1200  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
13:51:32.0541 0x1200  AntiVirMailService - ok
13:51:32.0541 0x1200  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
13:51:38.0065 0x1200  Object send P2P result: true
13:51:38.0085 0x1200  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
13:51:38.0105 0x1200  AntiVirSchedulerService - ok
13:51:38.0105 0x1200  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
13:51:40.0615 0x1200  Object send P2P result: true
13:51:40.0635 0x1200  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
13:51:40.0655 0x1200  AntiVirService - ok
13:51:40.0655 0x1200  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
13:51:43.0139 0x1200  Object send P2P result: true
13:51:43.0179 0x1200  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
13:51:43.0311 0x1200  AntiVirWebService - ok
13:51:43.0311 0x1200  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
13:51:49.0187 0x1200  Object send P2P result: true
13:51:49.0197 0x1200  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
13:51:49.0227 0x1200  AppID - ok
13:51:49.0227 0x1200  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:51:49.0247 0x1200  AppIDSvc - ok
13:51:49.0247 0x1200  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
13:51:49.0277 0x1200  Appinfo - ok
13:51:49.0277 0x1200  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:51:49.0297 0x1200  arc - ok
13:51:49.0297 0x1200  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:51:49.0317 0x1200  arcsas - ok
13:51:49.0339 0x1200  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:51:49.0357 0x1200  aspnet_state - ok
13:51:49.0362 0x1200  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:51:49.0430 0x1200  AsyncMac - ok
13:51:49.0435 0x1200  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:51:49.0450 0x1200  atapi - ok
13:51:49.0632 0x1200  [ F9F4A7CC75C3101AD5A66FD035525CC3, 9D13EEA4EB7F3A8E97BC3BF874E6A6FD789CFDE0B6B29B649F86CBE6FAF68EA2 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:51:49.0826 0x1200  atikmdag - ok
13:51:49.0908 0x1200  [ 7FE1E7697D611E3638E237543D51B56A, 0F43CFF95EF4DC54E4E5BD78A9A8A06507490C28C465E51ED764F6C746122469 ] ATService       C:\Windows\system32\ATService.exe
13:51:49.0988 0x1200  ATService - ok
13:51:50.0017 0x1200  [ 599FDE158B87EB33538FB0CEA1A5813F, F1470CD94A778CCCFC3FC89AA3D0F9FF62BD151A8E94C1EE1102ECE76729B008 ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
13:51:50.0098 0x1200  ATSwpWDF - ok
13:51:50.0119 0x1200  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:51:50.0165 0x1200  AudioEndpointBuilder - ok
13:51:50.0185 0x1200  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:51:50.0217 0x1200  AudioSrv - ok
13:51:50.0219 0x1200  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:51:50.0272 0x1200  avgntflt - ok
13:51:50.0280 0x1200  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:51:50.0327 0x1200  avipbb - ok
13:51:50.0338 0x1200  [ DFF7C7E8DB2A8F520BF0550AAD17FF99, 350E4E41E3932B155C93A061B7209645969FD6EE597CF5BBF4BBF7AB0EBBB7FD ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:51:50.0360 0x1200  Avira.ServiceHost - ok
13:51:50.0361 0x1200  Object required for P2P: [ DFF7C7E8DB2A8F520BF0550AAD17FF99 ] Avira.ServiceHost
13:51:56.0167 0x1200  Object send P2P result: true
13:51:56.0177 0x1200  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:51:56.0187 0x1200  avkmgr - ok
13:51:56.0197 0x1200  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
13:51:56.0227 0x1200  avnetflt - ok
13:51:56.0237 0x1200  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:51:56.0267 0x1200  AxInstSV - ok
13:51:56.0287 0x1200  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:51:56.0317 0x1200  b06bdrv - ok
13:51:56.0327 0x1200  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:51:56.0347 0x1200  b57nd60a - ok
13:51:56.0357 0x1200  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:51:56.0387 0x1200  BDESVC - ok
13:51:56.0387 0x1200  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:51:56.0427 0x1200  Beep - ok
13:51:56.0447 0x1200  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:51:56.0486 0x1200  BFE - ok
13:51:56.0514 0x1200  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:51:56.0599 0x1200  BITS - ok
13:51:56.0609 0x1200  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:51:56.0619 0x1200  blbdrive - ok
13:51:56.0629 0x1200  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:51:56.0649 0x1200  bowser - ok
13:51:56.0659 0x1200  BRDriver64_1_3_3_E02B25FC - ok
13:51:56.0659 0x1200  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:51:56.0679 0x1200  BrFiltLo - ok
13:51:56.0679 0x1200  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:51:56.0699 0x1200  BrFiltUp - ok
13:51:56.0709 0x1200  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:51:56.0729 0x1200  Browser - ok
13:51:56.0739 0x1200  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:51:56.0769 0x1200  Brserid - ok
13:51:56.0779 0x1200  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:51:56.0799 0x1200  BrSerWdm - ok
13:51:56.0799 0x1200  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:51:56.0819 0x1200  BrUsbMdm - ok
13:51:56.0829 0x1200  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:51:56.0839 0x1200  BrUsbSer - ok
13:51:56.0849 0x1200  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:51:56.0869 0x1200  BthEnum - ok
13:51:56.0869 0x1200  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:51:56.0889 0x1200  BTHMODEM - ok
13:51:56.0899 0x1200  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:51:56.0919 0x1200  BthPan - ok
13:51:56.0939 0x1200  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:51:56.0970 0x1200  BTHPORT - ok
13:51:56.0977 0x1200  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:51:57.0011 0x1200  bthserv - ok
13:51:57.0011 0x1200  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:51:57.0037 0x1200  BTHUSB - ok
13:51:57.0044 0x1200  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:51:57.0073 0x1200  cdfs - ok
13:51:57.0083 0x1200  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:51:57.0115 0x1200  cdrom - ok
13:51:57.0115 0x1200  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:51:57.0155 0x1200  CertPropSvc - ok
13:51:57.0165 0x1200  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:51:57.0184 0x1200  circlass - ok
13:51:57.0197 0x1200  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
13:51:57.0217 0x1200  CLFS - ok
13:51:57.0227 0x1200  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:51:57.0237 0x1200  clr_optimization_v2.0.50727_32 - ok
13:51:57.0247 0x1200  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:51:57.0267 0x1200  clr_optimization_v2.0.50727_64 - ok
13:51:57.0287 0x1200  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:51:57.0307 0x1200  clr_optimization_v4.0.30319_32 - ok
13:51:57.0307 0x1200  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:51:57.0327 0x1200  clr_optimization_v4.0.30319_64 - ok
13:51:57.0340 0x1200  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:51:57.0356 0x1200  CmBatt - ok
13:51:57.0361 0x1200  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:51:57.0376 0x1200  cmdide - ok
13:51:57.0390 0x1200  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:51:57.0419 0x1200  CNG - ok
13:51:57.0419 0x1200  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:51:57.0442 0x1200  Compbatt - ok
13:51:57.0447 0x1200  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:51:57.0461 0x1200  CompositeBus - ok
13:51:57.0461 0x1200  COMSysApp - ok
13:51:57.0471 0x1200  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:51:57.0481 0x1200  crcdisk - ok
13:51:57.0491 0x1200  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:51:57.0532 0x1200  CryptSvc - ok
13:51:57.0538 0x1200  DAUpdaterSvc - ok
13:51:57.0545 0x1200  [ 881D881EA7B54BA294F01FD028F034BD, F79569D463C98374DEE491D0C6FD1D916E27CFB8B0529113B8229C9751DDBDD8 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
13:51:57.0566 0x1200  dc3d - ok
13:51:57.0583 0x1200  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:51:57.0634 0x1200  DcomLaunch - ok
13:51:57.0647 0x1200  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:51:57.0697 0x1200  defragsvc - ok
13:51:57.0705 0x1200  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:51:57.0744 0x1200  DfsC - ok
13:51:57.0757 0x1200  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:51:57.0800 0x1200  Dhcp - ok
13:51:57.0836 0x1200  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:51:57.0896 0x1200  DiagTrack - ok
13:51:57.0904 0x1200  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:51:57.0944 0x1200  discache - ok
13:51:57.0950 0x1200  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:51:57.0966 0x1200  Disk - ok
13:51:57.0976 0x1200  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:51:58.0006 0x1200  Dnscache - ok
13:51:58.0017 0x1200  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:51:58.0066 0x1200  dot3svc - ok
13:51:58.0075 0x1200  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:51:58.0113 0x1200  DPS - ok
13:51:58.0113 0x1200  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:51:58.0141 0x1200  drmkaud - ok
13:51:58.0148 0x1200  [ 369E422B4BB5641718D212F713E646D0, 72D0A3692FCE903A08ADB3F7D619D67ED063539131C39C63CAE250E0D2D4307B ] dtsvc           C:\Windows\system32\DTS.exe
13:51:58.0155 0x1200  dtsvc - detected UnsignedFile.Multi.Generic ( 1 )
13:51:58.0155 0x1200  Detect skipped due to KSN trusted
13:51:58.0155 0x1200  dtsvc - ok
13:51:58.0175 0x1200  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:51:58.0215 0x1200  DXGKrnl - ok
13:51:58.0235 0x1200  [ D608110ADB132E683360FCA0F6B2BB53, 99CD78973BB16B2CD37F5AA451876DB06E9DC1757F7B6BBA51241936C6E85EFE ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
13:51:58.0255 0x1200  e1yexpress - ok
13:51:58.0262 0x1200  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:51:58.0297 0x1200  EapHost - ok
13:51:58.0379 0x1200  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:51:58.0479 0x1200  ebdrv - ok
13:51:58.0491 0x1200  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS             C:\Windows\System32\lsass.exe
13:51:58.0511 0x1200  EFS - ok
13:51:58.0531 0x1200  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:51:58.0571 0x1200  ehRecvr - ok
13:51:58.0581 0x1200  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:51:58.0591 0x1200  ehSched - ok
13:51:58.0611 0x1200  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:51:58.0641 0x1200  elxstor - ok
13:51:58.0641 0x1200  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:51:58.0664 0x1200  ErrDev - ok
13:51:58.0680 0x1200  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:51:58.0723 0x1200  EventSystem - ok
13:51:58.0733 0x1200  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:51:58.0777 0x1200  exfat - ok
13:51:58.0786 0x1200  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:51:58.0825 0x1200  fastfat - ok
13:51:58.0846 0x1200  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:51:58.0883 0x1200  Fax - ok
13:51:58.0889 0x1200  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:51:58.0906 0x1200  fdc - ok
13:51:58.0910 0x1200  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:51:58.0937 0x1200  fdPHost - ok
13:51:58.0947 0x1200  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:51:58.0987 0x1200  FDResPub - ok
13:51:58.0987 0x1200  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:51:59.0008 0x1200  FileInfo - ok
13:51:59.0013 0x1200  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:51:59.0049 0x1200  Filetrace - ok
13:51:59.0049 0x1200  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:51:59.0071 0x1200  flpydisk - ok
13:51:59.0084 0x1200  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:51:59.0101 0x1200  FltMgr - ok
13:51:59.0136 0x1200  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
13:51:59.0183 0x1200  FontCache - ok
13:51:59.0193 0x1200  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:51:59.0203 0x1200  FontCache3.0.0.0 - ok
13:51:59.0203 0x1200  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:51:59.0227 0x1200  FsDepends - ok
13:51:59.0232 0x1200  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:51:59.0245 0x1200  Fs_Rec - ok
13:51:59.0255 0x1200  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:51:59.0275 0x1200  fvevol - ok
13:51:59.0275 0x1200  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:51:59.0295 0x1200  gagp30kx - ok
13:51:59.0315 0x1200  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:51:59.0375 0x1200  gpsvc - ok
13:51:59.0382 0x1200  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:51:59.0405 0x1200  hcw85cir - ok
13:51:59.0417 0x1200  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:51:59.0448 0x1200  HdAudAddService - ok
13:51:59.0458 0x1200  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:51:59.0478 0x1200  HDAudBus - ok
13:51:59.0488 0x1200  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:51:59.0498 0x1200  HidBatt - ok
13:51:59.0508 0x1200  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:51:59.0528 0x1200  HidBth - ok
