Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Seit neustem 100% CPU-Auslastung - Ursache unklar

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.02.2016, 21:35   #1
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Guten Abend,

ich bin vor ca 2 Wochen nach UK gezogen und habe seitdem verschiedene W-LAN benutzt.

Leider musste ich nun feststellen, dass mein PC, insbesondere wenn Firefox geöffnet ist, eine fast dauerhafte CPU-Auslastung von 100% hat und ich damit quasi nicht mehr arbeiten kann.

Im Taskmanager werden aber keine Prozesse angezeigt, die dermaßen viel Leistung benötigen.

Hab ich mir da möglicherweise was eingefangen?

Schon vorab vielen Dank für die Hilfe!

Gruß GSR-Wurm

Alt 21.02.2016, 14:55   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 21.02.2016, 15:26   #3
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Hi Jürgen, super dass das bei euch so schnell geht.
Anbei die Logfiles:

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016
durchgeführt von ****** (Administrator) auf MWURM-HP (21-02-2016 15:19:29)
Gestartet von C:\Users\******\Desktop
Geladene Profile: ****** (Verfügbare Profile: ******)
Platform: Windows 7 Professional Service Pack 1 0(X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Smith Micro Software, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Smith Micro Software, Inc) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-03] (ActivIdentity)
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-03] (ActivIdentity)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2014-02-09] (Broadcom Corporation)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11266048 2010-01-19] (Hewlett-Packard)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2010-03-03] ()
HKLM-x32\...\Run: [HP Connection Manager.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe [1119048 2010-03-13] (Smith Micro Software, Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-17] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-10] ()
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Run: [Dropbox Update] => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 77.244.128.44 77.244.128.45
Tcpip\..\Interfaces\{905CDB13-2815-4195-8BB5-B3BF9AD6C536}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{B8868FDC-1C95-4AB4-9FFE-491FFD91D0E0}: [DhcpNameServer] 77.244.128.44 77.244.128.45