13:51:59.0528 0x1200  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:51:59.0548 0x1200  HidIr - ok
13:51:59.0558 0x1200  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:51:59.0588 0x1200  hidserv - ok
13:51:59.0598 0x1200  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:51:59.0630 0x1200  HidUsb - ok
13:51:59.0630 0x1200  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:51:59.0670 0x1200  hkmsvc - ok
13:51:59.0680 0x1200  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:51:59.0711 0x1200  HomeGroupListener - ok
13:51:59.0712 0x1200  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:51:59.0732 0x1200  HomeGroupProvider - ok
13:51:59.0742 0x1200  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:51:59.0752 0x1200  HpSAMD - ok
13:51:59.0782 0x1200  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:51:59.0822 0x1200  HTTP - ok
13:51:59.0822 0x1200  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:51:59.0842 0x1200  hwpolicy - ok
13:51:59.0842 0x1200  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:51:59.0867 0x1200  i8042prt - ok
13:51:59.0883 0x1200  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:51:59.0904 0x1200  iaStorV - ok
13:51:59.0914 0x1200  [ 99B71816BA253098E8374E641CB2F886, E65CAD462722DF165FC51EA27617445D4B6E2F59B0A1454F9DF2EFD841EF130A ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
13:51:59.0944 0x1200  IBMPMDRV - ok
13:51:59.0951 0x1200  [ 833139BADAEEA68515DD877BC800C1DF, 581B1823185391978D417C4607BF7EF2A09A0622C2FC677A5183040C76636434 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
13:51:59.0966 0x1200  IBMPMSVC - ok
13:51:59.0986 0x1200  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:52:00.0016 0x1200  idsvc - ok
13:52:00.0026 0x1200  IEEtwCollectorService - ok
13:52:00.0281 0x1200  [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:52:00.0585 0x1200  igfx - ok
13:52:00.0614 0x1200  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:52:00.0630 0x1200  iirsp - ok
13:52:00.0653 0x1200  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:52:00.0697 0x1200  IKEEXT - ok
13:52:00.0706 0x1200  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:52:00.0720 0x1200  intelide - ok
13:52:00.0961 0x1200  [ 4EAA4261E1AD4B860657CADA790B9B38, BC4D7F207F1A7D67371169545D2C68D696EF69DF4C740F74D6ABFBE4B5CA48A6 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
13:52:01.0262 0x1200  intelkmd - ok
13:52:01.0292 0x1200  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:52:01.0319 0x1200  intelppm - ok
13:52:01.0327 0x1200  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:52:01.0372 0x1200  IPBusEnum - ok
13:52:01.0378 0x1200  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:52:01.0417 0x1200  IpFilterDriver - ok
13:52:01.0434 0x1200  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:52:01.0476 0x1200  iphlpsvc - ok
13:52:01.0483 0x1200  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:52:01.0506 0x1200  IPMIDRV - ok
13:52:01.0515 0x1200  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:52:01.0558 0x1200  IPNAT - ok
13:52:01.0562 0x1200  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:52:01.0587 0x1200  IRENUM - ok
13:52:01.0592 0x1200  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:52:01.0606 0x1200  isapnp - ok
13:52:01.0617 0x1200  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:52:01.0640 0x1200  iScsiPrt - ok
13:52:01.0645 0x1200  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:52:01.0662 0x1200  kbdclass - ok
13:52:01.0666 0x1200  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:52:01.0697 0x1200  kbdhid - ok
13:52:01.0702 0x1200  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso          C:\Windows\system32\lsass.exe
13:52:01.0722 0x1200  KeyIso - ok
13:52:01.0728 0x1200  [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:52:01.0744 0x1200  KSecDD - ok
13:52:01.0751 0x1200  [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:52:01.0769 0x1200  KSecPkg - ok
13:52:01.0773 0x1200  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:52:01.0813 0x1200  ksthunk - ok
13:52:01.0826 0x1200  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:52:01.0874 0x1200  KtmRm - ok
13:52:01.0885 0x1200  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:52:01.0934 0x1200  LanmanServer - ok
13:52:01.0940 0x1200  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:52:01.0982 0x1200  LanmanWorkstation - ok
13:52:01.0989 0x1200  [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi      C:\Windows\system32\DRIVERS\smiifx64.sys
13:52:02.0001 0x1200  lenovo.smi - ok
13:52:02.0008 0x1200  [ 606DA892A53FA863B67F8D3F8FF016A0, FB026285C07C8A77C1702698E40C2EA694B054C35C62E45C9A5C498BC94BAD49 ] LenovoRd        C:\Windows\system32\Drivers\LenovoRd.sys
13:52:02.0032 0x1200  LenovoRd - ok
13:52:02.0037 0x1200  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\Windows\system32\DRIVERS\LhdX64.sys
13:52:02.0052 0x1200  LHDmgr - ok
13:52:02.0058 0x1200  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:52:02.0099 0x1200  lltdio - ok
13:52:02.0110 0x1200  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:52:02.0160 0x1200  lltdsvc - ok
13:52:02.0165 0x1200  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:52:02.0209 0x1200  lmhosts - ok
13:52:02.0216 0x1200  [ 7F697D6EB3E47FBC7757229DAEE406B4, 9F2C5ED88ACFB16FD5D2B9372A17D322BD816A57C00FB0BD0835A27A25616F94 ] LMS             C:\Program Files (x86)\Intel\AMT\LMS.exe
13:52:02.0232 0x1200  LMS - ok
13:52:02.0241 0x1200  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:52:02.0257 0x1200  LSI_FC - ok
13:52:02.0264 0x1200  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:52:02.0282 0x1200  LSI_SAS - ok
13:52:02.0288 0x1200  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:52:02.0305 0x1200  LSI_SAS2 - ok
13:52:02.0311 0x1200  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:52:02.0329 0x1200  LSI_SCSI - ok
13:52:02.0336 0x1200  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:52:02.0378 0x1200  luafv - ok
13:52:02.0384 0x1200  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:52:02.0409 0x1200  Mcx2Svc - ok
13:52:02.0413 0x1200  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:52:02.0428 0x1200  megasas - ok
13:52:02.0439 0x1200  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:52:02.0460 0x1200  MegaSR - ok
13:52:02.0465 0x1200  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:52:02.0508 0x1200  MMCSS - ok
13:52:02.0513 0x1200  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:52:02.0553 0x1200  Modem - ok
13:52:02.0558 0x1200  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:52:02.0582 0x1200  monitor - ok
13:52:02.0587 0x1200  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:52:02.0603 0x1200  mouclass - ok
13:52:02.0608 0x1200  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:52:02.0643 0x1200  mouhid - ok
13:52:02.0649 0x1200  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:52:02.0666 0x1200  mountmgr - ok
13:52:02.0673 0x1200  [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:52:02.0736 0x1200  MozillaMaintenance - ok
13:52:02.0748 0x1200  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:52:02.0773 0x1200  MpFilter - ok
13:52:02.0781 0x1200  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:52:02.0800 0x1200  mpio - ok
13:52:02.0806 0x1200  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:52:02.0848 0x1200  mpsdrv - ok
13:52:02.0862 0x1200  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:52:02.0928 0x1200  MpsSvc - ok
13:52:02.0938 0x1200  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:52:02.0965 0x1200  MRxDAV - ok
13:52:02.0974 0x1200  [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:52:03.0014 0x1200  mrxsmb - ok
13:52:03.0024 0x1200  [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:52:03.0082 0x1200  mrxsmb10 - ok
13:52:03.0089 0x1200  [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:52:03.0124 0x1200  mrxsmb20 - ok
13:52:03.0128 0x1200  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:52:03.0144 0x1200  msahci - ok
13:52:03.0151 0x1200  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:52:03.0171 0x1200  msdsm - ok
13:52:03.0178 0x1200  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:52:03.0207 0x1200  MSDTC - ok
13:52:03.0215 0x1200  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:52:03.0259 0x1200  Msfs - ok
13:52:03.0263 0x1200  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:52:03.0299 0x1200  mshidkmdf - ok
13:52:03.0306 0x1200  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:52:03.0321 0x1200  msisadrv - ok
13:52:03.0329 0x1200  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:52:03.0366 0x1200  MSiSCSI - ok
13:52:03.0376 0x1200  msiserver - ok
13:52:03.0376 0x1200  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:52:03.0419 0x1200  MSKSSRV - ok
13:52:03.0424 0x1200  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:52:03.0440 0x1200  MsMpSvc - ok
13:52:03.0444 0x1200  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:52:03.0481 0x1200  MSPCLOCK - ok
13:52:03.0485 0x1200  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:52:03.0522 0x1200  MSPQM - ok
13:52:03.0534 0x1200  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:52:03.0558 0x1200  MsRPC - ok
13:52:03.0558 0x1200  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:52:03.0578 0x1200  mssmbios - ok
13:52:03.0578 0x1200  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:52:03.0618 0x1200  MSTEE - ok
13:52:03.0618 0x1200  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:52:03.0643 0x1200  MTConfig - ok
13:52:03.0648 0x1200  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:52:03.0660 0x1200  Mup - ok
13:52:03.0670 0x1200  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:52:03.0720 0x1200  napagent - ok
13:52:03.0740 0x1200  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:52:03.0762 0x1200  NativeWifiP - ok
13:52:03.0782 0x1200  [ 6D8FCDD5BB3B676EF58FA234073492C6, 07A69DD00E45C59CBB6FABFBD62FE897655970BE2D09997CF29D20241ED9AF13 ] NBService       C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
13:52:03.0822 0x1200  NBService - ok
13:52:03.0851 0x1200  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:52:03.0884 0x1200  NDIS - ok
13:52:03.0894 0x1200  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:52:03.0939 0x1200  NdisCap - ok
13:52:03.0943 0x1200  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:52:03.0980 0x1200  NdisTapi - ok
13:52:03.0985 0x1200  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:52:04.0021 0x1200  Ndisuio - ok
13:52:04.0029 0x1200  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:52:04.0066 0x1200  NdisWan - ok
13:52:04.0066 0x1200  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:52:04.0110 0x1200  NDProxy - ok
13:52:04.0115 0x1200  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:52:04.0152 0x1200  NetBIOS - ok
13:52:04.0161 0x1200  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:52:04.0198 0x1200  NetBT - ok
13:52:04.0198 0x1200  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon        C:\Windows\system32\lsass.exe
13:52:04.0222 0x1200  Netlogon - ok
13:52:04.0234 0x1200  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:52:04.0270 0x1200  Netman - ok
13:52:04.0280 0x1200  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0306 0x1200  NetMsmqActivator - ok
13:52:04.0313 0x1200  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0331 0x1200  NetPipeActivator - ok
13:52:04.0346 0x1200  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:52:04.0392 0x1200  netprofm - ok
13:52:04.0392 0x1200  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0419 0x1200  NetTcpActivator - ok
13:52:04.0426 0x1200  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:04.0444 0x1200  NetTcpPortSharing - ok
13:52:04.0602 0x1200  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
13:52:04.0808 0x1200  NETw5s64 - ok
13:52:04.0950 0x1200  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
13:52:05.0134 0x1200  netw5v64 - ok
13:52:05.0144 0x1200  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:52:05.0164 0x1200  nfrd960 - ok
13:52:05.0174 0x1200  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:52:05.0193 0x1200  NisDrv - ok
13:52:05.0205 0x1200  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:52:05.0226 0x1200  NisSrv - ok
13:52:05.0236 0x1200  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:52:05.0274 0x1200  NlaSvc - ok
13:52:05.0287 0x1200  [ E584D6668E6A3923FF32E026A5ED2A03, 5DB5BE3410989AD92B2B4F48C363659D93E808A81411CE0DFA28098D2EA19DE3 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
13:52:05.0298 0x1200  NMIndexingService - ok
13:52:05.0308 0x1200  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:52:05.0348 0x1200  Npfs - ok
13:52:05.0348 0x1200  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:52:05.0390 0x1200  nsi - ok
13:52:05.0395 0x1200  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:52:05.0432 0x1200  nsiproxy - ok
13:52:05.0470 0x1200  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:52:05.0532 0x1200  Ntfs - ok