Internet Explorer:
==================
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-1485572930-606236203-3537335217-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {72EFFCD5-7C96-4B9A-A7D2-4C3C08E9FE8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06] (DigitalPersona, Inc.)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Keine Datei
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-01-19] (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06] (DigitalPersona, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-09-01] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26] (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-09-01] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\tbuw603s.default-1423144820428
FF Homepage: www.google.de
FF NetworkProxy: "backup.ftp", "80.82.223.33"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "80.82.223.33"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "80.82.223.33"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "80.82.223.33"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "80.82.223.33"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "80.82.223.33"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-09-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Extension: selectivecookiedelete - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\tbuw603s.default-1423144820428\extensions\selectivecookiedelete@siju.mathew [2015-05-31]
FF Extension: NoScript - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\tbuw603s.default-1423144820428\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-17]
FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\tbuw603s.default-1423144820428\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-04-07] [ist nicht signiert]
FF HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\e30q0ddg.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\default
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\******\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-11-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-02-24] (BitRaider, LLC)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2010-02-02] (McAfee, Inc.) [Datei ist nicht signiert]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) [Datei ist nicht signiert]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-06-14] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2010-01-19] (Hewlett-Packard) [Datei ist nicht signiert]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
R2 QDLService2kHP; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [331000 2010-03-15] (QUALCOMM, Inc.)
R2 SMManager; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMManager.exe [82760 2010-03-13] (Smith Micro Software, Inc.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2014-02-09] (Broadcom Corporation) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [Datei ist nicht signiert]
S3 qcfilterhp2k; C:\Windows\System32\DRIVERS\qcfilterhp2k.sys [6400 2010-03-15] (QUALCOMM Incorporated)
S3 qcusbnethp2k; C:\Windows\System32\DRIVERS\qcusbnethp2k.sys [242176 2010-03-15] (QUALCOMM Incorporated)
S3 qcusbserhp2k; C:\Windows\System32\DRIVERS\qcusbserhp2k.sys [121600 2010-03-15] (QUALCOMM Incorporated)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2010-02-02] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [89344 2010-01-30] (Realtek Semiconductor Corp.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2010-02-02] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2010-02-02] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-21 15:19 - 2016-02-21 15:20 - 00028726 _____ C:\Users\******\Desktop\FRST.txt
2016-02-21 15:17 - 2016-02-21 15:19 - 00000000 ____D C:\FRST
2016-02-21 15:17 - 2016-02-21 15:17 - 02371072 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2016-02-19 18:13 - 2016-02-19 18:13 - 00000000 ____D C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-17 20:34 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2016-02-17 20:34 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2016-02-17 20:34 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll
2016-02-17 20:34 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll
2016-02-17 20:34 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2016-02-17 20:34 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2016-02-17 20:34 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll
2016-02-17 20:34 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll
2016-02-17 20:34 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll
2016-02-17 20:34 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll
2016-02-17 20:34 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll
2016-02-17 20:34 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll
2016-02-17 20:34 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll
2016-02-17 20:34 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll
2016-02-17 20:33 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll
2016-02-17 20:33 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll
2016-02-17 20:33 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll
2016-02-17 20:33 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll
2016-02-17 20:33 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll
2016-02-17 20:33 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll
2016-02-17 20:33 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll
2016-02-17 20:33 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll
2016-02-17 20:33 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll
2016-02-17 20:33 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2016-02-17 20:33 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2016-02-17 20:33 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll
2016-02-17 20:33 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_41.dll
2016-02-17 20:33 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll
2016-02-17 20:33 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_41.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2016-02-17 20:33 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2016-02-17 20:33 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll
2016-02-17 20:33 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll
2016-02-17 20:33 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll
2016-02-17 20:33 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll
2016-02-17 20:33 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2016-02-17 20:33 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2016-02-17 20:33 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2016-02-17 20:33 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2016-02-17 20:33 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2016-02-17 20:33 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2016-02-17 20:33 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2016-02-17 20:33 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll
2016-02-17 20:33 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2016-02-17 20:33 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll
2016-02-17 20:33 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2016-02-17 20:33 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll
2016-02-17 20:33 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2016-02-17 20:33 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2016-02-17 20:33 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2016-02-17 20:33 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2016-02-17 20:33 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2016-02-17 20:33 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2016-02-17 20:33 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2016-02-17 20:33 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2016-02-17 20:33 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2016-02-17 20:33 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2016-02-17 20:33 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2016-02-17 20:33 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2016-02-17 20:33 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2016-02-17 20:33 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2016-02-17 20:33 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2016-02-17 20:33 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2016-02-17 20:33 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2016-02-17 20:33 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2016-02-17 20:33 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2016-02-17 20:33 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2016-02-17 20:33 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2016-02-17 20:33 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2016-02-17 20:33 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2016-02-17 20:33 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2016-02-17 20:33 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2016-02-17 20:33 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2016-02-17 19:33 - 2016-02-17 19:33 - 00000222 _____ C:\Users\******\Desktop\Age of Empires II HD Edition.url
2016-02-17 19:33 - 2016-02-17 19:33 - 00000000 ____D C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-17 19:32 - 2016-02-17 19:32 - 00000000 ____D C:\Users\******\AppData\Local\Steam
2016-02-17 19:32 - 2016-02-17 19:32 - 00000000 ____D C:\Users\******\AppData\Local\CEF
2016-02-17 19:27 - 2016-02-21 13:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-17 19:27 - 2016-02-17 19:27 - 01380712 _____ C:\Users\******\Downloads\SteamSetup.exe
2016-02-17 19:27 - 2016-02-17 19:27 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk
2016-02-17 19:27 - 2016-02-17 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-14 19:16 - 2016-02-14 19:16 - 00037135 _____ C:\Users\******\Desktop\Für dich.....pdf
2016-02-14 12:08 - 2016-02-20 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1701
2016-02-14 12:02 - 2016-02-14 12:02 - 00000000 ____D C:\Users\******\Desktop\Anno
2016-02-12 11:35 - 2016-02-13 12:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-10 15:16 - 2016-01-07 17:53 - 03211776 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-02-10 15:15 - 2016-02-06 10:48 - 25839104 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-02-10 15:15 - 2016-02-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-02-10 15:15 - 2016-02-06 10:24 - 02887680 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-02-10 15:15 - 2016-02-06 10:11 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-02-10 15:15 - 2016-02-06 10:10 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-02-10 15:15 - 2016-02-06 10:01 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-02-10 15:15 - 2016-02-06 09:54 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-02-10 15:15 - 2016-02-06 09:43 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-02-10 15:15 - 2016-02-06 09:38 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-02-10 15:15 - 2016-02-06 09:37 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-02-10 15:15 - 2016-02-06 09:32 - 14458368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-02-10 15:15 - 2016-02-06 09:16 - 12857856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-02-10 15:15 - 2016-02-06 09:09 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-02-10 15:15 - 2016-02-06 08:54 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-02-10 15:15 - 2016-01-16 19:06 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-02-10 15:15 - 2016-01-16 18:54 - 01162240 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-02-10 15:15 - 2016-01-11 14:08 - 01362944 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-02-10 15:15 - 2016-01-11 14:08 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-02-10 15:15 - 2016-01-11 14:08 - 00677376 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-02-10 15:15 - 2016-01-11 14:08 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-02-10 15:15 - 2016-01-11 14:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-02-10 15:15 - 2016-01-06 19:02 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-02-10 15:15 - 2016-01-06 19:02 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-02-10 15:15 - 2016-01-06 18:41 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-02-10 15:14 - 2016-01-22 20:31 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-02-10 15:14 - 2016-01-22 20:10 - 00341200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-02-10 15:14 - 2016-01-22 06:56 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-02-10 15:14 - 2016-01-22 06:41 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-02-10 15:14 - 2016-01-22 06:40 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-02-10 15:14 - 2016-01-22 06:40 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-02-10 15:14 - 2016-01-22 06:40 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-02-10 15:14 - 2016-01-22 06:40 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-02-10 15:14 - 2016-01-22 06:33 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-02-10 15:14 - 2016-01-22 06:32 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-02-10 15:14 - 2016-01-22 06:29 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-02-10 15:14 - 2016-01-22 06:27 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-02-10 15:14 - 2016-01-22 06:27 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-02-10 15:14 - 2016-01-22 06:27 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-02-10 15:14 - 2016-01-22 06:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-02-10 15:14 - 2016-01-22 06:17 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-02-10 15:14 - 2016-01-22 06:09 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 15:14 - 2016-01-22 06:08 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-02-10 15:14 - 2016-01-22 06:05 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-02-10 15:14 - 2016-01-22 06:04 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-02-10 15:14 - 2016-01-22 06:02 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-02-10 15:14 - 2016-01-22 06:02 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-02-10 15:14 - 2016-01-22 06:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-02-10 15:14 - 2016-01-22 06:01 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-02-10 15:14 - 2016-01-22 06:01 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-02-10 15:14 - 2016-01-22 06:00 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-02-10 15:14 - 2016-01-22 06:00 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-02-10 15:14 - 2016-01-22 05:55 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-02-10 15:14 - 2016-01-22 05:55 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-02-10 15:14 - 2016-01-22 05:51 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-02-10 15:14 - 2016-01-22 05:51 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-02-10 15:14 - 2016-01-22 05:50 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-02-10 15:14 - 2016-01-22 05:48 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-02-10 