13:52:05.0539 0x1200  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:52:05.0578 0x1200  Null - ok
13:52:05.0586 0x1200  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:52:05.0603 0x1200  nvraid - ok
13:52:05.0612 0x1200  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:52:05.0629 0x1200  nvstor - ok
13:52:05.0636 0x1200  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:52:05.0653 0x1200  nv_agp - ok
13:52:05.0659 0x1200  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:52:05.0676 0x1200  ohci1394 - ok
13:52:05.0682 0x1200  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:52:05.0712 0x1200  p2pimsvc - ok
13:52:05.0732 0x1200  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:52:05.0752 0x1200  p2psvc - ok
13:52:05.0762 0x1200  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:52:05.0782 0x1200  Parport - ok
13:52:05.0792 0x1200  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:52:05.0802 0x1200  partmgr - ok
13:52:05.0812 0x1200  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:52:05.0842 0x1200  PcaSvc - ok
13:52:05.0852 0x1200  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:52:05.0862 0x1200  pci - ok
13:52:05.0876 0x1200  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:52:05.0890 0x1200  pciide - ok
13:52:05.0899 0x1200  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:52:05.0920 0x1200  pcmcia - ok
13:52:05.0925 0x1200  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:52:05.0941 0x1200  pcw - ok
13:52:05.0961 0x1200  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:52:05.0999 0x1200  PEAUTH - ok
13:52:06.0027 0x1200  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:52:06.0054 0x1200  PerfHost - ok
13:52:06.0094 0x1200  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:52:06.0166 0x1200  pla - ok
13:52:06.0189 0x1200  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:52:06.0218 0x1200  PlugPlay - ok
13:52:06.0218 0x1200  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:52:06.0238 0x1200  PNRPAutoReg - ok
13:52:06.0248 0x1200  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:52:06.0268 0x1200  PNRPsvc - ok
13:52:06.0288 0x1200  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:52:06.0338 0x1200  PolicyAgent - ok
13:52:06.0348 0x1200  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:52:06.0394 0x1200  Power - ok
13:52:06.0402 0x1200  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:52:06.0430 0x1200  PptpMiniport - ok
13:52:06.0440 0x1200  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:52:06.0460 0x1200  Processor - ok
13:52:06.0470 0x1200  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:52:06.0492 0x1200  ProfSvc - ok
13:52:06.0492 0x1200  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:52:06.0512 0x1200  ProtectedStorage - ok
13:52:06.0512 0x1200  [ C2C5F5D150605FD14FA2ABDE88DB2020, 1AE35D1FB3C48EC725013F840F7FEC09D2511D9FAE0D6902CF5BF52447A18857 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
13:52:06.0532 0x1200  psadd - ok
13:52:06.0532 0x1200  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:52:06.0572 0x1200  Psched - ok
13:52:06.0615 0x1200  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:52:06.0664 0x1200  ql2300 - ok
13:52:06.0681 0x1200  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:52:06.0696 0x1200  ql40xx - ok
13:52:06.0706 0x1200  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:52:06.0726 0x1200  QWAVE - ok
13:52:06.0736 0x1200  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:52:06.0756 0x1200  QWAVEdrv - ok
13:52:06.0756 0x1200  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:52:06.0796 0x1200  RasAcd - ok
13:52:06.0806 0x1200  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:52:06.0847 0x1200  RasAgileVpn - ok
13:52:06.0853 0x1200  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:52:06.0888 0x1200  RasAuto - ok
13:52:06.0898 0x1200  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:52:06.0936 0x1200  Rasl2tp - ok
13:52:06.0948 0x1200  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:52:06.0990 0x1200  RasMan - ok
13:52:06.0990 0x1200  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:52:07.0036 0x1200  RasPppoe - ok
13:52:07.0042 0x1200  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:52:07.0072 0x1200  RasSstp - ok
13:52:07.0082 0x1200  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:52:07.0124 0x1200  rdbss - ok
13:52:07.0134 0x1200  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:52:07.0154 0x1200  rdpbus - ok
13:52:07.0154 0x1200  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:52:07.0194 0x1200  RDPCDD - ok
13:52:07.0194 0x1200  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:52:07.0237 0x1200  RDPENCDD - ok
13:52:07.0242 0x1200  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:52:07.0276 0x1200  RDPREFMP - ok
13:52:07.0286 0x1200  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:52:07.0308 0x1200  RdpVideoMiniport - ok
13:52:07.0318 0x1200  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:52:07.0338 0x1200  RDPWD - ok
13:52:07.0348 0x1200  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:52:07.0368 0x1200  rdyboost - ok
13:52:07.0368 0x1200  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:52:07.0416 0x1200  RemoteAccess - ok
13:52:07.0424 0x1200  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:52:07.0466 0x1200  RemoteRegistry - ok
13:52:07.0474 0x1200  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:52:07.0496 0x1200  RFCOMM - ok
13:52:07.0503 0x1200  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:52:07.0540 0x1200  RpcEptMapper - ok
13:52:07.0544 0x1200  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:52:07.0562 0x1200  RpcLocator - ok
13:52:07.0570 0x1200  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:52:07.0620 0x1200  RpcSs - ok
13:52:07.0630 0x1200  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:52:07.0668 0x1200  rspndr - ok
13:52:07.0673 0x1200  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs           C:\Windows\system32\lsass.exe
13:52:07.0690 0x1200  SamSs - ok
13:52:07.0696 0x1200  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:52:07.0712 0x1200  sbp2port - ok
13:52:07.0722 0x1200  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:52:07.0762 0x1200  SCardSvr - ok
13:52:07.0767 0x1200  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:52:07.0802 0x1200  scfilter - ok
13:52:07.0830 0x1200  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
13:52:07.0874 0x1200  Schedule - ok
13:52:07.0888 0x1200  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:52:07.0929 0x1200  SCPolicySvc - ok
13:52:07.0938 0x1200  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:52:07.0972 0x1200  SDRSVC - ok
13:52:07.0978 0x1200  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:52:08.0003 0x1200  secdrv - ok
13:52:08.0006 0x1200  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:52:08.0046 0x1200  seclogon - ok
13:52:08.0051 0x1200  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:52:08.0088 0x1200  SENS - ok
13:52:08.0088 0x1200  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:52:08.0121 0x1200  SensrSvc - ok
13:52:08.0126 0x1200  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:52:08.0146 0x1200  Serenum - ok
13:52:08.0152 0x1200  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:52:08.0176 0x1200  Serial - ok
13:52:08.0181 0x1200  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:52:08.0203 0x1200  sermouse - ok
13:52:08.0210 0x1200  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:52:08.0250 0x1200  SessionEnv - ok
13:52:08.0250 0x1200  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:52:08.0275 0x1200  sffdisk - ok
13:52:08.0279 0x1200  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:52:08.0292 0x1200  sffp_mmc - ok
13:52:08.0302 0x1200  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:52:08.0322 0x1200  sffp_sd - ok
13:52:08.0322 0x1200  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:52:08.0342 0x1200  sfloppy - ok
13:52:08.0359 0x1200  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:52:08.0394 0x1200  SharedAccess - ok
13:52:08.0414 0x1200  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:52:08.0461 0x1200  ShellHWDetection - ok
13:52:08.0467 0x1200  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:52:08.0482 0x1200  SiSRaid2 - ok
13:52:08.0488 0x1200  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:52:08.0503 0x1200  SiSRaid4 - ok
13:52:08.0514 0x1200  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:52:08.0536 0x1200  SkypeUpdate - ok
13:52:08.0536 0x1200  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:52:08.0576 0x1200  Smb - ok
13:52:08.0586 0x1200  [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
13:52:08.0619 0x1200  SmbDrvI - ok
13:52:08.0627 0x1200  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:52:08.0645 0x1200  SNMPTRAP - ok
13:52:08.0648 0x1200  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:52:08.0658 0x1200  spldr - ok
13:52:08.0678 0x1200  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:52:08.0708 0x1200  Spooler - ok
13:52:08.0798 0x1200  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:52:08.0932 0x1200  sppsvc - ok
13:52:08.0946 0x1200  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:52:08.0984 0x1200  sppuinotify - ok
13:52:08.0999 0x1200  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:52:09.0022 0x1200  srv - ok
13:52:09.0042 0x1200  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:52:09.0072 0x1200  srv2 - ok
13:52:09.0082 0x1200  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:52:09.0102 0x1200  SrvHsfHDA - ok
13:52:09.0142 0x1200  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:52:09.0200 0x1200  SrvHsfV92 - ok
13:52:09.0223 0x1200  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:52:09.0257 0x1200  SrvHsfWinac - ok
13:52:09.0264 0x1200  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:52:09.0284 0x1200  srvnet - ok
13:52:09.0294 0x1200  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:52:09.0334 0x1200  SSDPSRV - ok
13:52:09.0344 0x1200  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:52:09.0382 0x1200  SstpSvc - ok
13:52:09.0403 0x1200  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:52:09.0434 0x1200  Steam Client Service - ok
13:52:09.0441 0x1200  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:52:09.0456 0x1200  stexstor - ok
13:52:09.0474 0x1200  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:52:09.0509 0x1200  stisvc - ok
13:52:09.0514 0x1200  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:52:09.0528 0x1200  swenum - ok
13:52:09.0544 0x1200  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:52:09.0593 0x1200  swprv - ok
13:52:09.0606 0x1200  [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:52:09.0646 0x1200  SynTP - ok
13:52:09.0696 0x1200  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
13:52:09.0762 0x1200  SysMain - ok
13:52:09.0768 0x1200  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:52:09.0788 0x1200  TabletInputService - ok
13:52:09.0798 0x1200  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:52:09.0848 0x1200  TapiSrv - ok
13:52:09.0848 0x1200  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:52:09.0894 0x1200  TBS - ok
13:52:09.0940 0x1200  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:52:10.0001 0x1200  Tcpip - ok
13:52:10.0052 0x1200  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:52:10.0107 0x1200  TCPIP6 - ok
13:52:10.0118 0x1200  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:52:10.0135 0x1200  tcpipreg - ok
13:52:10.0141 0x1200  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:52:10.0162 0x1200  TDPIPE - ok
13:52:10.0164 0x1200  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:52:10.0184 0x1200  TDTCP - ok
13:52:10.0184 0x1200  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:52:10.0214 0x1200  tdx - ok
13:52:10.0224 0x1200  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:52:10.0234 0x1200  TermDD - ok
13:52:10.0254 0x1200  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
13:52:10.0294 0x1200  TermService - ok
13:52:10.0304 0x1200  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:52:10.0354 0x1200  Themes - ok
13:52:10.0364 0x1200  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:52:10.0394 0x1200  THREADORDER - ok
13:52:10.0404 0x1200  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
13:52:10.0422 0x1200  TPM - ok
13:52:10.0429 0x1200  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:52:10.0466 0x1200  TrkWks - ok
13:52:10.0476 0x1200  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:52:10.0515 0x1200  TrustedInstaller - ok
13:52:10.0522 0x1200  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:52:10.0538 0x1200  tssecsrv - ok
13:52:10.0548 0x1200  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:52:10.0568 0x1200  TsUsbFlt - ok
13:52:10.0568 0x1200  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:52:10.0588 0x1200  TsUsbGD - ok