15:14 - 2016-01-22 05:47 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-02-10 15:14 - 2016-01-22 05:46 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-02-10 15:14 - 2016-01-22 05:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-02-10 15:14 - 2016-01-22 05:43 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-02-10 15:14 - 2016-01-22 05:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 15:14 - 2016-01-22 05:38 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-02-10 15:14 - 2016-01-22 05:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-02-10 15:14 - 2016-01-22 05:35 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-02-10 15:14 - 2016-01-22 05:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-02-10 15:14 - 2016-01-22 05:34 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-02-10 15:14 - 2016-01-22 05:33 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-02-10 15:14 - 2016-01-22 05:31 - 02597376 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-02-10 15:14 - 2016-01-22 05:27 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-02-10 15:14 - 2016-01-22 05:25 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-02-10 15:14 - 2016-01-22 05:24 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-02-10 15:14 - 2016-01-22 05:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-02-10 15:14 - 2016-01-22 05:08 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-02-10 15:14 - 2016-01-22 05:07 - 02120704 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-02-10 15:14 - 2016-01-22 05:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-02-10 15:12 - 2016-01-22 06:27 - 05573056 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-02-10 15:12 - 2016-01-22 06:24 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-02-10 15:12 - 2016-01-22 06:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-02-10 15:12 - 2016-01-22 06:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-02-10 15:12 - 2016-01-22 06:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-02-10 15:12 - 2016-01-22 06:15 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-02-10 15:12 - 2016-01-22 06:15 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-02-10 15:12 - 2016-01-22 06:15 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-02-10 15:12 - 2016-01-22 06:13 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-02-10 15:12 - 2016-01-22 06:13 - 03938752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-02-10 15:12 - 2016-01-22 06:12 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-02-10 15:12 - 2016-01-22 06:09 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-02-10 15:12 - 2016-01-22 06:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-02-10 15:12 - 2016-01-22 06:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-02-10 15:12 - 2016-01-16 19:01 - 02085888 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-02-10 15:12 - 2016-01-16 18:36 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-02-10 15:12 - 2016-01-11 19:05 - 03169792 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-02-10 15:12 - 2016-01-11 19:05 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-02-10 15:12 - 2016-01-11 19:05 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-02-10 15:12 - 2016-01-11 18:52 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-02-10 15:12 - 2016-01-11 18:47 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-02-10 15:12 - 2016-01-11 18:26 - 02610176 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-02-10 15:12 - 2016-01-11 18:24 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-02-10 15:12 - 2016-01-11 18:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-02-10 15:12 - 2016-01-11 18:23 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-02-10 15:12 - 2016-01-11 18:23 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-02-10 15:12 - 2016-01-11 18:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-02-10 15:12 - 2016-01-11 18:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-02-10 15:12 - 2016-01-11 18:14 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-02-10 15:12 - 2016-01-11 18:14 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-02-10 15:12 - 2016-01-11 18:14 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-02-10 15:12 - 2016-01-11 18:14 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-02-10 15:12 - 2016-01-07 17:42 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-02-10 15:11 - 2016-01-22 06:27 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-02-10 15:11 - 2016-01-22 06:27 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-02-10 15:11 - 2016-01-22 06:20 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-02-10 15:11 - 2016-01-22 06:20 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-02-10 15:11 - 2016-01-22 06:19 - 14179840 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-02-10 15:11 - 2016-01-22 06:19 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-02-10 15:11 - 2016-01-22 06:19 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-02-10 15:11 - 2016-01-22 06:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-02-10 15:11 - 2016-01-22 06:18 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-02-10 15:11 - 2016-01-22 06:17 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-02-10 15:11 - 2016-01-22 06:17 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-02-10 15:11 - 2016-01-22 06:16 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-02-10 15:11 - 2016-01-22 06:16 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-02-10 15:11 - 2016-01-22 06:16 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-02-10 15:11 - 2016-01-22 06:15 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-02-10 15:11 - 2016-01-22 06:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-02-10 15:11 - 2016-01-22 06:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-02-10 15:11 - 2016-01-22 06:13 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 01940992 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-02-10 15:11 - 2016-01-22 06:06 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-02-10 15:11 - 2016-01-22 06:05 - 12877824 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-02-10 15:11 - 2016-01-22 06:05 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-02-10 15:11 - 2016-01-22 06:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-02-10 15:11 - 2016-01-22 06:02 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-02-10 15:11 - 2016-01-22 06:02 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-02-10 15:11 - 2016-01-22 06:02 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-02-10 15:11 - 2016-01-22 06:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-02-10 15:11 - 2016-01-22 06:02 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-02-10 15:11 - 2016-01-22 06:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-02-10 15:11 - 2016-01-22 06:02 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-02-10 15:11 - 2016-01-22 06:00 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 05:19 - 03231232 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-02-10 15:11 - 2016-01-22 05:13 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-02-10 15:11 - 2016-01-22 05:12 - 02973184 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-02-10 15:11 - 2016-01-22 05:07 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-02-10 15:11 - 2016-01-22 05:07 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-02-10 15:11 - 2016-01-22 05:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-02-10 15:11 - 2016-01-22 04:59 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-02-10 15:11 - 2016-01-22 04:58 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-02-10 15:11 - 2016-01-22 04:58 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-02-10 15:11 - 2016-01-22 04:57 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-02-10 15:11 - 2016-01-22 04:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-02-10 15:11 - 2016-01-22 04:53 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-02-10 15:11 - 2016-01-22 04:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-02-10 15:11 - 2016-01-22 04:53 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-02-10 15:11 - 2016-01-22 04:53 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-02-10 15:11 - 2016-01-22 04:51 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-02-10 15:11 - 2016-01-22 04:51 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 04:51 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 04:51 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 15:11 - 2016-01-22 04:51 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-05 22:07 - 2016-02-05 22:07 - 00049515 _____ C:\Users\******\Desktop\Vollmacht_Marven-Philipp Wurm z.Hd. Frau Brecht-Kaul.pdf
2016-02-05 17:43 - 2016-02-05 18:07 - 00000000 ____D C:\Users\******\Desktop\BAbe
2016-02-04 08:14 - 2016-02-04 08:47 - 00000000 ____D C:\Users\******\Desktop\fasnet
2016-02-03 17:10 - 2016-02-03 17:10 - 00027309 _____ C:\Users\******\Desktop\Untermietvertrag_Fürstengutweg 7.pdf
2016-01-30 17:32 - 2016-01-30 17:32 - 00245760 _____ C:\Users\******\Desktop\Vorlesung Deutsches und Europäisches Kartellrecht Teil I.ppt
2016-01-29 10:16 - 2016-01-29 10:16 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-01-29 10:16 - 2016-01-29 10:16 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-01-28 10:09 - 2016-01-28 10:09 - 00064731 _____ C:\Users\******\Desktop\Rückantwort Marven Wurm_13.01.2016.pdf
2016-01-28 10:08 - 2016-01-28 10:08 - 00091138 _____ C:\Users\******\Desktop\Antwortschreiben_MCD_13.01.2016.pdf
2016-01-28 10:07 - 2016-01-28 10:07 - 04602291 _____ C:\Users\******\Desktop\Antwortschreiben_MCD_23.01.2016.pdf
2016-01-26 13:10 - 2016-01-26 13:10 - 00151501 _____ C:\Users\******\Desktop\LAG_Hessen_12.11.2015_-_9_TaBV_44_15.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-21 14:58 - 2015-12-08 12:10 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-21 14:46 - 2013-03-29 12:15 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-02-21 14:28 - 2015-06-26 14:35 - 00001232 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1485572930-606236203-3537335217-1002UA.job
2016-02-21 13:33 - 2009-07-14 04:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-21 13:33 - 2009-07-14 04:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-21 12:10 - 2015-12-08 12:11 - 00000000 ___RD C:\Users\******\Google Drive
2016-02-21 12:10 - 2014-11-04 15:40 - 00000000 ___RD C:\Users\******\Dropbox
2016-02-21 12:10 - 2014-11-04 15:39 - 00000000 ____D C:\Users\******\AppData\Roaming\Dropbox
2016-02-21 11:38 - 2010-09-12 20:06 - 00701576 _____ C:\windows\system32\perfh007.dat
2016-02-21 11:38 - 2010-09-12 20:06 - 00150444 _____ C:\windows\system32\perfc007.dat
2016-02-21 11:38 - 2009-07-14 05:13 - 01620684 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-21 11:38 - 2009-07-14 03:20 - 00000000 ____D C:\windows\inf
2016-02-21 11:32 - 2015-12-08 12:10 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-21 11:32 - 2011-10-18 10:19 - 00000000 ____D C:\Users\******\AppData\LocalLow\AuthenTec
2016-02-21 11:31 - 2010-09-12 20:05 - 00000000 ____D C:\ProgramData\HPQLOG
2016-02-21 11:29 - 2009-07-14 05:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-20 21:37 - 2015-08-04 06:40 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleFor******.job
2016-02-20 21:33 - 2015-02-03 22:21 - 00000000 __SHD C:\Users\******\AppData\Local\EmieUserList
2016-02-20 21:33 - 2015-02-03 22:21 - 00000000 __SHD C:\Users\******\AppData\Local\EmieSiteList
2016-02-20 21:33 - 2015-02-03 22:21 - 00000000 __SHD C:\Users\******\AppData\Local\EmieBrowserModeList
2016-02-20 21:32 - 2014-05-14 19:19 - 00000000 __SHD C:\Users\******\AppData\LocalLow\EmieSiteList
2016-02-20 21:12 - 2011-10-10 22:09 - 00113872 _____ C:\Users\******\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-20 21:07 - 2009-07-14 04:45 - 00469504 _____ C:\windows\system32\FNTCACHE.DAT
2016-02-20 20:15 - 2015-02-24 17:24 - 00000000 ____D C:\Program Files (x86)\WarThunder
2016-02-20 20:15 - 2012-03-25 18:44 - 00000000 ____D C:\Users\******\Documents\My Games
2016-02-20 20:14 - 2009-07-14 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-20 20:13 - 2012-03-25 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2016-02-20 20:13 - 2012-03-25 18:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2016-02-20 20:12 - 2010-09-12 20:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-20 20:11 - 2015-03-31 16:06 - 00000000 ____D C:\ProgramData\ZDSupport
2016-02-18 14:19 - 2012-01-17 17:26 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2016-02-18 10:44 - 2013-05-10 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-18 10:43 - 2013-03-27 15:12 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-02-18 09:28 - 2015-06-26 14:35 - 00001180 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1485572930-606236203-3537335217-1002Core.job
2016-02-17 20:30 - 2014-08-16 04:32 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-17 09:30 - 2010-09-12 20:05 - 00000000 ____D C:\ProgramData\PDFC
2016-02-16 12:28 - 2014-11-03 18:41 - 00000000 _____ C:\AILog.txt
2016-02-14 15:49 - 2014-02-27 22:24 - 01598708 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-02-13 12:56 - 2012-10-13 16:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-11 08:43 - 2011-10-10 22:10 - 00000000 ___RD C:\Users\******\Virtual Machines
2016-02-11 08:37 - 2014-12-11 09:50 - 00000000 ____D C:\windows\system32\appraiser
2016-02-11 08:37 - 2014-05-06 07:20 - 00000000 ___SD C:\windows\system32\CompatTel
2016-02-11 08:37 - 2009-07-27 14:36 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:24 - 2009-07-14 02:34 - 00000478 _____ C:\windows\win.ini
2016-02-09 20:46 - 2013-03-29 12:15 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 20:46 - 2012-05-24 12:13 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-02-09 20:46 - 2011-10-12 16:15 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-06 21:37 - 2015-08-04 06:40 - 00003198 _____ C:\windows\System32\Tasks\HPCeeScheduleFor******
2016-02-05 18:06 - 2015-07-10 21:20 - 00000000 ____D C:\Users\******\Desktop\sortieren
2016-02-02 16:53 - 2015-12-08 12:10 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 16:53 - 2015-12-08 12:10 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-29 10:17 - 2015-12-08 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-26 18:33 - 2012-01-23 11:32 - 00000000 ____D C:\Users\******\Desktop\Database
2016-01-25 10:31 - 2016-01-14 11:23 - 00000000 ____D C:\Users\******\Desktop\Berwerbungsbilder

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-10-18 17:24 - 2012-10-18 17:24 - 0003584 _____ () C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-05 15:26 - 2015-03-05 15:26 - 0016768 _____ () C:\Users\******\AppData\Local\recently-used.xbel
2011-10-11 11:03 - 2011-10-11 11:03 - 0017408 _____ () C:\Users\******\AppData\Local\WebpageIcons.db

Einige Dateien in TEMP:
====================
C:\Users\******\AppData\Local\Temp\avgnt.exe
C:\Users\******\AppData\Local\Temp\UninstallSer.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-08 13:19