13:52:10.0598 0x1200  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:52:10.0628 0x1200  tunnel - ok
13:52:10.0638 0x1200  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:52:10.0659 0x1200  uagp35 - ok
13:52:10.0670 0x1200  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:52:10.0710 0x1200  udfs - ok
13:52:10.0720 0x1200  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:52:10.0743 0x1200  UI0Detect - ok
13:52:10.0748 0x1200  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:52:10.0762 0x1200  uliagpkx - ok
13:52:10.0762 0x1200  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:52:10.0782 0x1200  umbus - ok
13:52:10.0782 0x1200  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:52:10.0802 0x1200  UmPass - ok
13:52:10.0855 0x1200  [ 86DEAC5CED845D55C63B125E0908685E, E9AC1AFFEEB657F16E3F2115C53B919FD43C917B1EDE97AFA0E18C02A8ACB2DD ] UNS             C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
13:52:10.0917 0x1200  UNS - ok
13:52:10.0936 0x1200  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:52:10.0976 0x1200  upnphost - ok
13:52:10.0986 0x1200  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:52:11.0011 0x1200  usbaudio - ok
13:52:11.0017 0x1200  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:52:11.0048 0x1200  usbccgp - ok
13:52:11.0048 0x1200  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:52:11.0068 0x1200  usbcir - ok
13:52:11.0078 0x1200  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:52:11.0098 0x1200  usbehci - ok
13:52:11.0114 0x1200  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:52:11.0130 0x1200  usbhub - ok
13:52:11.0140 0x1200  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:52:11.0150 0x1200  usbohci - ok
13:52:11.0160 0x1200  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:52:11.0180 0x1200  usbprint - ok
13:52:11.0180 0x1200  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:52:11.0221 0x1200  USBSTOR - ok
13:52:11.0226 0x1200  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:52:11.0242 0x1200  usbuhci - ok
13:52:11.0242 0x1200  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:52:11.0262 0x1200  usbvideo - ok
13:52:11.0272 0x1200  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:52:11.0313 0x1200  UxSms - ok
13:52:11.0319 0x1200  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc        C:\Windows\system32\lsass.exe
13:52:11.0334 0x1200  VaultSvc - ok
13:52:11.0339 0x1200  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:52:11.0344 0x1200  vdrvroot - ok
13:52:11.0364 0x1200  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:52:11.0414 0x1200  vds - ok
13:52:11.0424 0x1200  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:52:11.0443 0x1200  vga - ok
13:52:11.0447 0x1200  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:52:11.0476 0x1200  VgaSave - ok
13:52:11.0486 0x1200  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:52:11.0513 0x1200  vhdmp - ok
13:52:11.0518 0x1200  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:52:11.0533 0x1200  viaide - ok
13:52:11.0539 0x1200  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:52:11.0556 0x1200  volmgr - ok
13:52:11.0569 0x1200  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:52:11.0591 0x1200  volmgrx - ok
13:52:11.0603 0x1200  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:52:11.0623 0x1200  volsnap - ok
13:52:11.0632 0x1200  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:52:11.0649 0x1200  vsmraid - ok
13:52:11.0691 0x1200  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:52:11.0767 0x1200  VSS - ok
13:52:11.0776 0x1200  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:52:11.0795 0x1200  vwifibus - ok
13:52:11.0800 0x1200  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:52:11.0820 0x1200  vwififlt - ok
13:52:11.0830 0x1200  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:52:11.0880 0x1200  W32Time - ok
13:52:11.0880 0x1200  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:52:11.0906 0x1200  WacomPen - ok
13:52:11.0912 0x1200  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:52:11.0942 0x1200  WANARP - ok
13:52:11.0952 0x1200  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:52:11.0989 0x1200  Wanarpv6 - ok
13:52:12.0024 0x1200  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:52:12.0086 0x1200  wbengine - ok
13:52:12.0098 0x1200  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:52:12.0116 0x1200  WbioSrvc - ok
13:52:12.0136 0x1200  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:52:12.0166 0x1200  wcncsvc - ok
13:52:12.0166 0x1200  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:52:12.0186 0x1200  WcsPlugInService - ok
13:52:12.0196 0x1200  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:52:12.0206 0x1200  Wd - ok
13:52:12.0226 0x1200  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:52:12.0266 0x1200  Wdf01000 - ok
13:52:12.0276 0x1200  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:52:12.0301 0x1200  WdiServiceHost - ok
13:52:12.0307 0x1200  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:52:12.0324 0x1200  WdiSystemHost - ok
13:52:12.0328 0x1200  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
13:52:12.0358 0x1200  WebClient - ok
13:52:12.0368 0x1200  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:52:12.0408 0x1200  Wecsvc - ok
13:52:12.0418 0x1200  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:52:12.0458 0x1200  wercplsupport - ok
13:52:12.0464 0x1200  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:52:12.0506 0x1200  WerSvc - ok
13:52:12.0511 0x1200  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:52:12.0540 0x1200  WfpLwf - ok
13:52:12.0550 0x1200  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:52:12.0566 0x1200  WIMMount - ok
13:52:12.0569 0x1200  WinDefend - ok
13:52:12.0576 0x1200  WinHttpAutoProxySvc - ok
13:52:12.0591 0x1200  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:52:12.0632 0x1200  Winmgmt - ok
13:52:12.0682 0x1200  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
13:52:12.0759 0x1200  WinRM - ok
13:52:12.0772 0x1200  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:52:12.0801 0x1200  WinUsb - ok
13:52:12.0826 0x1200  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:52:12.0868 0x1200  Wlansvc - ok
13:52:12.0924 0x1200  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:52:13.0002 0x1200  wlidsvc - ok
13:52:13.0013 0x1200  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:52:13.0032 0x1200  WmiAcpi - ok
13:52:13.0043 0x1200  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:52:13.0056 0x1200  wmiApSrv - ok
13:52:13.0066 0x1200  WMPNetworkSvc - ok
13:52:13.0076 0x1200  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:52:13.0103 0x1200  WPCSvc - ok
13:52:13.0110 0x1200  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:52:13.0144 0x1200  WPDBusEnum - ok
13:52:13.0149 0x1200  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:52:13.0188 0x1200  ws2ifsl - ok
13:52:13.0195 0x1200  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
13:52:13.0221 0x1200  wscsvc - ok
13:52:13.0224 0x1200  WSearch - ok
13:52:13.0290 0x1200  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:52:13.0387 0x1200  wuauserv - ok
13:52:13.0399 0x1200  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:52:13.0423 0x1200  WudfPf - ok
13:52:13.0433 0x1200  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:52:13.0459 0x1200  WUDFRd - ok
13:52:13.0466 0x1200  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:52:13.0492 0x1200  wudfsvc - ok
13:52:13.0502 0x1200  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:52:13.0535 0x1200  WwanSvc - ok
13:52:13.0543 0x1200  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
13:52:13.0557 0x1200  xusb21 - ok
13:52:13.0563 0x1200  ================ Scan global ===============================
13:52:13.0568 0x1200  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
13:52:13.0578 0x1200  [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:52:13.0592 0x1200  [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
13:52:13.0602 0x1200  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:52:13.0615 0x1200  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:52:13.0624 0x1200  [ Global ] - ok
13:52:13.0624 0x1200  ================ Scan MBR ==================================
13:52:13.0627 0x1200  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:52:13.0709 0x1200  \Device\Harddisk0\DR0 - ok
13:52:13.0710 0x1200  ================ Scan VBR ==================================
13:52:13.0712 0x1200  [ C0EC9A950FE4861ECAA06A82E97868A7 ] \Device\Harddisk0\DR0\Partition1
13:52:13.0714 0x1200  \Device\Harddisk0\DR0\Partition1 - ok
13:52:13.0717 0x1200  [ 8D56DAEC90BB7EF0FE642186CD6A4C45 ] \Device\Harddisk0\DR0\Partition2
13:52:13.0718 0x1200  \Device\Harddisk0\DR0\Partition2 - ok
13:52:13.0718 0x1200  ================ Scan generic autorun ======================
13:52:13.0719 0x1200  SynTPEnh - ok
13:52:13.0754 0x1200  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
13:52:13.0899 0x1200  MSC - ok
13:52:14.0107 0x1200  [ 0C971FB9C511505E16D5E8A1340FD37E, 46B14D1EE5C9CBCAEFC8B952DCFFEC0F994D8897DDA8F0A53696615EC1149F88 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
13:52:14.0329 0x1200  Energy Management - ok
13:52:14.0492 0x1200  [ A0C651367C263C89212B3684977D8FBC, 2269C27E2A5509093733471D794E094EFCEBD8BFA7B0C0615B4C97AB9A0C9DD1 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
13:52:14.0661 0x1200  EnergyUtility - ok
13:52:14.0678 0x1200  [ 1A2B569E0D2598CB043DB830DD1468EE, D22C9E3FAAD8EAA11693A30C50FD38C4F264152C3AE29FF9FF00A32BDB051ACC ] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe
13:52:14.0691 0x1200  picon - ok
13:52:14.0724 0x1200  [ D83DCBE9F5C247438087D82B774A685E, 5542CACEA72E61D95CA629199F166CDF3214B9FEF700C83B1A8C615571BB0524 ] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe
13:52:14.0774 0x1200  FingerPrintSoftware - ok
13:52:14.0791 0x1200  [ B401E52C6E9FDEF1ACF89E43D806F9FA, 69EF697697562A6B280652B538FF3D34AE3AD17A51EB30712F824F238A9F34D5 ] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe
13:52:14.0866 0x1200  FingerPrintSoftwareSplashScreen - detected UnsignedFile.Multi.Generic ( 1 )
13:52:14.0866 0x1200  Detect skipped due to KSN trusted
13:52:14.0866 0x1200  FingerPrintSoftwareSplashScreen - ok
13:52:14.0882 0x1200  [ 820D1184C0B9C426B71567DF3641DEE3, ABC8F4E1018ACD89F0473634DC38A25D864E577EB0F345E777E015AF02F70F89 ] C:\Windows\system32\igfxtray.exe
13:52:14.0898 0x1200  IgfxTray - ok
13:52:14.0909 0x1200  [ 09ED9D98114525A7F6913CDC4B14F5E9, AB0850698A3E3F53B96F3AA81E4981CEE336DC01FC5BB5AB0538F342CCFCE0FA ] C:\Windows\system32\hkcmd.exe
13:52:14.0931 0x1200  HotKeysCmds - ok
13:52:14.0945 0x1200  [ 764998FAC5233DA8E2A896799DB1A991, 2B1CA708A253A3F65BDC3B21924058C8A19EDF7255A6975BABF9B26B71FE5330 ] C:\Windows\system32\igfxpers.exe
13:52:14.0958 0x1200  Persistence - ok
13:52:14.0988 0x1200  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
13:52:15.0018 0x1200  XboxStat - ok
13:52:15.0050 0x1200  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:52:15.0080 0x1200  Adobe ARM - ok
13:52:15.0090 0x1200  [ 94B2521BBE8ED7ACED6EB4D697859C2C, 09DD4E8286A6E4A0CB5461C4E33994610879AE767548CFE17379AE83D0DF1F7A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:52:15.0162 0x1200  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
13:52:15.0162 0x1200  Detect skipped due to KSN trusted
13:52:15.0162 0x1200  StartCCC - ok
13:52:15.0162 0x1200  [ 0B867A6BAB305C186AD57B6CEA53D981, 226DD3DEA47BA402CBADDC5AD6EE65254599582C9A0BDD1D502D109740B6690B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:52:15.0237 0x1200  Avira SystrayStartTrigger - ok
13:52:15.0254 0x1200  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
13:52:15.0296 0x1200  avgnt - ok
13:52:15.0331 0x1200  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:52:15.0376 0x1200  Sidebar - ok
13:52:15.0386 0x1200  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:52:15.0436 0x1200  mctadmin - ok
13:52:15.0466 0x1200  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:52:15.0513 0x1200  Sidebar - ok
13:52:15.0518 0x1200  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:52:15.0538 0x1200  mctadmin - ok
13:52:15.0613 0x1200  [ FF74D2A2E3A3615A765B5181DB18551D, C38F06705B4E3264ABA10317BF3DE6D022E9B9D5B3016B08121512E84880963C ] C:\00 Patrick\Steam\steam.exe
13:52:15.0697 0x1200  Steam - ok
13:52:15.0702 0x1200  Object required for P2P: [ FF74D2A2E3A3615A765B5181DB18551D ] C:\00 Patrick\Steam\steam.exe
13:52:18.0284 0x1200  Object send P2P result: true
13:52:18.0294 0x1200  Skype - ok
13:52:18.0344 0x1200  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
13:52:18.0344 0x1200  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
13:52:18.0354 0x1200  Win FW state via NFP2: enabled ( trusted )
13:52:20.0758 0x1200  ============================================================
13:52:20.0758 0x1200  Scan finished
13:52:20.0758 0x1200  ============================================================
13:52:20.0758 0x0c64  Detected object count: 0
13:52:20.0758 0x0c64  Actual detected object count: 0
         