==================== Ende von FRST.txt ============================
         
__________________

Alt 21.02.2016, 15:26   #4
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-02-2016
durchgeführt von ****** (2016-02-21 15:20:57)
Gestartet von C:\Users\******\Desktop
Windows 7 Professional Service Pack 1 0(X64) (2011-10-10 21:59:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1485572930-606236203-3537335217-500 - Administrator - Disabled)
Gast (S-1-5-21-1485572930-606236203-3537335217-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1485572930-606236203-3537335217-1006 - Limited - Enabled)
****** (S-1-5-21-1485572930-606236203-3537335217-1002 - Administrator - Enabled) => C:\Users\******

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActivClient x64 (HKLM\...\{86E45973-5352-439F-A115-2E8EE4D40140}) (Version: 6.2 - ActivIdentity)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bodenseeschifferpatent A + D (HKLM-x32\...\{E61CBD08-7BEE-4C54-AF44-D129874232F4}) (Version: 2.4.1.0 - Manuel Frey)
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version:  - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
ClipGrab 3.4.9 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.6 - Hewlett-Packard)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.6.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.3 - Hewlett-Packard)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{8F258628-2E18-4C2E-8127-EF4EFAF5F75C}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Connection Manager (HKLM-x32\...\{DE637160-7A1C-4F73-B1AB-4300AE2C2DDE}) (Version: 3.1.3 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{4054365C-8CD6-4F08-A2F9-44CADFD7A9D0}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{91265FED-244B-4DAF-A8E5-EA386209169C}) (Version: 4.0.20.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3C33FD2E-6B21-4CD3-B41A-A7331D467617}) (Version: 1.0.6.0 - Hewlett-Packard)
HP Power Data (HKLM\...\{42DBA167-C25D-49CE-BBAF-DEC25E737DA8}) (Version: 1.0.21.158 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.13.766 - Hewlett-Packard Company)
HP QuickLook (HKLM\...\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}) (Version: 3.3.1.4 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F4877}) (Version: 1.0.1.62 - DeviceVM, Inc.)
HP Setup (HKLM-x32\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SimplePass 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{18F4179A-385F-40EE-AE2D-FA0E1BE62753}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Card Security for HP ProtectTools (HKLM\...\{F4477CC0-7293-414A-93BC-20EE897A80F0}) (Version: 5.0.4.1 - Hewlett-Packard)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LightScribe System Software (HKLM-x32\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Halo (HKLM-x32\...\Halo) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1485572930-606236203-3537335217-1002\...\MyFreeCodec) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
pptPlex from Microsoft Office Labs (HKLM-x32\...\{4FCAA65E-086D-4D49-A292-A5E764667263}) (Version: 1.1.3.4 - Microsoft Office Labs)
Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.796 - Hewlett-Packard)
Qualcomm Gobi 2000 Package for HP (HKLM-x32\...\{46DD6CB5-C129-40A5-9427-2E67A400888E}) (Version: 1.1.130 - QUALCOMM)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.21 - Hewlett-Packard)
Theft Recovery (x32 Version: 5.1.0.21 - Hewlett-Packard) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414) (HKLM\...\7E38E30BB92ED94B21CF062A7386554CBA991FEB) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Winmail Opener 1.4 (HKLM-x32\...\Winmail Opener) (Version: 1.4 - Eolsoft)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9055 - WinZip Computing, S.L. )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1485572930-606236203-3537335217-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06B604F5-DCA9-41B4-AB92-560EAA8F1A9F} - System32\Tasks\{8EFE7386-75FE-4E50-B822-A2C460FA235A} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.115/de/abandoninstall?page=tsProgressBar
Task: {10E547AD-3FDA-4640-9F60-038FB5BE969E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {122711D6-3935-4884-A45D-18D32ACC1A64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {29D8E19A-4D96-494B-BEB8-B16D7CD2717E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {39878197-C636-49D7-9036-363347C9B333} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {5187D635-42B5-4FEA-B935-BB99255755DD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1485572930-606236203-3537335217-1002Core => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {51C4F2D4-5DF7-4A48-97C1-E78B01F10DC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-08] (Google Inc.)
Task: {7A346855-F329-460B-B6A2-2048FF2F2D88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {84CCDB7E-7CC4-4D52-8F30-AE43B5588CA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-08] (Google Inc.)
Task: {9F2B393F-8981-4CB3-8854-6EF901230C1A} - System32\Tasks\{B808F39D-FB21-4931-BDFD-5E0EE708F3E9} => pcalua.exe -a "C:\Users\******\Downloads\lw564(1).exe" -d "C:\Users\******\Downloads"
Task: {A3210406-687A-43CB-9096-55733FC8E470} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {B8762FAE-116B-483B-B165-93B982F2F964} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1485572930-606236203-3537335217-1002UA => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {CEC3062A-762F-41DA-9963-E379C21ECD20} - System32\Tasks\HPCeeScheduleFor****** => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {E18558B6-1EF9-4ACD-9A3F-95CDF6D4D68F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17] (Adobe Systems Incorporated)
Task: {E231F5D1-1B27-43A9-9D26-C03093CA3007} - System32\Tasks\{6D986F0C-72A1-42F9-9287-B3BCDAD237AB} => pcalua.exe -a "C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myinx.exe" -c /Script=C:\Program Files (x86)\McAfee\Managed VirusScan\Firewall\mvsFirewall.Inx /Section=DefaultUninstall
Task: {E4DD501B-74DE-4A94-872E-BE2078CE259C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1485572930-606236203-3537335217-1002Core.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1485572930-606236203-3537335217-1002UA.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleFor******.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-04-20 06:10 - 2010-04-20 06:10 - 00100352 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-11-09 17:38 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-04-05 18:15 - 2010-04-05 18:15 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2010-04-05 18:15 - 2010-04-05 18:15 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2010-04-05 18:15 - 2010-04-05 18:15 - 00055352 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2013-08-25 13:41 - 2013-08-25 13:41 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-04-05 18:12 - 2010-04-05 18:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2015-12-08 19:25 - 2015-12-08 19:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-03-13 02:27 - 2010-03-13 02:27 - 00168280 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMBIOSController.dll
2010-02-22 18:19 - 2010-02-22 18:19 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-02-22 18:19 - 2010-02-22 18:19 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-02-22 18:19 - 2010-02-22 18:19 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2015-12-11 13:29 - 2016-01-12 18:44 - 00034768 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-19 18:13 - 2016-01-12 18:45 - 00019408 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-11 13:29 - 2016-01-12 18:44 - 00116688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-11 13:29 - 2016-01-12 18:44 - 00093640 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-11 13:29 - 2016-01-12 18:44 - 00018376 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00019760 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-11 13:29 - 2016-01-12 18:46 - 00105928 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-11 13:29 - 2016-01-12 18:44 - 00392144 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-11 13:29 - 2016-02-16 18:39 - 00381752 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-11 13:29 - 2016-01-12 18:44 - 00692688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-19 18:13 - 2016-02-16 18:38 - 00020816 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 13:29 - 2016-01-12 18:45 - 00112592 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-19 18:13 - 2016-02-16 18:38 - 01682760 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-19 18:13 - 2016-02-16 18:38 - 00020808 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00020800 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00021840 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00038696 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-11 13:29 - 2016-01-12 18:46 - 00020936 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-11 13:29 - 2016-01-12 18:46 - 00024528 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-11 13:29 - 2016-01-12 18:47 - 00114640 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-11 13:29 - 2016-01-12 18:46 - 00124880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00021832 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-11 13:29 - 2016-01-12 18:46 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-11 13:29 - 2016-01-12 18:46 - 00175560 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-11 13:29 - 2016-01-12 18:47 - 00030160 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-11 13:29 - 2016-01-12 18:47 - 00043472 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-11 13:29 - 2016-01-12 18:47 - 00028616 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-11 13:29 - 2016-01-12 18:47 - 00048592 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00026456 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-11 13:29 - 2016-01-12 18:46 - 00057808 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-11 13:29 - 2016-01-12 18:47 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-19 18:13 - 2016-02-16 18:38 - 00117056 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00024392 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-19 18:13 - 2016-01-12 18:47 - 00036296 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-11 13:29 - 2016-02-16 18:39 - 00023376 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 13:29 - 2016-01-12 18:44 - 00134608 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-11 13:29 - 2016-01-12 18:44 - 00134088 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-19 18:13 - 2016-01-12 18:45 - 00240584 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00052024 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00020800 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00021824 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00019776 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00020800 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-19 18:13 - 2016-02-16 18:38 - 00020280 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-11 13:29 - 2016-01-12 18:47 - 00350152 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00022352 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00084792 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-11 13:29 - 2016-02-16 18:39 - 01826096 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-11 13:29 - 2016-01-12 18:45 - 00083912 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 03928880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 01971504 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00531248 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00132912 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00223544 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00207672 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00158008 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-19 18:13 - 2016-02-16 18:39 - 00042808 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-19 18:13 - 2016-01-12 18:49 - 00017864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-19 18:13 - 2016-01-12 18:49 - 01631184 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-11 13:29 - 2016-02-16 18:39 - 00024904 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00546096 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-11 13:29 - 2016-02-16 18:39 - 00357680 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 21:45 - 2016-01-12 18:52 - 00697304 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2010-03-13 02:25 - 2010-03-13 02:25 - 00602624 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.UI.ViewModel.dll
2010-03-13 02:25 - 2010-03-13 02:25 - 00355328 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Application.dll
2010-03-13 02:24 - 2010-03-13 02:24 - 00130048 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP.ShinyNoire.UI.dll
2010-03-13 02:27 - 2010-03-13 02:27 - 00136040 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.SharedUI.WPF.dll
2010-03-13 02:24 - 2010-03-13 02:24 - 00015360 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Resources.WPF.dll
2010-03-13 02:24 - 2010-03-13 02:24 - 00014848 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.Resources.WPF.resources.dll
2010-03-13 02:24 - 2010-03-13 02:24 - 01601536 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\en-US\HP.ShinyNoire.UI.resources.dll
2010-03-13 02:26 - 2010-03-13 02:26 - 00311296 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.SharedUI.WPF.resources.dll
2010-03-13 02:24 - 2010-03-13 02:24 - 00483328 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\en-US\SmithMicro.Resources.WPF.resources.dll
2010-03-13 02:25 - 2010-03-13 02:25 - 00059904 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.UI.Models.dll
2010-03-13 02:26 - 2010-03-13 02:26 - 00195584 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.WwanDiagnostics.dll
2010-03-13 02:24 - 2010-03-13 02:24 - 00573440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Message.XmlSerializers.dll
2010-03-13 02:25 - 2010-03-13 02:25 - 00045056 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SmithMicro.Application.XmlSerializers.dll
2010-03-13 02:25 - 2010-03-13 02:25 - 00005120 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.Application.resources.dll
2010-03-13 02:25 - 2010-03-13 02:25 - 00015872 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\de\SmithMicro.UI.ViewModel.resources.dll
2016-02-21 11:32 - 2016-02-21 11:32 - 00098816 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32api.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00110080 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\pywintypes27.dll
2016-02-21 11:32 - 2016-02-21 11:32 - 00364544 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\pythoncom27.dll
2016-02-21 11:32 - 2016-02-21 11:32 - 00320512 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32com.shell.shell.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00776704 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_hashlib.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 01176576 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._core_.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00806400 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._gdi_.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00816128 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._windows_.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 01067008 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._controls_.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00733184 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._misc_.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00682496 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\pysqlite2._sqlite.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00088064 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_ctypes.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00119808 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32file.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00108544 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32security.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00007168 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\hashobjs_ext.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00017920 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\thumbnails_ext.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00088064 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\usb_ext.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00167936 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32gui.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00018432 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32event.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00046080 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_socket.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 01208320 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_ssl.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00128512 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_elementtree.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00127488 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\pyexpat.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00013824 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\common.time34.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00036864 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_psutil_windows.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00038912 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32inet.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00525240 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\windows._lib_cacheinvalidation.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00011264 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32crypt.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00077312 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._html2.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00027136 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_multiprocessing.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00020480 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\_yappi.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00035840 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32process.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00686080 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\unicodedata.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00078848 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._animate.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00123392 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\wx._wizard.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00024064 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32pipe.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00010240 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\select.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00025600 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32pdh.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00017408 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32profile.pyd
2016-02-21 11:32 - 2016-02-21 11:32 - 00022528 _____ () C:\Users\ME062~1.WUR\AppData\Local\Temp\_MEI13602\win32ts.pyd
2010-02-10 01:58 - 2010-02-10 01:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-10 01:58 - 2010-02-10 01:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-10 01:58 - 2010-02-10 01:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-10 01:58 - 2010-02-10 01:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-10 01:58 - 2010-02-10 01:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-10 01:58 - 2010-02-10 01:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-10 01:58 - 2010-02-10 01:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-10 01:58 - 2010-02-10 01:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2016-02-17 19:29 - 2015-12-15 05:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-17 19:29 - 2015-07-03 16:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-17 19:29 - 2015-07-03 16:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-17 19:29 - 2015-07-03 16:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-17 19:29 - 2016-02-04 21:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-17 19:29 - 2015-09-24 00:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-17 19:29 - 2015-09-24 00:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-17 19:29 - 2015-09-24 00:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-17 19:29 - 2015-09-24 00:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-17 19:29 - 2015-09-24 00:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-17 19:29 - 2016-02-04 21:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-02-17 19:29 - 2015-12-30 01:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-02-17 19:29 - 2016-01-06 01:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 02:34 - 2015-02-05 07:30 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1485572930-606236203-3537335217-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\******\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 77.244.128.44 - 77.244.128.45
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: HP Connection Manager.exe => "C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe"
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A5CD99CF-4C3C-49B6-B85C-C88C19CDA697}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [{9D9AA013-4CB5-4108-8441-EFE4574E24E9}] => (Allow) C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{6309EBD2-215C-4219-88B2-DC5726F5E952}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0902E5FF-EEAE-4998-AFE8-A5338FE7274C}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe
FirewallRules: [{5C2C9B18-AE4E-454E-B916-80F73F10DC27}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe
FirewallRules: [TCP Query User{CFBCA724-F87D-4E91-A016-5B2C0ADECDB5}C:\program files (x86)\microsoft games\halo\halo.exe] => (Block) C:\program files (x86)\microsoft games\halo\halo.exe
FirewallRules: [UDP Query User{54DA65C5-8FCD-41A3-BDDE-83A99426CF87}C:\program files (x86)\microsoft games\halo\halo.exe] => (Block) C:\program files (x86)\microsoft games\halo\halo.exe
FirewallRules: [TCP Query User{551DF9D7-A87D-462D-8150-D78960DC41FF}C:\program files (x86)\connectify\connectify.exe] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{D0C2FEB7-9C0F-41FB-A639-A887F3633B41}C:\program files (x86)\connectify\connectify.exe] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{E5067449-C685-47AB-9621-7147B1B896CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9BFF95C-DCF7-40FD-9C75-815EA8133EFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{1133EFCC-155D-4FAE-856E-2FC3E9B42FA6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{6444C227-390A-4370-9F88-B1F85C1564D8}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{9D7A79DB-7642-4533-B80D-66AA524FE983}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{3FB5E4A9-F783-4AAB-81F3-AB2D595C10F5}] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{F34AE878-002D-4635-B485-2F53578F5A9F}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{D7881EA7-64EC-4608-857C-FA3E8B29C1EC}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{EFA88CA9-8BD2-48A5-86C2-6D5AAACA2483}C:\program files (x86)\ea games\command and conquer generäle\patchget.dat] => (Allow) C:\program files (x86)\ea games\command and conquer generäle\patchget.dat
FirewallRules: [UDP Query User{40E78A96-DECF-4E03-ABB6-FEA124626C0A}C:\program files (x86)\ea games\command and conquer generäle\patchget.dat] => (Allow) C:\program files (x86)\ea games\command and conquer generäle\patchget.dat
FirewallRules: [TCP Query User{AFAF4864-8806-422F-98D4-FBDF7C2DBBCD}C:\users\******\appdata\local\temp\rarsfx0\hl.exe] => (Block) C:\users\******\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [UDP Query User{1A32BE3B-F694-443E-A359-7A9E5B96BD90}C:\users\******\appdata\local\temp\rarsfx0\hl.exe] => (Block) C:\users\******\appdata\local\temp\rarsfx0\hl.exe
FirewallRules: [TCP Query User{B47A40D7-D011-4564-97C0-C44A6E8816AE}C:\users\******\appdata\local\temp\rarsfx1\hl.exe] => (Block) C:\users\******\appdata\local\temp\rarsfx1\hl.exe
FirewallRules: [UDP Query User{629A4853-BDB2-4143-A756-B170BB3BA890}C:\users\******\appdata\local\temp\rarsfx1\hl.exe] => (Block) C:\users\******\appdata\local\temp\rarsfx1\hl.exe
FirewallRules: [TCP Query User{25DB68D6-B09C-41D9-9E97-E2160C7A1D08}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe
FirewallRules: [UDP Query User{59A459B3-BF09-4EDB-8A9D-80B4B5048E42}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe
FirewallRules: [{B2457AE0-889E-48FE-A697-560F486BC208}] => (Allow) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BE93342D-E491-4F55-9219-E4FD7DD3CE5B}] => (Allow) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{572CA731-E526-4D11-B411-74110E48EA7F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{96D394ED-0D6B-4319-BD4D-7DC6AF018913}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E1570BB7-9B77-4A4A-B4A1-112CF1E5A079}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D73EECD1-26BE-42E2-A7E7-E72906F86C09}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE9A7AFB-20A8-4B77-BE4C-47F8FC121964}] => (Allow) LPort=80
FirewallRules: [{113A2C58-2A9C-4731-B64C-9D494B8CC0AD}] => (Allow) LPort=443
FirewallRules: [{E0C4F113-1471-47ED-854D-54AF6E91BA0C}] => (Allow) LPort=20010
FirewallRules: [{2A9D45BE-2F59-4AA7-8C51-E822583A1203}] => (Allow) LPort=3478
FirewallRules: [{E9C84EC9-0F41-43BE-AC1A-391A5A4D3427}] => (Allow) LPort=7850
FirewallRules: [{A2EDABF1-DBA1-4B6A-898A-CDCE7DE7CBE5}] => (Allow) LPort=7852
FirewallRules: [{F9AD8179-2602-4F48-8513-500B89EDF753}] => (Allow) LPort=7853
FirewallRules: [{D8572F4C-09B7-4888-8485-B349AF1FF1F7}] => (Allow) LPort=27022
FirewallRules: [{3FE1A6EC-FA8A-414D-AB37-ED7323D43896}] => (Allow) LPort=6881
FirewallRules: [{1C016485-F632-430A-AEBF-8A01412E0029}] => (Allow) LPort=33333
FirewallRules: [{CC240D85-8F0D-40CF-B5D1-EB71705B9855}] => (Allow) LPort=20443
FirewallRules: [{11130807-1EDC-4CD0-AD00-B29DD01D7543}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{3AF63E2E-C515-4EDA-934E-C799810F048C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{96BC52BC-2CD0-42B1-B38A-8DFB36D4AC91}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{60F3AC8E-6A55-4C39-9DB1-D7DA8F089A03}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC287E2E-E865-4A22-9C48-D66EA233D48C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{935FF961-7708-4155-A094-3F24148F3429}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{916C4A41-2888-4E3E-9142-8AD406A5086D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{11A1EBCA-BAA6-4933-BE90-2567932DD4C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{B00CABA4-36F2-4056-9C30-3212830D4C38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/20/2016 09:08:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/20/2016 09:08:58 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/20/2016 09:08:58 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/20/2016 09:08:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (02/20/2016 09:08:57 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/20/2016 09:08:57 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/20/2016 09:08:57 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/20/2016 09:08:57 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/20/2016 09:08:57 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.

Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (02/20/2016 09:08:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3888) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000D2.log.


Systemfehler:
=============
Error: (02/21/2016 03:17:45 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (02/21/2016 11:35:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP Support Solutions Framework Service" wurde nicht richtig gestartet.

Error: (02/21/2016 11:30:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Software Framework Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/21/2016 11:30:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HP Software Framework Service erreicht.

Error: (02/20/2016 09:36:50 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{3B36CFB7-5F47-4A7B-AAF3-4F078FE6A2E8} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (02/20/2016 09:33:12 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/20/2016 09:33:12 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/20/2016 09:17:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (02/20/2016 09:14:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP Support Solutions Framework Service" wurde nicht richtig gestartet.

Error: (02/20/2016 09:08:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-02-05 07:24:59.602
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-05 07:24:59.384
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-22 15:29:28.777
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-22 15:29:28.777
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-22 15:29:28.777
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-22 15:29:28.767
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-22 15:29:28.757
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-22 15:29:28.757
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-22 11:01:41.627
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-22 11:01:41.617
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 7983.43 MB
Verfügbarer physikalischer RAM: 4854.78 MB
Summe virtueller Speicher: 15965.07 MB
Verfügbarer virtueller Speicher: 11985 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:280.79 GB) (Free:48.43 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.48 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8C949010)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         

Alt 21.02.2016, 15:46   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Hi,

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 21.02.2016, 15:59   #6
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



TDSSKiller Logfile 1:

Code:
ATTFilter
15:54:39.0302 0x0fc0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:54:44.0660 0x0fc0  ============================================================
15:54:44.0660 0x0fc0  Current date / time: 2016/02/21 15:54:44.0660
15:54:44.0660 0x0fc0  SystemInfo:
15:54:44.0660 0x0fc0  
15:54:44.0660 0x0fc0  OS Version: 6.1.7601 ServicePack: 1.0
15:54:44.0660 0x0fc0  Product type: Workstation
15:54:44.0661 0x0fc0  ComputerName: *******-HP
15:54:44.0661 0x0fc0  UserName: *******
15:54:44.0661 0x0fc0  Windows directory: C:\windows
15:54:44.0661 0x0fc0  System windows directory: C:\windows
15:54:44.0661 0x0fc0  Running under WOW64
15:54:44.0661 0x0fc0  Processor architecture: Intel x64
15:54:44.0661 0x0fc0  Number of processors: 4
15:54:44.0661 0x0fc0  Page size: 0x1000
15:54:44.0661 0x0fc0  Boot type: Normal boot
15:54:44.0661 0x0fc0  ============================================================
15:54:44.0858 0x0fc0  KLMD registered as C:\windows\system32\drivers\95750812.sys
15:54:45.0282 0x0fc0  System UUID: {5D93846A-EB50-3207-5360-8776037F0A53}
15:54:45.0911 0x0fc0  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:54:45.0917 0x0fc0  ============================================================
15:54:45.0917 0x0fc0  \Device\Harddisk0\DR0:
15:54:45.0917 0x0fc0  MBR partitions:
15:54:45.0917 0x0fc0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
15:54:45.0917 0x0fc0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23197000
15:54:45.0917 0x0fc0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2322D800, BlocksNum 0x1E00000
15:54:45.0917 0x0fc0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x2502D800, BlocksNum 0x3FD800
15:54:45.0917 0x0fc0  ============================================================
15:54:45.0994 0x0fc0  C: <-> \Device\Harddisk0\DR0\Partition2
15:54:46.0022 0x0fc0  F: <-> \Device\Harddisk0\DR0\Partition4
15:54:46.0022 0x0fc0  ============================================================
15:54:46.0022 0x0fc0  Initialize success
15:54:46.0022 0x0fc0  ============================================================
15:55:18.0937 0x1b28  ============================================================
15:55:18.0937 0x1b28  Scan started
15:55:18.0937 0x1b28  Mode: Manual; SigCheck; TDLFS; 
15:55:18.0937 0x1b28  ============================================================
15:55:18.0937 0x1b28  KSN ping started
15:55:21.0672 0x1b28  KSN ping finished: true
15:55:23.0359 0x1b28  ================ Scan system memory ========================
15:55:23.0359 0x1b28  System memory - ok
15:55:23.0359 0x1b28  ================ Scan services =============================
15:55:23.0726 0x1b28  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
15:55:23.0795 0x1b28  1394ohci - ok
15:55:23.0952 0x1b28  [ 5E8EFEB338DEB1F485420B090FE6C85E, 1F80E36F10A9F3B25D218B903CB0045F3EE0796D9E73A7744C414CA7ECF0EF51 ] ac.sharedstore  C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
15:55:23.0971 0x1b28  ac.sharedstore - ok
15:55:24.0028 0x1b28  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\windows\system32\DRIVERS\Accelerometer.sys
15:55:24.0043 0x1b28  Accelerometer - ok
15:55:24.0098 0x1b28  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
15:55:24.0119 0x1b28  ACPI - ok
15:55:24.0240 0x1b28  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
15:55:24.0271 0x1b28  AcpiPmi - ok
15:55:24.0450 0x1b28  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:55:24.0463 0x1b28  AdobeARMservice - ok
15:55:24.0625 0x1b28  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:55:24.0642 0x1b28  AdobeFlashPlayerUpdateSvc - ok
15:55:24.0750 0x1b28  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
15:55:24.0775 0x1b28  adp94xx - ok
15:55:24.0897 0x1b28  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
15:55:24.0916 0x1b28  adpahci - ok
15:55:24.0964 0x1b28  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
15:55:24.0979 0x1b28  adpu320 - ok
15:55:25.0030 0x1b28  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
15:55:25.0044 0x1b28  AeLookupSvc - ok
15:55:25.0188 0x1b28  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
15:55:25.0220 0x1b28  AESTFilters - ok
15:55:25.0316 0x1b28  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\windows\system32\drivers\afd.sys
15:55:25.0358 0x1b28  AFD - ok
15:55:25.0463 0x1b28  [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
15:55:25.0475 0x1b28  AgereModemAudio - ok
15:55:25.0559 0x1b28  [ A6AB6F0ACE87DA76B4C401813D18BE95, 6AE72E0F07DF2164A3198E14A6AE7E15F0B8EB467D2D68960A006E360DBBA891 ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
15:55:25.0609 0x1b28  AgereSoftModem - ok
15:55:25.0688 0x1b28  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
15:55:25.0703 0x1b28  agp440 - ok
15:55:25.0789 0x1b28  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
15:55:25.0805 0x1b28  ALG - ok
15:55:25.0840 0x1b28  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
15:55:25.0852 0x1b28  aliide - ok
15:55:25.0930 0x1b28  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
15:55:25.0941 0x1b28  amdide - ok
15:55:26.0046 0x1b28  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
15:55:26.0063 0x1b28  AmdK8 - ok
15:55:26.0087 0x1b28  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
15:55:26.0103 0x1b28  AmdPPM - ok
15:55:26.0306 0x1b28  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
15:55:26.0325 0x1b28  amdsata - ok
15:55:26.0356 0x1b28  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
15:55:26.0371 0x1b28  amdsbs - ok
15:55:26.0415 0x1b28  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
15:55:26.0428 0x1b28  amdxata - ok
15:55:26.0619 0x1b28  [ 4258991B9E25540D35C7C8234D4FE1D8, CB4E100E30626A02FE59CA7CAEE187B6B03BA531931B1D132E88C0638BCE6B7A ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:55:26.0659 0x1b28  AntiVirMailService - ok
15:55:26.0725 0x1b28  [ B72014AB9465B84D82AD324DBC4A77EF, 905E922839BDE1FBA26DCC8F48361DC08BD51CC42BCF0904FAB99D2C34027239 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:55:26.0750 0x1b28  AntiVirSchedulerService - ok
15:55:26.0815 0x1b28  [ B72014AB9465B84D82AD324DBC4A77EF, 905E922839BDE1FBA26DCC8F48361DC08BD51CC42BCF0904FAB99D2C34027239 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:55:26.0837 0x1b28  AntiVirService - ok
15:55:26.0920 0x1b28  [ FD20E4FC7D4E7BEBA088387DCE991865, F9EE69774C92F71BDE1D40671EAE5630273CA632BA1E996B00758527D0D75F3D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:55:26.0976 0x1b28  AntiVirWebService - ok
15:55:27.0048 0x1b28  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\windows\system32\drivers\appid.sys
15:55:27.0063 0x1b28  AppID - ok
15:55:27.0076 0x1b28  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\windows\System32\appidsvc.dll
15:55:27.0090 0x1b28  AppIDSvc - ok
15:55:27.0129 0x1b28  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\windows\System32\appinfo.dll
15:55:27.0147 0x1b28  Appinfo - ok
15:55:27.0234 0x1b28  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\windows\System32\appmgmts.dll
15:55:27.0250 0x1b28  AppMgmt - ok
15:55:27.0288 0x1b28  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
15:55:27.0300 0x1b28  arc - ok
15:55:27.0346 0x1b28  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
15:55:27.0359 0x1b28  arcsas - ok
15:55:27.0499 0x1b28  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:55:27.0512 0x1b28  aspnet_state - ok
15:55:27.0569 0x1b28  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
15:55:27.0605 0x1b28  AsyncMac - ok
15:55:27.0639 0x1b28  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
15:55:27.0654 0x1b28  atapi - ok
15:55:27.0764 0x1b28  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:55:27.0799 0x1b28  AudioEndpointBuilder - ok
15:55:27.0823 0x1b28  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
15:55:27.0854 0x1b28  AudioSrv - ok
15:55:27.0994 0x1b28  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
15:55:28.0023 0x1b28  avgntflt - ok
15:55:28.0095 0x1b28  [ 6BA8ADBDF2A492A75DA81868C32F67BD, 56CB3A0647DACA414D5A65D4701443604E573F41FEE79349D88D558C6336453A ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
15:55:28.0112 0x1b28  avipbb - ok
15:55:28.0238 0x1b28  [ DFF7C7E8DB2A8F520BF0550AAD17FF99, 350E4E41E3932B155C93A061B7209645969FD6EE597CF5BBF4BBF7AB0EBBB7FD ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:55:28.0281 0x1b28  Avira.ServiceHost - ok
15:55:28.0330 0x1b28  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
15:55:28.0342 0x1b28  avkmgr - ok
15:55:28.0414 0x1b28  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\windows\system32\DRIVERS\avnetflt.sys
15:55:28.0428 0x1b28  avnetflt - ok
15:55:28.0504 0x1b28  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
15:55:28.0533 0x1b28  AxInstSV - ok
15:55:28.0601 0x1b28  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
15:55:28.0651 0x1b28  b06bdrv - ok
15:55:28.0698 0x1b28  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
15:55:28.0725 0x1b28  b57nd60a - ok
15:55:28.0825 0x1b28  [ C44E843E1A4DA2C53D08E28440B11AA4, 63B35F3A213CA5FF028F8BC9A6F48262BD9CF4A5448184855420EE375463E241 ] BCM42RLY        C:\windows\system32\drivers\BCM42RLY.sys
15:55:28.0837 0x1b28  BCM42RLY - ok
15:55:29.0291 0x1b28  [ DDAA62D4BDC6C23D06EAB2A475BB9BFB, 4B9BEEAD1B33B6BB2F389E051A105E884CC952CFED648134DC58A35FD036F51E ] BCM43XX         C:\windows\system32\DRIVERS\bcmwl664.sys
15:55:29.0458 0x1b28  BCM43XX - ok
15:55:29.0590 0x1b28  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
15:55:29.0605 0x1b28  BDESVC - ok
15:55:29.0666 0x1b28  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
15:55:29.0705 0x1b28  Beep - ok
15:55:29.0824 0x1b28  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
15:55:29.0862 0x1b28  BFE - ok
15:55:29.0936 0x1b28  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
15:55:30.0043 0x1b28  BITS - ok
15:55:30.0127 0x1b28  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
15:55:30.0141 0x1b28  blbdrive - ok
15:55:30.0176 0x1b28  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
15:55:30.0237 0x1b28  bowser - ok
15:55:30.0327 0x1b28  BRDriver64_1_3_3_E02B25FC - ok
15:55:30.0353 0x1b28  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
15:55:30.0382 0x1b28  BrFiltLo - ok
15:55:30.0444 0x1b28  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
15:55:30.0460 0x1b28  BrFiltUp - ok
15:55:30.0615 0x1b28  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
15:55:30.0657 0x1b28  BridgeMP - ok
15:55:30.0768 0x1b28  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
15:55:30.0786 0x1b28  Browser - ok
15:55:30.0818 0x1b28  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
15:55:30.0847 0x1b28  Brserid - ok
15:55:30.0863 0x1b28  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
15:55:30.0878 0x1b28  BrSerWdm - ok
15:55:30.0964 0x1b28  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
15:55:30.0985 0x1b28  BRSptStub - ok
15:55:31.0049 0x1b28  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
15:55:31.0064 0x1b28  BrUsbMdm - ok
15:55:31.0100 0x1b28  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
15:55:31.0113 0x1b28  BrUsbSer - ok
15:55:31.0178 0x1b28  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
15:55:31.0197 0x1b28  BthEnum - ok
15:55:31.0298 0x1b28  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
15:55:31.0316 0x1b28  BTHMODEM - ok
15:55:31.0412 0x1b28  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
15:55:31.0431 0x1b28  BthPan - ok
15:55:31.0469 0x1b28  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
15:55:31.0510 0x1b28  BTHPORT - ok
15:55:31.0545 0x1b28  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
15:55:31.0595 0x1b28  bthserv - ok
15:55:31.0651 0x1b28  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
15:55:31.0667 0x1b28  BTHUSB - ok
15:55:31.0765 0x1b28  [ AF838D8029AE7C27470862D63FA54D24, 96247094D2446CEE594AD765B98DE8583762A96FE83223CB18B4CDB3A4958376 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
15:55:31.0777 0x1b28  btwaudio - ok
15:55:31.0813 0x1b28  [ 5C849BD7C78791C5CEE9F4651D7FE38D, BC93A1B911FB4A44EC4DB64AF9AFC6F2013CD76BFB6FA9E4834CFDAAAF4BCD9F ] btwavdt         C:\windows\system32\DRIVERS\btwavdt.sys
15:55:31.0829 0x1b28  btwavdt - ok
15:55:31.0900 0x1b28  [ 10FFB5FA51D5713D872B41A59DFC2213, E0C0EA99C862E3FCE4D121BB34DEC00E74A371DF4093A44055E70E9F4CFA3DC6 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:55:31.0935 0x1b28  btwdins - ok
15:55:31.0981 0x1b28  [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
15:55:31.0992 0x1b28  btwl2cap - ok
15:55:32.0019 0x1b28  [ 3E1991AFA851A36DC978B0A1B0535C8B, F55F7FDDD2A71532F163E4F14B26A09DCDB7C970E806D803418D4CE0DFF09FB6 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
15:55:32.0029 0x1b28  btwrchid - ok
15:55:32.0041 0x1b28  catchme - ok
15:55:32.0089 0x1b28  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
15:55:32.0133 0x1b28  cdfs - ok
15:55:32.0239 0x1b28  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
15:55:32.0254 0x1b28  cdrom - ok
15:55:32.0320 0x1b28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
15:55:32.0363 0x1b28  CertPropSvc - ok
15:55:32.0411 0x1b28  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
15:55:32.0429 0x1b28  circlass - ok
15:55:32.0500 0x1b28  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
15:55:32.0522 0x1b28  CLFS - ok
15:55:32.0590 0x1b28  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:55:32.0601 0x1b28  clr_optimization_v2.0.50727_32 - ok
15:55:32.0657 0x1b28  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:55:32.0669 0x1b28  clr_optimization_v2.0.50727_64 - ok
15:55:32.0771 0x1b28  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:55:32.0788 0x1b28  clr_optimization_v4.0.30319_32 - ok
15:55:32.0820 0x1b28  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:55:32.0822 0x1d3c  Object required for P2P: [ DFF7C7E8DB2A8F520BF0550AAD17FF99 ] Avira.ServiceHost
15:55:32.0838 0x1b28  clr_optimization_v4.0.30319_64 - ok
15:55:32.0940 0x1b28  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
15:55:32.0956 0x1b28  CmBatt - ok
15:55:32.0987 0x1b28  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
15:55:33.0000 0x1b28  cmdide - ok
15:55:33.0054 0x1b28  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\windows\system32\Drivers\cng.sys
15:55:33.0084 0x1b28  CNG - ok
15:55:33.0109 0x1b28  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
15:55:33.0121 0x1b28  Compbatt - ok
15:55:33.0212 0x1b28  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
15:55:33.0236 0x1b28  CompositeBus - ok
15:55:33.0244 0x1b28  COMSysApp - ok
15:55:33.0261 0x1b28  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
15:55:33.0275 0x1b28  crcdisk - ok
15:55:33.0350 0x1b28  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
15:55:33.0369 0x1b28  CryptSvc - ok
15:55:33.0432 0x1b28  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\windows\system32\drivers\csc.sys
15:55:33.0479 0x1b28  CSC - ok
15:55:33.0549 0x1b28  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\windows\System32\cscsvc.dll
15:55:33.0580 0x1b28  CscService - ok
15:55:33.0684 0x1b28  [ A8BA4DA23AC20BDA23CA15234D42A3FA, 951C59CD83F7D931EFE68CC950602834187E2225B11261C92F9E0DC0A6F5F544 ] DAMDrv          C:\windows\system32\DRIVERS\DAMDrv64.sys
15:55:33.0697 0x1b28  DAMDrv - ok
15:55:33.0742 0x1b28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
15:55:33.0816 0x1b28  DcomLaunch - ok
15:55:33.0876 0x1b28  [ E6E9610D76418357A7EC725989687CB4, 20C4DBACED35221F9B43284B82A5B203A822FBF1B4FAB0701AB3730E508B9892 ] DEBridge        c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
15:55:33.0901 0x1b28  DEBridge - detected UnsignedFile.Multi.Generic ( 1 )
15:55:35.0296 0x1d3c  Object send P2P result: true
15:55:36.0371 0x1b28  Detect skipped due to KSN trusted
15:55:36.0371 0x1b28  DEBridge - ok