Alt 11.02.2016, 10:42   #5
M-K-D-B
/// TB-Ausbilder
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Servus,




Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\l e n o v o_T400\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.






Mehrere Anti-Virus-Programme

Code:
ATTFilter
Microsoft Security Essentials
Avira
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Außerdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Programme deinstallieren.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Meine Empfehlung: Avira deinstallieren





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.02.2016, 12:56   #6
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.11.02
  rootkit: v2016.02.08.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18163
l e n o v o_T400 :: LENOVO_T400-PC [administrator]

11.02.2016 12:43:20
mbar-log-2016-02-11 (12-43-20).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 337495
Time elapsed: 10 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 11.02.2016, 16:33   #7
M-K-D-B
/// TB-Ausbilder
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Servus,



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.02.2016, 17:11   #8
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Habe Avira entfernt und Microsoft Essentials Security vor dem scan deaktiviert.

Code:
ATTFilter
ComboFix 16-02-09.01 - l e n o v o_T400 11.02.2016  17:02:04.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.1990.635 [GMT 1:00]
ausgeführt von:: c:\users\l e n o v o_T400\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\Install.exe
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2016-01-11 bis 2016-02-11  ))))))))))))))))))))))))))))))
.
.
2016-02-11 16:06 . 2016-02-11 16:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-02-11 11:43 . 2016-02-11 11:43	--------	d-----w-	c:\programdata\Malwarebytes
2016-02-11 11:43 . 2016-02-11 11:55	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2016-02-11 11:43 . 2016-02-11 11:43	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-11 11:42 . 2016-02-11 11:42	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2016-02-09 12:46 . 2016-02-11 12:48	--------	d-----w-	c:\program files (x86)\Avira
2016-02-09 12:26 . 2016-02-09 13:03	--------	d-----w-	C:\FRST
2016-02-09 12:18 . 2015-10-27 10:57	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30A00661-E773-4E5F-BA7F-D03BE85744EF}\gapaengine.dll
2016-02-09 12:17 . 2015-11-25 11:02	11154520	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{321F9E55-8FE4-42E0-829E-C418498C77A3}\mpengine.dll
2016-02-01 07:26 . 2015-11-25 11:02	11154520	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-01 07:26 . 2015-12-08 21:53	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2016-02-01 07:26 . 2015-12-08 19:07	879104	----a-w-	c:\windows\system32\advapi32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-11 11:39 . 2015-10-23 14:41	796864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-02-11 11:39 . 2015-10-23 14:41	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-01 07:25 . 2015-10-26 17:03	143671360	----a-w-	c:\windows\system32\MRT.exe
2015-12-30 18:37 . 2016-02-09 12:40	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-12-09 03:39 . 2010-11-21 03:27	301728	------w-	c:\windows\system32\MpSigStub.exe
2015-11-20 18:54 . 2015-12-09 09:07	37888	----a-w-	c:\windows\system32\wups2.dll
2015-11-20 18:54 . 2015-12-09 09:07	3170304	----a-w-	c:\windows\system32\wucltux.dll
2015-11-20 18:54 . 2015-12-09 09:07	2609152	----a-w-	c:\windows\system32\wuaueng.dll
2015-11-20 18:54 . 2015-12-09 09:07	192512	----a-w-	c:\windows\system32\wuwebv.dll
2015-11-20 18:54 . 2015-12-09 09:06	98816	----a-w-	c:\windows\system32\wudriver.dll
2015-11-20 18:54 . 2015-12-09 09:06	36864	----a-w-	c:\windows\system32\wups.dll
2015-11-20 18:54 . 2015-12-09 09:07	709632	----a-w-	c:\windows\system32\wuapi.dll
2015-11-20 18:54 . 2015-12-09 09:07	91136	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-11-20 18:54 . 2015-12-09 09:06	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:54 . 2015-12-09 09:06	37888	----a-w-	c:\windows\system32\wuapp.exe
2015-11-20 18:54 . 2015-12-09 09:06	140288	----a-w-	c:\windows\system32\wuauclt.exe
2015-11-20 18:34 . 2015-12-09 09:07	93696	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-11-20 18:34 . 2015-12-09 09:07	174080	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-11-20 18:34 . 2015-12-09 09:06	30208	----a-w-	c:\windows\SysWow64\wups.dll
2015-11-20 18:34 . 2015-12-09 09:07	573440	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-11-20 18:33 . 2015-12-09 09:06	35328	----a-w-	c:\windows\SysWow64\wuapp.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\00 patrick\Steam\steam.exe" [2016-02-04 3014224]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-02-02 50599552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-05-04 98304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe;c:\windows\SYSNATIVE\ADMonitor.exe [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\00 patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe;c:\00 patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\ATService.exe;c:\windows\SYSNATIVE\ATService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe;c:\windows\SYSNATIVE\DTS.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe;c:\program files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys;c:\windows\SYSNATIVE\Drivers\LenovoRd.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2016-02-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-23 11:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"FingerPrintSoftwareSplashScreen"="c:\program files\Lenovo Fingerprint Software\SplashScreen.exe \s" [X]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-30 1337000]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2015-10-27 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2015-10-27 6200368]
"picon"="c:\program files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe" [2010-02-04 111640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Steam - c:\program files (x86)\Steam\uninstall.exe
AddRemove-Steam App 212680 - c:\program files (x86)\Steam\steam.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-116035449-3229059048-4235389283-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-02-11  17:10:13
ComboFix-quarantined-files.txt  2016-02-11 16:10
.
Vor Suchlauf: 13 Verzeichnis(se), 190.670.233.600 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 191.730.208.768 Bytes frei
.
- - End Of File - - 23D2541671E36683706AB31B625F7701
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 11.02.2016, 20:58   #9
M-K-D-B
/// TB-Ausbilder
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Servus,



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 12.02.2016, 09:24   #10
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Code:
ATTFilter
# AdwCleaner v5.033 - Bericht erstellt am 12/02/2016 um 09:05:17
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : l e n o v o_T400 - LENOVO_T400-PC
# Gestartet von : C:\Users\l e n o v o_T400\Desktop\AdwCleaner_5.033.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1123 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12.02.2016
Suchlaufzeit: 09:10
Protokolldatei: MBAM log.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.12.01
Rootkit-Datenbank: v2016.02.08.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: l e n o v o_T400

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 348565
Abgelaufene Zeit: 4 Min., 47 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64 
Ran by l e n o v o_T400 (Administrator) on 12.02.2016 at  9:19:13,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 12 

Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\272HOOO6 (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\510WQFC2 (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JQRTWVB (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8NAT2G7B (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HUPLR7DC (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HXQ7PGK0 (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HZM8OS6J (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8W4DCN5 (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9NSJL1B (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QYBC7LTX (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TI6TWYF0 (Folder) 
Successfully deleted: C:\Users\l e n o v o_T400\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YD1Z3PJQ (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.02.2016 at  9:21:03,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (Administrator) auf LENOVO_T400-PC (12-02-2016 09:22:18)
Gestartet von C:\Users\l e n o v o_T400\Desktop
Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Windows\System32\DTS.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-10-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-10-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2011-05-31] (AuthenTec, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-05-04] (Advanced Micro Devices, Inc.)
Winlogon\Notify\ATFUS: 
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Steam] => C:\00 Patrick\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{48B1B533-B784-4602-A55F-94991A35C471}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A37D0D6C-8B78-429F-B0B0-32A3CA0E4DDB}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

FireFox:
========
FF ProfilePath: C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-116035449-3229059048-4235389283-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: Avira Browser Safety - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\abs@avira.com.xpi [2016-02-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-11-25]
FF Extension: Adblock Plus - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-28]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2011-05-31] () [Datei ist nicht signiert]
R2 ATService; C:\Windows\system32\ATService.exe [2715976 2011-05-31] (AuthenTec, Inc.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2011-05-31] () [Datei ist nicht signiert]
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-12 09:21 - 2016-02-12 09:21 - 00002210 _____ C:\Users\l e n o v o_T400\Desktop\JRT.txt
2016-02-12 09:18 - 2016-02-12 09:18 - 00001213 _____ C:\Users\l e n o v o_T400\Desktop\MBAM log.txt
2016-02-12 09:09 - 2016-02-12 09:09 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-02-12 09:09 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-12 09:09 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-12 09:05 - 2016-02-12 09:05 - 00001202 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner[C1].txt
2016-02-12 09:01 - 2016-02-12 09:08 - 00000000 ____D C:\AdwCleaner
2016-02-12 08:59 - 2016-02-12 08:59 - 22908888 _____ (Malwarebytes ) C:\Users\l e n o v o_T400\Desktop\mbam-setup-2.2.0.1024.exe
2016-02-12 08:59 - 2016-02-12 08:59 - 01609032 _____ (Malwarebytes) C:\Users\l e n o v o_T400\Desktop\JRT.exe
2016-02-12 08:59 - 2016-02-12 08:59 - 01508352 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner_5.033.exe
2016-02-11 17:10 - 2016-02-11 17:10 - 00016844 _____ C:\ComboFix.txt
2016-02-11 17:00 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-02-11 17:00 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-02-11 17:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-02-11 16:53 - 2016-02-11 17:10 - 00000000 ____D C:\Qoobox
2016-02-11 16:53 - 2016-02-11 17:08 - 00000000 ____D C:\Windows\erdnt
2016-02-11 16:52 - 2016-02-11 16:52 - 05657611 ____R (Swearware) C:\Users\l e n o v o_T400\Desktop\ComboFix.exe
2016-02-11 12:43 - 2016-02-12 09:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-11 12:43 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-11 12:43 - 2016-02-11 12:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-11 12:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-11 12:41 - 2016-02-11 12:55 - 00000000 ____D C:\Users\l e n o v o_T400\Desktop\mbar
2016-02-11 12:39 - 2016-02-11 12:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\l e n o v o_T400\Desktop\mbar-1.09.3.1001.exe
2016-02-10 13:49 - 2016-02-10 13:52 - 00412762 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.31_log.txt
2016-02-10 13:49 - 2016-02-10 13:49 - 00000490 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.16_log.txt
2016-02-10 13:46 - 2016-02-10 13:48 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\l e n o v o_T400\Desktop\tdsskiller.exe
2016-02-09 14:02 - 2016-02-09 14:03 - 00031972 _____ C:\Users\l e n o v o_T400\Desktop\Addition.txt
2016-02-09 13:54 - 2016-02-12 09:22 - 00010784 _____ C:\Users\l e n o v o_T400\Desktop\FRST.txt
2016-02-09 13:47 - 2016-02-09 13:47 - 00003094 _____ C:\Windows\System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954}
2016-02-09 13:46 - 2016-02-11 13:48 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-09 13:40 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 13:40 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 13:40 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 13:40 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 13:40 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-09 13:40 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 13:40 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 13:40 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 13:40 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 13:40 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 13:40 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 13:40 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 13:40 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 13:40 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-09 13:40 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-09 13:40 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-09 13:40 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-09 13:40 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-09 13:40 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-09 13:40 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 13:40 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 13:40 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 13:40 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-09 13:40 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 13:40 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 13:40 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 13:40 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 13:40 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 13:40 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-09 13:40 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-09 13:40 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-09 13:40 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-09 13:40 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 13:40 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-02-09 13:40 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-02-09 13:26 - 2016-02-12 09:22 - 00000000 ____D C:\FRST
2016-02-09 13:25 - 2016-02-09 13:25 - 02370560 _____ (Farbar) C:\Users\l e n o v o_T400\Desktop\FRST64.exe
2016-02-09 13:16 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 13:16 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-09 13:16 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 13:16 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 13:16 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 13:16 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 13:16 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 13:16 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 13:16 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 13:16 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 13:16 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 13:16 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 13:16 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 13:16 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 13:16 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 13:16 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 13:16 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 13:16 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 13:16 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-09 13:16 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 13:16 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 13:16 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-09 13:16 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-09 13:16 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-09 13:16 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 13:16 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-09 13:16 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-09 13:16 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-09 13:16 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-09 13:16 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-09 13:16 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-09 13:16 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-09 13:16 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 13:16 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 13:16 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 13:16 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 13:16 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 13:16 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-09 13:16 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 13:16 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-09 13:16 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-09 13:16 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-09 13:16 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-09 13:16 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-09 13:16 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-09 13:16 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 13:16 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-09 13:16 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-09 13:16 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-09 13:16 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-09 13:16 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-09 13:16 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 13:16 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 13:16 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-09 13:16 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-09 13:16 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-09 13:16 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 13:16 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-02-09 13:16 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-02-09 13:16 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-02-09 13:16 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-02-09 13:16 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-02-09 13:16 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-02-09 13:16 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-02-09 13:16 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-02-09 13:16 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-02-09 13:16 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-02-09 13:16 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-02-09 13:16 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-02-09 13:16 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-02-09 13:16 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-02-09 13:16 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 13:16 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-02-09 13:16 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-02-09 13:16 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-02-01 08:26 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-01 08:26 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-12 09:14 - 2011-04-12 08:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2016-02-12 09:14 - 2011-04-12 08:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2016-02-12 09:14 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-12 09:14 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-12 09:14 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-12 09:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-12 09:07 - 2015-10-23 15:42 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Skype
2016-02-12 09:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-12 08:56 - 2015-10-23 15:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-11 17:39 - 2015-10-23 15:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-11 17:39 - 2015-10-23 15:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-11 17:39 - 2015-10-23 15:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-11 17:08 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-02-11 13:50 - 2015-10-23 15:42 - 00000000 ____D C:\ProgramData\Skype
2016-02-11 12:41 - 2015-11-10 01:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-10 13:42 - 2009-07-14 05:45 - 00294656 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 13:40 - 2015-10-27 11:15 - 00000000 ____D C:\Program Files\Lenovo
2016-02-09 14:16 - 2015-11-10 01:08 - 00000000 ____D C:\ProgramData\Origin
2016-02-09 14:14 - 2015-11-25 12:58 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\DVDVideoSoft
2016-02-09 14:14 - 2015-10-29 20:49 - 00000000 ____D C:\00 Patrick
2016-02-09 13:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Local\Ubisoft Game Launcher
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-01 08:29 - 2015-10-26 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-01 08:28 - 2015-10-26 18:04 - 00000000 ____D C:\Windows\system32\MRT
2016-02-01 08:25 - 2015-10-26 18:03 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-23 15:52 - 2015-10-23 15:52 - 0000116 _____ () C:\ProgramData\CameraRecorder.ini

Einige Dateien in TEMP:
====================
C:\Users\l e n o v o_T400\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-30 19:36

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-12 09:22:41)
Gestartet von C:\Users\l e n o v o_T400\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-23 14:02:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-116035449-3229059048-4235389283-500 - Administrator - Disabled)
Gast (S-1-5-21-116035449-3229059048-4235389283-501 - Limited - Disabled)
l e n o v o_T400 (S-1-5-21-116035449-3229059048-4235389283-1000 - Administrator - Enabled) => C:\Users\l e n o v o_T400

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Anomaly 2 (HKLM-x32\...\Steam App 236730) (Version:  - 11 bit studios)
ATI Catalyst Install Manager (HKLM\...\{9B0EAC89-4331-A96E-C7D3-754192589BEE}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5.2-120504a-138564C-Lenovo - ATI Technologies, Inc.)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
ccc-core-static (x32 Version: 2012.0504.2334.40448 - Ihr Firmenname) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
Final Dusk (HKLM-x32\...\Steam App 337420) (Version:  - Light Echo)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{8046A32C-88A7-45DA-B6D7-B6191E261031}) (Version: 7.03.0546 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Outland (HKLM-x32\...\Steam App 305050) (Version:  - Housemarque)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YGOPro DevPro Launcher (HKLM-x32\...\{8D09DD74-E630-4629-80DC-7FB13AE58F3F}) (Version: 2.0.10 - DevPro, LLC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05BDF317-F1BE-410E-857D-889F43E3BD0D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {0D483666-BD0C-48D5-82F4-F930ECA9F05A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated)
Task: {241079DB-C103-4A4D-B21A-E852011677E3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F3152822-05F2-45DA-ADF8-76BDFCFADDD4} - System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/de/go/help.faq.installer?LastError=1618

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-05-31 06:29 - 2011-05-31 06:29 - 00117760 _____ () C:\Windows\system32\DTS.exe
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-11 17:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\l e n o v o_T400\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9F1B72D5-FC54-41E7-8C64-6D0D8C94717F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2F963EB-9CBC-4793-8399-CF2EE3B5341C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA40F968-1239-47BA-9910-BF1EDE28CC3A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{012F6B68-D295-41AB-9A17-FA6EE5CE7F47}] => (Allow) LPort=2869
FirewallRules: [{EBC949E9-EB04-4131-8C3D-5802F68F5AD9}] => (Allow) LPort=1900
FirewallRules: [{AFCB54A4-6BEF-4376-8FBE-9B0FFEAC7DBE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{07563221-6C4E-4FF2-B720-E1CC00950509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D375C97-D8A4-4EBC-A9EA-739A8C9E69AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{72868D83-C4A2-4AC2-820D-5C033836562B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{009CFA44-D550-4669-8351-2A9B9EB49FCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06BC55BF-52A5-4334-A46A-ECF2D8F45D15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{78C8E05C-7516-40B0-BCC5-AB8B7790310E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B3987217-92BF-4D1F-800D-981B2BCF9A6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6B2A6036-4605-4FFF-A7B2-8DF6B0D0601C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{FD0891A4-ADEA-4B5C-956F-F5A8EECBF98D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{79A90932-5DA3-431B-BA14-08DF350C623C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{CDB297EE-9D1A-4A73-8275-07A9C5D239F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{1F89DABE-467B-4F4F-9EBD-3B85DDB67C7A}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [{91A1A7F1-BC69-4960-AF4F-F4D1B59AB939}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [TCP Query User{913DF891-DD3E-46FA-B821-48A854141B7A}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [UDP Query User{79A11FC0-BECD-4855-AD7D-F362FBFBFB24}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [{C437FD31-D94B-4F8C-8C0F-804D02293745}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{974E794F-EE7C-4CAE-B173-18BF7E4431B9}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{FEBB9783-D452-4575-AF84-443D98B8DDC1}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{A2214476-9994-4910-87F9-B61A14A59635}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{35C0DF2D-3043-4479-9DFD-CED810814F87}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{FD4FA76C-9825-4DEF-BC4D-69A4A1821DE6}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{CFA718F6-8366-46F5-AB2B-1E5A2AA916FF}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7229F608-EC44-4384-B92E-07552E506BD9}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [{1401E6C4-615B-49F4-B599-6A8A7349DDEE}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BCE41C79-C138-4F01-8C8A-6C5D313806A6}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C4C6EFE2-A3D3-4D6C-A6DF-B13FD962BA2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C7D6879E-88CE-4F75-B9BD-4AB85C7D801A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7137B81-01C5-4B4A-866C-6C5E91C22509}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C283972A-8B8E-4402-BAE7-68FF00C3C6D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE13F4A3-9CEB-4909-B1D5-4228652301F6}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{C108768B-7704-4065-BF85-737ADBF5F18E}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF79A33D-134D-40B0-AEC0-841F6BDF1526}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037598EA-7072-4F8D-B418-23C8DDABAA0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C5D6C5-9E1B-428B-979C-AE3345DEAA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{64684FDC-2FAE-458F-89E6-6727F3471D63}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D7D4382D-8DE1-4C4D-8134-67F6C9858A01}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{7BB0AEC7-369E-42E5-9144-EC4C9CFBD70C}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{28292762-161E-4710-A38D-B48039438495}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{6601F52C-B9B4-4B07-A9C8-206B18D44202}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{20EC68C0-8861-4CEC-90E3-8743A749D309}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{CC60C3B7-C76E-4F04-9861-F0E45CC0C7E8}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [TCP Query User{813447D1-9988-4423-A07D-2A48C84814A9}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8113568B-25A4-42B4-81B0-2B3D358B6902}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{86918A03-D4F5-482F-8D07-00E54E47C593}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{50CD02A8-AEB8-4985-BD21-9EEA1F4CF886}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{177B25B5-080B-4475-AC38-36A5A236FD86}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{594EABC2-428A-4755-81FB-AED0DA33E3EB}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3B4AD008-7737-4088-A141-21CED53840A3}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{F25D5FC4-06A9-4A95-B334-BA7C00F556F0}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{DFAB99F8-9F93-438E-9D29-4D0FCDC5C5DF}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{5459E706-1BA5-4BEA-803E-58DDDA775F97}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{CD933E24-9EA9-4C0D-BC71-B56D00719B66}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{BFBDDC45-2DCD-4520-846B-8C802178B568}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{5BE08BEE-291E-41E4-BCF5-1948A3C4EA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{84CCB198-5B74-4126-9DD2-09B8E4E40AC7}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe

==================== Wiederherstellungspunkte =========================

09-02-2016 15:37:40 Windows Update
11-02-2016 12:39:33 Removed Avira Browser Safety
12-02-2016 09:19:14 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/12/2016 09:08:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2016 08:58:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2016 04:52:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2016 01:50:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/11/2016 12:36:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/10/2016 01:42:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/10/2016 01:41:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2016 01:14:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2016 10:52:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/01/2016 08:24:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (02/12/2016 09:22:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:20:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:18:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:16:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:14:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:12:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:10:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:08:37 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/12/2016 09:06:28 AM) (Source: TPM) (EventID: 15) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.

Error: (02/12/2016 09:06:28 AM) (Source: TPM) (EventID: 2) (User: )
Description: Fehler des TPM-Selbsttestbefehls.


CodeIntegrity:
===================================
  Date: 2016-02-11 17:06:24.119
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-02-11 17:06:24.081
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 1990.02 MB
Verfügbarer physikalischer RAM: 630.27 MB
Summe virtueller Speicher: 4976.02 MB
Verfügbarer virtueller Speicher: 3230.57 MB

==================== Laufwerke ================================

Drive c: (Windows 7 SSD) (Fixed) (Total:238.37 GB) (Free:178.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5DE8806A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 12.02.2016, 21:59   #11
M-K-D-B
/// TB-Ausbilder
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 13.02.2016, 11:17   #12
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Ich drücke bei HitManPro auf Logdatei speichern aber es passiert nichts.

Momentan hab ich eine Auslastung von 50% obwohl nur Firefox mit diesem Fenster hier und Skype offen sind, was mir etwas hoch vorkommt. Oder ist das bei Laptops vielleicht sogar normal?

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-13 08:11:35) Run:1
Gestartet von C:\Users\l e n o v o_T400\Desktop
Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
     
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowCpl => Wert erfolgreich entfernt
"HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 468.2 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 08:11:52 ====
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f2a0e54a12fe924dbad4f81b1f8cf039
# end=init
# utc_time=2016-02-13 07:28:14
# local_time=2016-02-13 08:28:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28108
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f2a0e54a12fe924dbad4f81b1f8cf039
# end=updated
# utc_time=2016-02-13 07:31:26
# local_time=2016-02-13 08:31:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f2a0e54a12fe924dbad4f81b1f8cf039
# engine=28108
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-13 08:01:02
# local_time=2016-02-13 09:01:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 9407637 149531672 0 0
# scanned=192356
# found=0
# cleaned=0
# scan_time=1776
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (Administrator) auf LENOVO_T400-PC (13-02-2016 11:03:15)
Gestartet von C:\Users\l e n o v o_T400\Desktop
Geladene Profile: l e n o v o_T400 (Verfügbare Profile: l e n o v o_T400)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Windows\System32\DTS.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Valve Corporation) C:\00 Patrick\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) C:\00 Patrick\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(SurfRight B.V.) C:\Users\l e n o v o_T400\Desktop\HitmanPro_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-10-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-10-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582920 2011-05-31] (AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2011-05-31] (AuthenTec, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2012-05-04] (Advanced Micro Devices, Inc.)
Winlogon\Notify\ATFUS: 
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Steam] => C:\00 Patrick\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{48B1B533-B784-4602-A55F-94991A35C471}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{A37D0D6C-8B78-429F-B0B0-32A3CA0E4DDB}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