15:55:36.0427 0x1b28  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
15:55:36.0484 0x1b28  defragsvc - ok
15:55:36.0575 0x1b28  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
15:55:36.0618 0x1b28  DfsC - ok
15:55:36.0681 0x1b28  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
15:55:36.0696 0x1b28  dg_ssudbus - ok
15:55:36.0763 0x1b28  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
15:55:36.0838 0x1b28  Dhcp - ok
15:55:36.0958 0x1b28  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\windows\system32\diagtrack.dll
15:55:37.0029 0x1b28  DiagTrack - ok
15:55:37.0115 0x1b28  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
15:55:37.0158 0x1b28  discache - ok
15:55:37.0205 0x1b28  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
15:55:37.0217 0x1b28  Disk - ok
15:55:37.0252 0x1b28  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
15:55:37.0269 0x1b28  Dnscache - ok
15:55:37.0368 0x1b28  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
15:55:37.0414 0x1b28  dot3svc - ok
15:55:37.0484 0x1b28  [ E0E65ED0985A28FB18128D6099E985C4, 19051EB2EA2338725ACC08222713F427FD2DB33458D229A0BA3CB5F412E4458F ] DpHost          C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
15:55:37.0508 0x1b28  DpHost - ok
15:55:37.0580 0x1b28  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
15:55:37.0632 0x1b28  DPS - ok
15:55:37.0669 0x1b28  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
15:55:37.0683 0x1b28  drmkaud - ok
15:55:37.0737 0x1b28  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
15:55:37.0782 0x1b28  DXGKrnl - ok
15:55:37.0862 0x1b28  [ 14F16F95C1347BD50CA4FA4DFDA7E806, BA4007D6354EEF3341FBFC6E7A48BEC7ABE1F9C90C2844A57930E17DDE3C34BB ] e1kexpress      C:\windows\system32\DRIVERS\e1k62x64.sys
15:55:37.0883 0x1b28  e1kexpress - ok
15:55:37.0914 0x1b28  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
15:55:37.0967 0x1b28  EapHost - ok
15:55:38.0093 0x1b28  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
15:55:38.0206 0x1b28  ebdrv - ok
15:55:38.0283 0x1b28  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] EFS             C:\windows\System32\lsass.exe
15:55:38.0298 0x1b28  EFS - ok
15:55:38.0531 0x1b28  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
15:55:38.0573 0x1b28  ehRecvr - ok
15:55:38.0626 0x1b28  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
15:55:38.0644 0x1b28  ehSched - ok
15:55:38.0685 0x1b28  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
15:55:38.0710 0x1b28  elxstor - ok
15:55:38.0767 0x1b28  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
15:55:38.0780 0x1b28  ErrDev - ok
15:55:38.0888 0x1b28  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
15:55:38.0943 0x1b28  EventSystem - ok
15:55:39.0037 0x1b28  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
15:55:39.0079 0x1b28  exfat - ok
15:55:39.0098 0x1b28  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
15:55:39.0139 0x1b28  fastfat - ok
15:55:39.0232 0x1b28  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
15:55:39.0266 0x1b28  Fax - ok
15:55:39.0311 0x1b28  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
15:55:39.0325 0x1b28  fdc - ok
15:55:39.0363 0x1b28  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
15:55:39.0414 0x1b28  fdPHost - ok
15:55:39.0428 0x1b28  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
15:55:39.0469 0x1b28  FDResPub - ok
15:55:39.0484 0x1b28  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
15:55:39.0498 0x1b28  FileInfo - ok
15:55:39.0662 0x1b28  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
15:55:39.0713 0x1b28  Filetrace - ok
15:55:39.0873 0x1b28  [ 614B050875190FFE7ABBAF0CBB4FBBBA, CB7FEDE44B7BE276C86E63B3BF2E83D21986DE85500FA298F569B3C7AE051BEF ] FLCDLOCK        c:\Windows\SysWOW64\flcdlock.exe
15:55:39.0893 0x1b28  FLCDLOCK - ok
15:55:39.0997 0x1b28  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
15:55:40.0011 0x1b28  flpydisk - ok
15:55:40.0120 0x1b28  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
15:55:40.0140 0x1b28  FltMgr - ok
15:55:40.0238 0x1b28  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\windows\system32\FntCache.dll
15:55:40.0310 0x1b28  FontCache - ok
15:55:40.0415 0x1b28  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:55:40.0429 0x1b28  FontCache3.0.0.0 - ok
15:55:40.0558 0x1b28  [ F80BDC0D9E7B9595E74B434446AD3781, 383EC0F485D3E12D198343A0AD7BEEECFD2A569E73672345964CED38CAF34D83 ] FPLService      C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
15:55:40.0575 0x1b28  FPLService - ok
15:55:40.0639 0x1b28  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
15:55:40.0652 0x1b28  FsDepends - ok
15:55:40.0687 0x1b28  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\windows\SysWOW64\FsUsbExDisk.SYS
15:55:40.0693 0x1b28  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
15:55:43.0056 0x1b28  Detect skipped due to KSN trusted
15:55:43.0056 0x1b28  FsUsbExDisk - ok
15:55:43.0112 0x1b28  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
15:55:43.0127 0x1b28  Fs_Rec - ok
15:55:43.0195 0x1b28  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
15:55:43.0220 0x1b28  fvevol - ok
15:55:43.0339 0x1b28  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
15:55:43.0352 0x1b28  gagp30kx - ok
15:55:43.0437 0x1b28  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
15:55:43.0495 0x1b28  gpsvc - ok
15:55:43.0677 0x1b28  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:43.0692 0x1b28  gupdate - ok
15:55:43.0699 0x1b28  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:43.0711 0x1b28  gupdatem - ok
15:55:43.0743 0x1b28  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
15:55:43.0755 0x1b28  hcw85cir - ok
15:55:43.0839 0x1b28  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:55:43.0871 0x1b28  HdAudAddService - ok
15:55:43.0935 0x1b28  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
15:55:43.0957 0x1b28  HDAudBus - ok
15:55:43.0991 0x1b28  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\windows\system32\DRIVERS\HECIx64.sys
15:55:44.0003 0x1b28  HECIx64 - ok
15:55:44.0018 0x1b28  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
15:55:44.0033 0x1b28  HidBatt - ok
15:55:44.0087 0x1b28  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
15:55:44.0104 0x1b28  HidBth - ok
15:55:44.0110 0x1b28  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
15:55:44.0127 0x1b28  HidIr - ok
15:55:44.0151 0x1b28  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll
15:55:44.0190 0x1b28  hidserv - ok
15:55:44.0238 0x1b28  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
15:55:44.0260 0x1b28  HidUsb - ok
15:55:44.0328 0x1b28  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
15:55:44.0372 0x1b28  hkmsvc - ok
15:55:44.0444 0x1b28  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:55:44.0475 0x1b28  HomeGroupListener - ok
15:55:44.0530 0x1b28  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:55:44.0547 0x1b28  HomeGroupProvider - ok
15:55:44.0653 0x1b28  [ F2889318AB3CD87CCA17CB3769CDC1E4, F8A9F1EF064B1B30772FAB8047AFED4C20172A854932028F086C24729E14E59E ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
15:55:44.0663 0x1b28  HP Power Assistant Service - ok
15:55:44.0827 0x1b28  [ 657E81DF0625198C97F91C09AE9611FC, F9D35B68FE8130C1061E7A7D1439154F763328F298265C014BFA2B482A7D005D ] HP ProtectTools Service C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
15:55:44.0834 0x1b28  HP ProtectTools Service - detected UnsignedFile.Multi.Generic ( 1 )
15:55:47.0188 0x1b28  Detect skipped due to KSN trusted
15:55:47.0188 0x1b28  HP ProtectTools Service - ok
15:55:47.0360 0x1b28  [ 58CC11D14D88EF70EF7ABBC75B5EEBD8, 769FAE57F3BDF81890976DA51FB9C89D520653E5D0072A6DB98C7B8FACD54E87 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
15:55:47.0371 0x1b28  HP Wireless Assistant Service - ok
15:55:47.0456 0x1b28  [ A4A0E006A1826EA2629E59DE2008BB9D, 8DCA9854D401996937F79DF502BB9B7B5BDA003A00D34019B376B7037861E738 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
15:55:47.0464 0x1b28  HPDayStarterService - detected UnsignedFile.Multi.Generic ( 1 )
15:55:49.0814 0x1b28  Detect skipped due to KSN trusted
15:55:49.0814 0x1b28  HPDayStarterService - ok
15:55:49.0887 0x1b28  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\windows\system32\DRIVERS\hpdskflt.sys
15:55:49.0897 0x1b28  hpdskflt - ok
15:55:49.0996 0x1b28  [ 5AFB3F9B74553BD933555E1C800D2CE1, 30255CE35AA23C46771A6428C9519BE7645A3AE4494A15C50FE3C45F00712272 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
15:55:50.0019 0x1b28  HpFkCryptService - ok
15:55:50.0049 0x1b28  [ 8205DA7B4191ACD96F76B81E42945754, 67CE632760A1AEB2A04610088A83CA355162DAA00A4AE93A872AB446675030EC ] HPFSService     C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
15:55:50.0061 0x1b28  HPFSService - detected UnsignedFile.Multi.Generic ( 1 )
15:55:52.0416 0x1b28  Detect skipped due to KSN trusted
15:55:52.0421 0x1b28  HPFSService - ok
15:55:52.0602 0x1b28  [ 7D10E0F2F603A3CE65F0B9750F7ABDB2, 21C070BE170C9C05590892982E81559684980FC0504F0E50EAE30418F361B6B1 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
15:55:52.0669 0x1b28  hpHotkeyMonitor - ok
15:55:52.0791 0x1b28  [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr      C:\windows\system32\DRIVERS\HpqKbFiltr.sys
15:55:52.0802 0x1b28  HpqKbFiltr - ok
15:55:52.0885 0x1b28  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:55:52.0943 0x1b28  hpqwmiex - ok
15:55:53.0021 0x1b28  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
15:55:53.0033 0x1b28  HpSAMD - ok
15:55:53.0124 0x1b28  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\windows\system32\Hpservice.exe
15:55:53.0137 0x1b28  hpsrv - ok
15:55:53.0233 0x1b28  [ CB5A8B34FA37AE53053F2D3DF05AC1E6, 2C7357079A66AE609F49900181B013E735B4A01C45DA316CD1E8698F93DE6EA8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
15:55:53.0249 0x1b28  HPSupportSolutionsFrameworkService - ok
15:55:53.0291 0x1b28  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
15:55:53.0343 0x1b28  HTTP - ok
15:55:53.0415 0x1b28  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
15:55:53.0426 0x1b28  hwpolicy - ok
15:55:53.0508 0x1b28  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
15:55:53.0525 0x1b28  i8042prt - ok
15:55:53.0609 0x1b28  [ D782F0C741EE2D50AC8D38774597FB2B, 298CC6D317F87DF6F1D1E779FABA28C3471BE4DCCC93304AE9B673AD4760EF32 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:55:53.0631 0x1b28  IAANTMON - ok
15:55:53.0656 0x1b28  [ DC0B4553D089E2BD07AEBD9EA30BEAFB, 00DC33968248CA6C9653B6FAFC60CA2F2EF7CB00A04CC376BDBB694CC01EE5BD ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
15:55:53.0675 0x1b28  iaStor - ok
15:55:53.0741 0x1b28  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
15:55:53.0762 0x1b28  iaStorV - ok
15:55:53.0917 0x1b28  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:55:53.0964 0x1b28  idsvc - ok
15:55:54.0000 0x1b28  IEEtwCollectorService - ok
15:55:54.0802 0x1b28  [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0, 92F264325C3B1F70E0ACDBC886F7DC4C32371759EA94CE359B0FABD89573DCA4 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
15:55:55.0646 0x1b28  igfx - ok
15:55:55.0763 0x1b28  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
15:55:55.0775 0x1b28  iirsp - ok
15:55:55.0841 0x1b28  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
15:55:55.0879 0x1b28  IKEEXT - ok
15:55:55.0925 0x1b28  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
15:55:55.0970 0x1b28  Impcd - ok
15:55:56.0030 0x1b28  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
15:55:56.0066 0x1b28  IntcDAud - ok
15:55:56.0113 0x1b28  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
15:55:56.0126 0x1b28  intelide - ok
15:55:56.0151 0x1b28  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
15:55:56.0166 0x1b28  intelppm - ok
15:55:56.0190 0x1b28  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
15:55:56.0231 0x1b28  IPBusEnum - ok
15:55:56.0295 0x1b28  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
15:55:56.0346 0x1b28  IpFilterDriver - ok
15:55:56.0409 0x1b28  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
15:55:56.0444 0x1b28  iphlpsvc - ok
15:55:56.0506 0x1b28  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
15:55:56.0525 0x1b28  IPMIDRV - ok
15:55:56.0554 0x1b28  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
15:55:56.0594 0x1b28  IPNAT - ok
15:55:56.0644 0x1b28  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
15:55:56.0660 0x1b28  IRENUM - ok
15:55:56.0693 0x1b28  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
15:55:56.0708 0x1b28  isapnp - ok
15:55:56.0794 0x1b28  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
15:55:56.0813 0x1b28  iScsiPrt - ok
15:55:56.0890 0x1b28  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
15:55:56.0902 0x1b28  kbdclass - ok
15:55:56.0962 0x1b28  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
15:55:56.0979 0x1b28  kbdhid - ok
15:55:57.0034 0x1b28  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] KeyIso          C:\windows\system32\lsass.exe
15:55:57.0046 0x1b28  KeyIso - ok
15:55:57.0158 0x1b28  [ 7BDDD24C5A148534D3737DBFA96B3E69, 06130316A21B1D67B5885AB7030603097EC96F7104F3766D67793ECFC1143158 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
15:55:57.0171 0x1b28  KSecDD - ok
15:55:57.0208 0x1b28  [ BA500732D160C61E889E8180EE53C86F, 2E9B9FEF4E2F86DBF6778AD0A581CE2F1CA0AC777440BA05AB36B031CE1E8781 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
15:55:57.0223 0x1b28  KSecPkg - ok
15:55:57.0267 0x1b28  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
15:55:57.0304 0x1b28  ksthunk - ok
15:55:57.0392 0x1b28  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
15:55:57.0437 0x1b28  KtmRm - ok
15:55:57.0512 0x1b28  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll
15:55:57.0558 0x1b28  LanmanServer - ok
15:55:57.0604 0x1b28  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:55:57.0659 0x1b28  LanmanWorkstation - ok
15:55:57.0720 0x1b28  [ 47269F0DE1E5089C6F23BC1EC48CFC31, 20B0B428E1EB140778AEE4BFDD6AD45DCA5C5526DB8FEC8CAA0FDA08D2C10A7A ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:55:57.0728 0x1b28  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
15:56:00.0092 0x1b28  Detect skipped due to KSN trusted
15:56:00.0092 0x1b28  LightScribeService - ok
15:56:00.0160 0x1b28  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
15:56:00.0205 0x1b28  lltdio - ok
15:56:00.0246 0x1b28  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
15:56:00.0299 0x1b28  lltdsvc - ok
15:56:00.0336 0x1b28  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
15:56:00.0376 0x1b28  lmhosts - ok
15:56:00.0522 0x1b28  [ 271F79326CD571BD271D45C47148ED78, 85C1D965B63036D181970011040566EBB1C0F044F3F8E678459C215618092F69 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:56:00.0538 0x1b28  LMS - ok
15:56:00.0640 0x1b28  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
15:56:00.0658 0x1b28  LSI_FC - ok
15:56:00.0671 0x1b28  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
15:56:00.0686 0x1b28  LSI_SAS - ok
15:56:00.0751 0x1b28  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
15:56:00.0768 0x1b28  LSI_SAS2 - ok
15:56:00.0800 0x1b28  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
15:56:00.0819 0x1b28  LSI_SCSI - ok
15:56:00.0905 0x1b28  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
15:56:00.0958 0x1b28  luafv - ok
15:56:00.0993 0x1b28  MBAMSwissArmy - ok
15:56:01.0042 0x1b28  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
15:56:01.0059 0x1b28  Mcx2Svc - ok
15:56:01.0087 0x1b28  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
15:56:01.0103 0x1b28  megasas - ok
15:56:01.0222 0x1b28  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
15:56:01.0241 0x1b28  MegaSR - ok
15:56:01.0272 0x1b28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
         