FireFox:
========
FF ProfilePath: C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-116035449-3229059048-4235389283-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Extension: Avira Browser Safety - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\abs@avira.com.xpi [2016-02-09]
FF Extension: ProxTube - Unblock YouTube - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-11-25]
FF Extension: Adblock Plus - C:\Users\l e n o v o_T400\AppData\Roaming\Mozilla\Firefox\Profiles\gk0adh3d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-28]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2011-05-31] () [Datei ist nicht signiert]
R2 ATService; C:\Windows\system32\ATService.exe [2715976 2011-05-31] (AuthenTec, Inc.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2011-05-31] () [Datei ist nicht signiert]
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-02-13] ()
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-13 11:00 - 2016-02-13 11:00 - 00049584 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-02-13 08:28 - 2016-02-13 08:28 - 00000000 ____D C:\Program Files (x86)\ESET
2016-02-13 08:27 - 2016-02-13 08:27 - 02870984 _____ (ESET) C:\Users\l e n o v o_T400\Desktop\esetsmartinstaller_deu.exe
2016-02-13 08:17 - 2016-02-13 08:22 - 00000000 ____D C:\ProgramData\HitmanPro
2016-02-13 08:17 - 2016-02-13 08:17 - 11443792 _____ (SurfRight B.V.) C:\Users\l e n o v o_T400\Desktop\HitmanPro_x64.exe
2016-02-13 08:11 - 2016-02-13 08:11 - 00001974 _____ C:\Users\l e n o v o_T400\Desktop\Fixlog.txt
2016-02-12 09:21 - 2016-02-12 09:21 - 00002210 _____ C:\Users\l e n o v o_T400\Desktop\JRT.txt
2016-02-12 09:18 - 2016-02-12 09:18 - 00001213 _____ C:\Users\l e n o v o_T400\Desktop\MBAM log.txt
2016-02-12 09:09 - 2016-02-12 09:09 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-02-12 09:09 - 2016-02-12 09:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-02-12 09:09 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-12 09:09 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-12 09:05 - 2016-02-12 09:05 - 00001202 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner[C1].txt
2016-02-12 09:01 - 2016-02-12 09:08 - 00000000 ____D C:\AdwCleaner
2016-02-12 08:59 - 2016-02-12 08:59 - 22908888 _____ (Malwarebytes ) C:\Users\l e n o v o_T400\Desktop\mbam-setup-2.2.0.1024.exe
2016-02-12 08:59 - 2016-02-12 08:59 - 01609032 _____ (Malwarebytes) C:\Users\l e n o v o_T400\Desktop\JRT.exe
2016-02-12 08:59 - 2016-02-12 08:59 - 01508352 _____ C:\Users\l e n o v o_T400\Desktop\AdwCleaner_5.033.exe
2016-02-11 17:10 - 2016-02-11 17:10 - 00016844 _____ C:\ComboFix.txt
2016-02-11 17:00 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-02-11 17:00 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-02-11 17:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-02-11 17:00 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-02-11 16:53 - 2016-02-11 17:10 - 00000000 ____D C:\Qoobox
2016-02-11 16:53 - 2016-02-11 17:08 - 00000000 ____D C:\Windows\erdnt
2016-02-11 16:52 - 2016-02-11 16:52 - 05657611 ____R (Swearware) C:\Users\l e n o v o_T400\Desktop\ComboFix.exe
2016-02-11 12:43 - 2016-02-13 09:05 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-11 12:43 - 2016-02-12 09:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-11 12:43 - 2016-02-11 12:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-11 12:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-11 12:41 - 2016-02-11 12:55 - 00000000 ____D C:\Users\l e n o v o_T400\Desktop\mbar
2016-02-11 12:39 - 2016-02-11 12:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\l e n o v o_T400\Desktop\mbar-1.09.3.1001.exe
2016-02-10 13:49 - 2016-02-10 13:52 - 00412762 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.31_log.txt
2016-02-10 13:49 - 2016-02-10 13:49 - 00000490 _____ C:\TDSSKiller.3.1.0.9_10.02.2016_13.49.16_log.txt
2016-02-10 13:46 - 2016-02-10 13:48 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\l e n o v o_T400\Desktop\tdsskiller.exe
2016-02-09 14:02 - 2016-02-12 09:22 - 00029078 _____ C:\Users\l e n o v o_T400\Desktop\Addition.txt
2016-02-09 13:54 - 2016-02-13 11:03 - 00011853 _____ C:\Users\l e n o v o_T400\Desktop\FRST.txt
2016-02-09 13:47 - 2016-02-09 13:47 - 00003094 _____ C:\Windows\System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954}
2016-02-09 13:46 - 2016-02-11 13:48 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-09 13:40 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 13:40 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 13:40 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 13:40 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 13:40 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 13:40 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 13:40 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-09 13:40 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 13:40 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 13:40 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 13:40 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 13:40 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 13:40 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 13:40 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 13:40 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 13:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 13:40 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-09 13:40 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-09 13:40 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-09 13:40 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-09 13:40 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-09 13:40 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-09 13:40 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-09 13:40 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-09 13:40 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 13:40 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 13:40 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 13:40 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-09 13:40 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 13:40 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 13:40 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 13:40 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 13:40 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 13:40 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-09 13:40 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-09 13:40 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-09 13:40 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-09 13:40 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 13:40 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 13:40 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-02-09 13:40 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-02-09 13:26 - 2016-02-13 11:03 - 00000000 ____D C:\FRST
2016-02-09 13:25 - 2016-02-09 13:25 - 02370560 _____ (Farbar) C:\Users\l e n o v o_T400\Desktop\FRST64.exe
2016-02-09 13:16 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 13:16 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-09 13:16 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 13:16 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 13:16 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 13:16 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 13:16 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 13:16 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 13:16 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 13:16 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 13:16 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 13:16 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 13:16 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 13:16 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 13:16 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 13:16 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 13:16 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 13:16 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 13:16 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 13:16 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-09 13:16 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 13:16 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 13:16 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-09 13:16 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-09 13:16 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-09 13:16 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-09 13:16 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 13:16 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-09 13:16 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-09 13:16 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-09 13:16 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-09 13:16 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-09 13:16 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-09 13:16 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-09 13:16 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 13:16 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 13:16 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 13:16 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 13:16 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 13:16 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-09 13:16 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 13:16 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-09 13:16 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-09 13:16 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-09 13:16 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-09 13:16 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-09 13:16 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-09 13:16 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 13:16 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-09 13:16 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-09 13:16 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-09 13:16 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-09 13:16 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-09 13:16 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 13:16 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 13:16 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-09 13:16 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-09 13:16 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-09 13:16 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 13:16 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-02-09 13:16 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-02-09 13:16 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-02-09 13:16 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-02-09 13:16 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-02-09 13:16 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-02-09 13:16 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-02-09 13:16 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-02-09 13:16 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-02-09 13:16 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-02-09 13:16 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-02-09 13:16 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-02-09 13:16 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-02-09 13:16 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-02-09 13:16 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-02-09 13:16 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-02-09 13:16 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-02-09 13:16 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-02-09 13:16 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-02-09 13:16 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 13:16 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-02-09 13:16 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-02-09 13:16 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-02-09 13:16 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-02-09 13:16 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-02-01 08:26 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-01 08:26 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-13 11:03 - 2015-10-23 15:42 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\Skype
2016-02-13 10:59 - 2015-10-23 15:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-13 09:06 - 2016-01-07 00:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-13 08:26 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-13 08:26 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-13 08:19 - 2011-04-12 08:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2016-02-13 08:19 - 2011-04-12 08:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2016-02-13 08:19 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-13 08:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-13 08:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-11 17:39 - 2015-10-23 15:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-11 17:39 - 2015-10-23 15:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-11 17:39 - 2015-10-23 15:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-11 17:08 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-02-11 13:50 - 2015-10-23 15:42 - 00000000 ____D C:\ProgramData\Skype
2016-02-11 12:41 - 2015-11-10 01:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-10 13:42 - 2009-07-14 05:45 - 00294656 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 13:40 - 2015-10-27 11:15 - 00000000 ____D C:\Program Files\Lenovo
2016-02-09 14:16 - 2015-11-10 01:08 - 00000000 ____D C:\ProgramData\Origin
2016-02-09 14:14 - 2015-11-25 12:58 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Roaming\DVDVideoSoft
2016-02-09 14:14 - 2015-10-29 20:49 - 00000000 ____D C:\00 Patrick
2016-02-09 13:35 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Users\l e n o v o_T400\AppData\Local\Ubisoft Game Launcher
2016-02-09 13:29 - 2015-10-30 23:44 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-09 10:50 - 2015-10-26 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-01 08:29 - 2015-10-26 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-01 08:28 - 2015-10-26 18:04 - 00000000 ____D C:\Windows\system32\MRT
2016-02-01 08:25 - 2015-10-26 18:03 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-23 15:52 - 2015-10-23 15:52 - 0000116 _____ () C:\ProgramData\CameraRecorder.ini

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-30 19:36

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von l e n o v o_T400 (2016-02-13 11:03:52)
Gestartet von C:\Users\l e n o v o_T400\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-23 14:02:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-116035449-3229059048-4235389283-500 - Administrator - Disabled)
Gast (S-1-5-21-116035449-3229059048-4235389283-501 - Limited - Disabled)
l e n o v o_T400 (S-1-5-21-116035449-3229059048-4235389283-1000 - Administrator - Enabled) => C:\Users\l e n o v o_T400

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Anomaly 2 (HKLM-x32\...\Steam App 236730) (Version:  - 11 bit studios)
ATI Catalyst Install Manager (HKLM\...\{9B0EAC89-4331-A96E-C7D3-754192589BEE}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5.2-120504a-138564C-Lenovo - ATI Technologies, Inc.)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
ccc-core-static (x32 Version: 2012.0504.2334.40448 - Ihr Firmenname) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
Energy Management (x32 Version: 7.0.3.9 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Final Dusk (HKLM-x32\...\Steam App 337420) (Version:  - Light Echo)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.50 - AuthenTec, Inc.)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{8046A32C-88A7-45DA-B6D7-B6191E261031}) (Version: 7.03.0546 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Outland (HKLM-x32\...\Steam App 305050) (Version:  - Housemarque)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (07/02/2010 8.6.0.29) (HKLM\...\05FBE63CF9C9B3424152207E7278CD6DA193C56C) (Version: 07/02/2010 8.6.0.29 - AuthenTec Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
YGOPro DevPro Launcher (HKLM-x32\...\{8D09DD74-E630-4629-80DC-7FB13AE58F3F}) (Version: 2.0.10 - DevPro, LLC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09093292-B941-4E1E-BB80-B50A0F011D99} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {0D483666-BD0C-48D5-82F4-F930ECA9F05A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated)
Task: {CDB63A93-539B-488F-8375-CF3C07B4B8D3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F3152822-05F2-45DA-ADF8-76BDFCFADDD4} - System32\Tasks\{BF380BBD-85F4-4CAD-9873-9540574DB954} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/de/go/help.faq.installer?LastError=1618

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-05-31 06:29 - 2011-05-31 06:29 - 00117760 _____ () C:\Windows\system32\DTS.exe
2008-12-20 03:20 - 2015-10-27 11:14 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-04 23:33 - 2012-05-04 23:33 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-10-29 21:03 - 2015-12-15 06:54 - 00782336 _____ () C:\00 Patrick\Steam\SDL2.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 04962816 _____ () C:\00 Patrick\Steam\v8.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01556992 _____ () C:\00 Patrick\Steam\icui18n.dll
2015-10-29 21:03 - 2015-07-03 17:12 - 01187840 _____ () C:\00 Patrick\Steam\icuuc.dll
2015-10-29 21:03 - 2016-02-04 22:02 - 02546768 _____ () C:\00 Patrick\Steam\video.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 02549248 _____ () C:\00 Patrick\Steam\libavcodec-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00442880 _____ () C:\00 Patrick\Steam\libavutil-54.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00491008 _____ () C:\00 Patrick\Steam\libavformat-56.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00332800 _____ () C:\00 Patrick\Steam\libavresample-2.dll
2015-10-29 21:02 - 2015-09-24 01:33 - 00485888 _____ () C:\00 Patrick\Steam\libswscale-3.dll
2015-10-29 21:03 - 2016-02-04 22:01 - 00802896 _____ () C:\00 Patrick\Steam\bin\chromehtml.DLL
2015-10-29 21:02 - 2015-12-30 02:51 - 00208896 _____ () C:\00 Patrick\Steam\bin\openvr_api.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-10-29 21:03 - 2016-01-06 02:52 - 48387872 _____ () C:\00 Patrick\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-11 17:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-116035449-3229059048-4235389283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\l e n o v o_T400\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9F1B72D5-FC54-41E7-8C64-6D0D8C94717F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2F963EB-9CBC-4793-8399-CF2EE3B5341C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA40F968-1239-47BA-9910-BF1EDE28CC3A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{012F6B68-D295-41AB-9A17-FA6EE5CE7F47}] => (Allow) LPort=2869
FirewallRules: [{EBC949E9-EB04-4131-8C3D-5802F68F5AD9}] => (Allow) LPort=1900
FirewallRules: [{AFCB54A4-6BEF-4376-8FBE-9B0FFEAC7DBE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{07563221-6C4E-4FF2-B720-E1CC00950509}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D375C97-D8A4-4EBC-A9EA-739A8C9E69AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{72868D83-C4A2-4AC2-820D-5C033836562B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{009CFA44-D550-4669-8351-2A9B9EB49FCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{06BC55BF-52A5-4334-A46A-ECF2D8F45D15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{78C8E05C-7516-40B0-BCC5-AB8B7790310E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B3987217-92BF-4D1F-800D-981B2BCF9A6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6B2A6036-4605-4FFF-A7B2-8DF6B0D0601C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{FD0891A4-ADEA-4B5C-956F-F5A8EECBF98D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Strider\Strider.exe
FirewallRules: [{79A90932-5DA3-431B-BA14-08DF350C623C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{CDB297EE-9D1A-4A73-8275-07A9C5D239F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{1F89DABE-467B-4F4F-9EBD-3B85DDB67C7A}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [{91A1A7F1-BC69-4960-AF4F-F4D1B59AB939}] => (Allow) C:\00 Patrick\Steam\Steam.exe
FirewallRules: [TCP Query User{913DF891-DD3E-46FA-B821-48A854141B7A}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [UDP Query User{79A11FC0-BECD-4855-AD7D-F362FBFBFB24}C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe] => (Block) C:\00 patrick\steam\steamapps\common\etherlords ii\etherlords2.exe
FirewallRules: [{C437FD31-D94B-4F8C-8C0F-804D02293745}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{974E794F-EE7C-4CAE-B173-18BF7E4431B9}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{FEBB9783-D452-4575-AF84-443D98B8DDC1}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{A2214476-9994-4910-87F9-B61A14A59635}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{35C0DF2D-3043-4479-9DFD-CED810814F87}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{FD4FA76C-9825-4DEF-BC4D-69A4A1821DE6}C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\00 patrick\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{CFA718F6-8366-46F5-AB2B-1E5A2AA916FF}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7229F608-EC44-4384-B92E-07552E506BD9}C:\00 patrick\heartstone\hearthstone\hearthstone.exe] => (Allow) C:\00 patrick\heartstone\hearthstone\hearthstone.exe
FirewallRules: [{1401E6C4-615B-49F4-B599-6A8A7349DDEE}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BCE41C79-C138-4F01-8C8A-6C5D313806A6}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C4C6EFE2-A3D3-4D6C-A6DF-B13FD962BA2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C7D6879E-88CE-4F75-B9BD-4AB85C7D801A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B7137B81-01C5-4B4A-866C-6C5E91C22509}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C283972A-8B8E-4402-BAE7-68FF00C3C6D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE13F4A3-9CEB-4909-B1D5-4228652301F6}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{C108768B-7704-4065-BF85-737ADBF5F18E}] => (Allow) C:\00 Patrick\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF79A33D-134D-40B0-AEC0-841F6BDF1526}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037598EA-7072-4F8D-B418-23C8DDABAA0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68C5D6C5-9E1B-428B-979C-AE3345DEAA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{64684FDC-2FAE-458F-89E6-6727F3471D63}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{D7D4382D-8DE1-4C4D-8134-67F6C9858A01}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{7BB0AEC7-369E-42E5-9144-EC4C9CFBD70C}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{28292762-161E-4710-A38D-B48039438495}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{6601F52C-B9B4-4B07-A9C8-206B18D44202}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Anomaly 2\Anomaly 2.exe
FirewallRules: [{20EC68C0-8861-4CEC-90E3-8743A749D309}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{CC60C3B7-C76E-4F04-9861-F0E45CC0C7E8}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [TCP Query User{813447D1-9988-4423-A07D-2A48C84814A9}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{8113568B-25A4-42B4-81B0-2B3D358B6902}C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\00 patrick\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{86918A03-D4F5-482F-8D07-00E54E47C593}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{50CD02A8-AEB8-4985-BD21-9EEA1F4CF886}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{177B25B5-080B-4475-AC38-36A5A236FD86}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{594EABC2-428A-4755-81FB-AED0DA33E3EB}] => (Allow) C:\00 Patrick\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3B4AD008-7737-4088-A141-21CED53840A3}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{F25D5FC4-06A9-4A95-B334-BA7C00F556F0}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Outland\Outland.exe
FirewallRules: [{DFAB99F8-9F93-438E-9D29-4D0FCDC5C5DF}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{5459E706-1BA5-4BEA-803E-58DDDA775F97}] => (Allow) C:\00 Patrick\Steam\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{CD933E24-9EA9-4C0D-BC71-B56D00719B66}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{BFBDDC45-2DCD-4520-846B-8C802178B568}] => (Allow) C:\00 Patrick\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{5BE08BEE-291E-41E4-BCF5-1948A3C4EA05}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{84CCB198-5B74-4126-9DD2-09B8E4E40AC7}] => (Allow) C:\00 Patrick\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe

==================== Wiederherstellungspunkte =========================

09-02-2016 15:37:40 Windows Update
11-02-2016 12:39:33 Removed Avira Browser Safety
12-02-2016 09:19:14 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/13/2016 08:29:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/13/2016 08:28:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/13/2016 08:28:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/13/2016 08:28:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/13/2016 08:27:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/13/2016 08:27:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/13/2016 08:14:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2016 08:09:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2016 09:08:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2016 08:58:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (02/13/2016 11:03:15 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/13/2016 11:01:15 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/13/2016 10:59:18 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/13/2016 10:59:17 AM) (Source: TPM) (EventID: 15) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.

Error: (02/13/2016 10:59:17 AM) (Source: TPM) (EventID: 2) (User: )
Description: Fehler des TPM-Selbsttestbefehls.

Error: (02/13/2016 09:07:26 AM) (Source: TPM) (EventID: 12) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein Fehler in der TPM-Hardware aufgetreten, der dazu führen kann, dass einige Anwendungen, die TPM-Dienste verwenden, nicht ordnungsgemäß ausgeführt werden. Starten Sie den Computer neu, um die TPM-Hardware zurückzusetzen. Wenn Sie weitere Unterstützung benötigen, wenden Sie sich an den Computerhersteller, um weitere Informationen zu erhalten.

Error: (02/13/2016 09:07:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/13/2016 09:05:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/13/2016 09:03:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.

Error: (02/13/2016 09:01:07 AM) (Source: Microsoft-Windows-TBS) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten von TBS.  Fehlercode: 0x8028001c.


CodeIntegrity:
===================================
  Date: 2016-02-11 17:06:24.119
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-02-11 17:06:24.081
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 77%
Installierter physikalischer RAM: 1990.02 MB
Verfügbarer physikalischer RAM: 456.09 MB
Summe virtueller Speicher: 4976.02 MB
Verfügbarer virtueller Speicher: 2483.13 MB

==================== Laufwerke ================================

Drive c: (Windows 7 SSD) (Fixed) (Total:238.37 GB) (Free:177.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5DE8806A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Geändert von Senkay (13.02.2016 um 11:22 Uhr)

Alt 13.02.2016, 21:45   #13
M-K-D-B
/// TB-Ausbilder
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Ich sehe keine Malware, die für dein Problem verantwortlich sein könnte.

Bitte mal lesen:
PC wird immer langsamer - was tun?





Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.







Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 14.02.2016, 13:05   #14
Senkay
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Kurz nach dem Neustart hat sich der Laptop abgeschaltet und ich kann ihn nicht mehr starte.
Es leuchtet auch kein Licht mehr, das z.B. anzeigt das er geladen wird. Heiß ist er auch nicht.

Das Problem hat sich erledigt. Es lag am Akku. Habe ihn kurz rausgenommen, wieder rein gesteckt und er fährt wieder hoch.

Es scheint soweit ich das sehen kann alles in Ordung zu sein. Die Auslastung verwirrt mich immer noch aber er ist nicht wieder eingefroren bislang.

Alt 14.02.2016, 20:36   #15
M-K-D-B
/// TB-Ausbilder
 
Laptop hat ständig hohe Auslastung und friert ein - Standard

Laptop hat ständig hohe Auslastung und friert ein



Dann ist es wohl ein Hardwareproblem, nicht Malware.



Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Laptop hat ständig hohe Auslastung und friert ein
100%, antivirus, auslastung, avira, converter, cpu, desktop, dnsapi.dll, error, firefox, flash player, freundlich, gerätetreiber, home, homepage, mozilla, mp3, prozesse, registry, scan, security, services.exe, software, starten, svchost.exe, system, udp, windows



Ähnliche Themen: Laptop hat ständig hohe Auslastung und friert ein


  1. neuer laptop, hohe datenträger auslastung= virus?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2015 (31)
  2. PC friert ein, hohe Datenträgerauslastung 99%
    Log-Analyse und Auswertung - 24.05.2015 (17)
  3. Neuer Acer-Laptop kaum nutzbar: Sehr hohe Auslastung von Arbeitsspeicher und Datenträger
    Alles rund um Windows - 16.03.2015 (7)
  4. Laptop (Vista) sehr langsam, hohe CPU Auslastung
    Log-Analyse und Auswertung - 20.11.2014 (16)
  5. Win 7 ständig hohe CPU-Auslastung 30 - 50 %
    Log-Analyse und Auswertung - 14.08.2014 (3)
  6. Laptop stürzt ständig ab oder friert ein - wohl Virus :-(
    Plagegeister aller Art und deren Bekämpfung - 01.01.2014 (4)
  7. Laptop Probleme - "Laptop stürzt ständig ab oder friert ein - wohl Virus :-("
    Mülltonne - 30.12.2013 (1)
  8. Hohe CPU/Ram-Auslastung
    Alles rund um Windows - 17.11.2012 (5)
  9. Laptop sporadisch hohe CPU-Auslastung - über Netzteilstecker ziehen gehts wieder
    Log-Analyse und Auswertung - 25.06.2012 (0)
  10. Laptop hohe Auslastung/sehr laut
    Alles rund um Windows - 02.06.2012 (3)
  11. Hohe CPU Auslastung, >88 Prozesse, Lüfter läuft ständig, PC langsam
    Netzwerk und Hardware - 10.04.2012 (8)
  12. Laptop wir nach 5 min extrem langsam, sehr hohe CPU-Auslastung ohne ersichtlichen Grund
    Log-Analyse und Auswertung - 29.02.2012 (2)
  13. Laptop bei Browser öffnen schon hohe CPU auslastung.
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (1)
  14. hohe cpu auslastung
    Antiviren-, Firewall- und andere Schutzprogramme - 10.11.2010 (5)
  15. hohe CPU Auslastung
    Log-Analyse und Auswertung - 07.06.2009 (6)
  16. Ständig hohe Auslastung, Lüfter im Dauerbetrieb
    Log-Analyse und Auswertung - 30.11.2008 (1)
  17. Hohe CPU-Auslastung..Help!!!
    Log-Analyse und Auswertung - 12.12.2006 (3)

Zum Thema Laptop hat ständig hohe Auslastung und friert ein - fGuten Tag, dieser Laptop hat ständig eine hohe Auslastung zwischen 60% bis zu 100% und friert ständig ein. Es wäre sehr freundlich wenn mir jemand damit helfen könnte herauszufinden ob - Laptop hat ständig hohe Auslastung und friert ein...
Archiv
Du betrachtest: Laptop hat ständig hohe Auslastung und friert ein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.