Alt 21.02.2016, 16:00   #7
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



TDSSKiller Logfile 2. Teil:

Code:
ATTFilter
15:56:01.0320 0x1b28  MMCSS - ok
15:56:01.0347 0x1b28  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
15:56:01.0386 0x1b28  Modem - ok
15:56:01.0406 0x1b28  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
15:56:01.0424 0x1b28  monitor - ok
15:56:01.0473 0x1b28  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
15:56:01.0486 0x1b28  mouclass - ok
15:56:01.0543 0x1b28  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
15:56:01.0556 0x1b28  mouhid - ok
15:56:01.0601 0x1b28  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
15:56:01.0617 0x1b28  mountmgr - ok
15:56:01.0760 0x1b28  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:56:01.0775 0x1b28  MozillaMaintenance - ok
15:56:01.0819 0x1b28  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
15:56:01.0838 0x1b28  mpio - ok
15:56:01.0874 0x1b28  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
15:56:01.0923 0x1b28  mpsdrv - ok
15:56:02.0032 0x1b28  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
15:56:02.0109 0x1b28  MpsSvc - ok
15:56:02.0157 0x1b28  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
15:56:02.0184 0x1b28  MRxDAV - ok
15:56:02.0225 0x1b28  [ 355DF71D1DD1999E8AEDF986534B233C, 4F5B07A3E9F4C5EE259A72353835364BFEAEC792090C178C4EF91B517B1C49D0 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
15:56:02.0242 0x1b28  mrxsmb - ok
15:56:02.0275 0x1b28  [ A16FC9323A85CAEA5804D04646A91CF9, ABC9F1BE4B871EBB5FDED9FC248DABEC4004EBCCF53E6C4D1E54AF69653B00E0 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
15:56:02.0294 0x1b28  mrxsmb10 - ok
15:56:02.0324 0x1b28  [ 2539BE615440BA1EA4CF84A66B6C0AF9, 3369DE38EE49E5507A73036CDF3982AEF2331D61C7EC4F159004EAD14309A933 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
15:56:02.0339 0x1b28  mrxsmb20 - ok
15:56:02.0424 0x1b28  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
15:56:02.0435 0x1b28  msahci - ok
15:56:02.0459 0x1b28  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
15:56:02.0474 0x1b28  msdsm - ok
15:56:02.0667 0x1b28  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
15:56:02.0687 0x1b28  MSDTC - ok
15:56:02.0815 0x1b28  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
15:56:02.0856 0x1b28  Msfs - ok
15:56:02.0903 0x1b28  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
15:56:02.0940 0x1b28  mshidkmdf - ok
15:56:02.0996 0x1b28  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
15:56:03.0009 0x1b28  msisadrv - ok
15:56:03.0167 0x1b28  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
15:56:03.0213 0x1b28  MSiSCSI - ok
15:56:03.0218 0x1b28  msiserver - ok
15:56:03.0249 0x1b28  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
15:56:03.0302 0x1b28  MSKSSRV - ok
15:56:03.0317 0x1b28  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
15:56:03.0368 0x1b28  MSPCLOCK - ok
15:56:03.0413 0x1b28  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
15:56:03.0457 0x1b28  MSPQM - ok
15:56:03.0518 0x1b28  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
15:56:03.0542 0x1b28  MsRPC - ok
15:56:03.0584 0x1b28  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
15:56:03.0596 0x1b28  mssmbios - ok
15:56:03.0621 0x1b28  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
15:56:03.0661 0x1b28  MSTEE - ok
15:56:03.0702 0x1b28  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
15:56:03.0717 0x1b28  MTConfig - ok
15:56:03.0738 0x1b28  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
15:56:03.0751 0x1b28  Mup - ok
15:56:03.0773 0x1b28  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
15:56:03.0832 0x1b28  napagent - ok
15:56:03.0889 0x1b28  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
15:56:03.0919 0x1b28  NativeWifiP - ok
15:56:03.0997 0x1b28  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\windows\system32\drivers\ndis.sys
15:56:04.0041 0x1b28  NDIS - ok
15:56:04.0440 0x1b28  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
15:56:04.0480 0x1b28  NdisCap - ok
15:56:04.0501 0x1b28  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
15:56:04.0550 0x1b28  NdisTapi - ok
15:56:04.0611 0x1b28  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
15:56:04.0664 0x1b28  Ndisuio - ok
15:56:04.0730 0x1b28  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
15:56:04.0777 0x1b28  NdisWan - ok
15:56:04.0830 0x1b28  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
15:56:04.0913 0x1b28  NDProxy - ok
15:56:04.0975 0x1b28  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
15:56:05.0021 0x1b28  NetBIOS - ok
15:56:05.0079 0x1b28  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
15:56:05.0129 0x1b28  NetBT - ok
15:56:05.0176 0x1b28  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] Netlogon        C:\windows\system32\lsass.exe
15:56:05.0191 0x1b28  Netlogon - ok
15:56:05.0270 0x1b28  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
15:56:05.0316 0x1b28  Netman - ok
15:56:05.0435 0x1b28  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:05.0454 0x1b28  NetMsmqActivator - ok
15:56:05.0483 0x1b28  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:05.0500 0x1b28  NetPipeActivator - ok
15:56:05.0526 0x1b28  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
15:56:05.0585 0x1b28  netprofm - ok
15:56:05.0627 0x1b28  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:05.0641 0x1b28  NetTcpActivator - ok
15:56:05.0647 0x1b28  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:05.0662 0x1b28  NetTcpPortSharing - ok
15:56:05.0943 0x1b28  [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64        C:\windows\system32\DRIVERS\NETw5s64.sys
15:56:06.0283 0x1b28  NETw5s64 - ok
15:56:06.0319 0x1b28  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
15:56:06.0335 0x1b28  nfrd960 - ok
15:56:06.0376 0x1b28  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
15:56:06.0406 0x1b28  NlaSvc - ok
15:56:06.0457 0x1b28  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
15:56:06.0497 0x1b28  Npfs - ok
15:56:06.0512 0x1b28  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
15:56:06.0559 0x1b28  nsi - ok
15:56:06.0699 0x1b28  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
15:56:06.0747 0x1b28  nsiproxy - ok
15:56:06.0906 0x1b28  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
15:56:06.0975 0x1b28  Ntfs - ok
15:56:06.0991 0x1b28  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
15:56:07.0038 0x1b28  Null - ok
15:56:07.0143 0x1b28  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
15:56:07.0159 0x1b28  nvraid - ok
15:56:07.0186 0x1b28  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
15:56:07.0200 0x1b28  nvstor - ok
15:56:07.0221 0x1b28  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
15:56:07.0239 0x1b28  nv_agp - ok
15:56:07.0278 0x1b28  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
15:56:07.0309 0x1b28  ohci1394 - ok
15:56:07.0375 0x1b28  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:56:07.0389 0x1b28  ose - ok
15:56:07.0952 0x1b28  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:56:08.0128 0x1b28  osppsvc - ok
15:56:08.0206 0x1b28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
15:56:08.0272 0x1b28  p2pimsvc - ok
15:56:08.0301 0x1b28  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
15:56:08.0328 0x1b28  p2psvc - ok
15:56:08.0371 0x1b28  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
15:56:08.0386 0x1b28  Parport - ok
15:56:08.0411 0x1b28  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
15:56:08.0427 0x1b28  partmgr - ok
15:56:08.0503 0x1b28  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
15:56:08.0546 0x1b28  PcaSvc - ok
15:56:08.0600 0x1b28  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
15:56:08.0616 0x1b28  pci - ok
15:56:08.0635 0x1b28  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
15:56:08.0646 0x1b28  pciide - ok
15:56:08.0689 0x1b28  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
15:56:08.0705 0x1b28  pcmcia - ok
15:56:08.0733 0x1b28  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
15:56:08.0745 0x1b28  pcw - ok
15:56:08.0865 0x1b28  pdfcDispatcher - ok
15:56:08.0930 0x1b28  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
15:56:08.0958 0x1b28  PEAUTH - ok
15:56:09.0011 0x1b28  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\windows\system32\peerdistsvc.dll
15:56:09.0096 0x1b28  PeerDistSvc - ok
15:56:09.0181 0x1b28  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
15:56:09.0194 0x1b28  PerfHost - ok
15:56:09.0282 0x1b28  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
15:56:09.0382 0x1b28  pla - ok
15:56:09.0422 0x1b28  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
15:56:09.0446 0x1b28  PlugPlay - ok
15:56:09.0492 0x1b28  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
15:56:09.0505 0x1b28  PNRPAutoReg - ok
15:56:09.0523 0x1b28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
15:56:09.0542 0x1b28  PNRPsvc - ok
15:56:09.0574 0x1b28  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
15:56:09.0634 0x1b28  PolicyAgent - ok
15:56:09.0688 0x1b28  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
15:56:09.0736 0x1b28  Power - ok
15:56:09.0842 0x1b28  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
15:56:09.0895 0x1b28  PptpMiniport - ok
15:56:09.0952 0x1b28  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
15:56:09.0965 0x1b28  Processor - ok
15:56:10.0002 0x1b28  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
15:56:10.0047 0x1b28  ProfSvc - ok
15:56:10.0085 0x1b28  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] ProtectedStorage C:\windows\system32\lsass.exe
15:56:10.0099 0x1b28  ProtectedStorage - ok
15:56:10.0253 0x1b28  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
15:56:10.0291 0x1b28  Psched - ok
15:56:10.0328 0x1b28  [ 75E33C3FFAEEC715B4839159163912BD, 98C3E8951F780CE5057D4DA668CE4B84771840BD96A2AE5FDA0422CDD252B9C6 ] qcfilterhp2k    C:\windows\system32\DRIVERS\qcfilterhp2k.sys
15:56:10.0432 0x1b28  qcfilterhp2k - ok
15:56:10.0518 0x1b28  [ BA7506BA4EDB61F84D6C7834775FC144, 19007F5DF59A6D39CA47412241C1054083A8863257C35D5B3588C366C9C5951E ] qcusbnethp2k    C:\windows\system32\DRIVERS\qcusbnethp2k.sys
15:56:10.0567 0x1b28  qcusbnethp2k - ok
15:56:10.0589 0x1b28  [ 08BEEDEEE06C19CFF940FEEBB020BAE5, 3CE73D5DAF2ADA303422438EA593B150833316341F25D94BB4FA52C6C54E2ABB ] qcusbserhp2k    C:\windows\system32\DRIVERS\qcusbserhp2k.sys
15:56:10.0612 0x1b28  qcusbserhp2k - ok
15:56:10.0672 0x1b28  [ 4111315A446BAFEE833E8699267A4196, ECCBD69CC8A0839F536B4C43F46A26B679F40794CEC42BCD47AEC455704D2332 ] QDLService2kHP  C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
15:56:10.0687 0x1b28  QDLService2kHP - ok
15:56:10.0758 0x1b28  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
15:56:10.0812 0x1b28  ql2300 - ok
15:56:10.0851 0x1b28  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
15:56:10.0868 0x1b28  ql40xx - ok
15:56:10.0931 0x1b28  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
15:56:10.0957 0x1b28  QWAVE - ok
15:56:11.0074 0x1b28  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
15:56:11.0091 0x1b28  QWAVEdrv - ok
15:56:11.0127 0x1b28  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
15:56:11.0180 0x1b28  RasAcd - ok
15:56:11.0233 0x1b28  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
15:56:11.0273 0x1b28  RasAgileVpn - ok
15:56:11.0333 0x1b28  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
15:56:11.0376 0x1b28  RasAuto - ok
15:56:11.0431 0x1b28  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
15:56:11.0470 0x1b28  Rasl2tp - ok
15:56:11.0560 0x1b28  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
15:56:11.0618 0x1b28  RasMan - ok
15:56:11.0643 0x1b28  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
15:56:11.0690 0x1b28  RasPppoe - ok
15:56:11.0718 0x1b28  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
15:56:11.0760 0x1b28  RasSstp - ok
15:56:11.0787 0x1b28  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
15:56:11.0831 0x1b28  rdbss - ok
15:56:11.0886 0x1b28  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
15:56:11.0900 0x1b28  rdpbus - ok
15:56:11.0909 0x1b28  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
15:56:11.0957 0x1b28  RDPCDD - ok
15:56:12.0021 0x1b28  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
15:56:12.0038 0x1b28  RDPDR - ok
15:56:12.0085 0x1b28  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
15:56:12.0136 0x1b28  RDPENCDD - ok
15:56:12.0153 0x1b28  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
15:56:12.0196 0x1b28  RDPREFMP - ok
15:56:12.0247 0x1b28  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
15:56:12.0325 0x1b28  RDPWD - ok
15:56:12.0349 0x1b28  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
15:56:12.0368 0x1b28  rdyboost - ok
15:56:12.0395 0x1b28  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
15:56:12.0452 0x1b28  RemoteAccess - ok
15:56:12.0505 0x1b28  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
15:56:12.0560 0x1b28  RemoteRegistry - ok
15:56:12.0634 0x1b28  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
15:56:12.0656 0x1b28  RFCOMM - ok
15:56:12.0692 0x1b28  [ 3DCA561AAF776AA2E356FB5B142AA5F8, E11F6776F02A09D64FDBB23D7169AB5467E0D8684AACB3D7CA8FAC42F3A02677 ] rimspci         C:\windows\system32\DRIVERS\rimspe64.sys
15:56:12.0745 0x1b28  rimspci - ok
15:56:12.0766 0x1b28  [ C4581F04AA130892555B821F1FBAA151, 8D517EE442A331AFE768A23067AAFE1491F94F66A58C5184823DF1CEB8DC53A0 ] risdpcie        C:\windows\system32\DRIVERS\risdpe64.sys
15:56:12.0794 0x1b28  risdpcie - ok
15:56:12.0856 0x1b28  [ A4579105A3C5B6290701EAD0C153E07A, C1070C93309FBD3D67E8BAFDF2B8FFE83D4F877396B21816F8AAC0FDE68335CC ] rixdpcie        C:\windows\system32\DRIVERS\rixdpe64.sys
15:56:12.0878 0x1b28  rixdpcie - ok
15:56:12.0922 0x1b28  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
15:56:12.0961 0x1b28  RpcEptMapper - ok
15:56:12.0996 0x1b28  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
15:56:13.0009 0x1b28  RpcLocator - ok
15:56:13.0103 0x1b28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
15:56:13.0154 0x1b28  RpcSs - ok
15:56:13.0192 0x1b28  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
15:56:13.0233 0x1b28  rspndr - ok
15:56:13.0298 0x1b28  [ 26E0D15FB1835F7ED638F157CCD2E04D, BA9BCC97B1A28B5A3882291B3284782547030FAE9903C82D110B6A2809D4EB8B ] RsvLock         C:\windows\system32\drivers\RsvLock.sys
15:56:13.0312 0x1b28  RsvLock - ok
15:56:13.0381 0x1b28  [ 39A1CF40AA29A16FE176B825195A3E0B, DBC8B0FC496D4351A34D7CD7D9DF7510FA0A5DA5A03DB11C2B612E42F79E8A3E ] rtsuvc          C:\windows\system32\DRIVERS\rtsuvc.sys
15:56:13.0403 0x1b28  rtsuvc - ok
15:56:13.0464 0x1b28  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\windows\system32\drivers\vms3cap.sys
15:56:13.0479 0x1b28  s3cap - ok
15:56:13.0513 0x1b28  [ 6EF8E5E3A079C97C70915CF740E89977, E7A0FBBE734C79385DD620C16C2337EF1D97161C67CBE84C50CDDDC3E22991C8 ] SafeBoot        C:\windows\system32\drivers\SafeBoot.sys
15:56:13.0513 0x1b28  Suspicious file ( NoAccess ): C:\windows\system32\drivers\SafeBoot.sys. md5: 6EF8E5E3A079C97C70915CF740E89977, sha256: E7A0FBBE734C79385DD620C16C2337EF1D97161C67CBE84C50CDDDC3E22991C8
15:56:13.0514 0x1b28  SafeBoot - detected LockedFile.Multi.Generic ( 1 )
15:56:15.0865 0x1b28  Detect skipped due to KSN trusted
15:56:15.0865 0x1b28  SafeBoot - ok
15:56:15.0943 0x1b28  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] SamSs           C:\windows\system32\lsass.exe
15:56:15.0956 0x1b28  SamSs - ok
15:56:15.0973 0x1b28  [ FD8714A36C4646DE22DDC7E36F6D09EF, DA91F0360B7869897D1BC9F24A3473D429B3C6E4605CBD675CDC96F30661C7C5 ] SbAlg           C:\windows\system32\drivers\SbAlg.sys
15:56:15.0984 0x1b28  SbAlg - ok
15:56:16.0049 0x1b28  [ 43027F1996F3AC6BD54B8A871996B7B3, 4A8B11C42A74B6B498C4963AC3CD2D5C0995585E883F9C2876FBE198DEA1089F ] SbFsLock        C:\windows\system32\drivers\SbFsLock.sys
15:56:16.0058 0x1b28  SbFsLock - ok
15:56:16.0136 0x1b28  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
15:56:16.0149 0x1b28  sbp2port - ok
15:56:16.0178 0x1b28  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
15:56:16.0231 0x1b28  SCardSvr - ok
15:56:16.0272 0x1b28  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
15:56:16.0325 0x1b28  scfilter - ok
15:56:16.0439 0x1b28  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\windows\system32\schedsvc.dll
15:56:16.0501 0x1b28  Schedule - ok
15:56:16.0555 0x1b28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
15:56:16.0601 0x1b28  SCPolicySvc - ok
15:56:16.0684 0x1b28  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\windows\system32\drivers\sdbus.sys
15:56:16.0706 0x1b28  sdbus - ok
15:56:16.0782 0x1b28  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
15:56:16.0800 0x1b28  SDRSVC - ok
15:56:17.0033 0x1b28  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
15:56:17.0072 0x1b28  secdrv - ok
15:56:17.0101 0x1b28  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
15:56:17.0143 0x1b28  seclogon - ok
15:56:17.0179 0x1b28  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\system32\sens.dll
15:56:17.0229 0x1b28  SENS - ok
15:56:17.0277 0x1b28  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
15:56:17.0294 0x1b28  SensrSvc - ok
15:56:17.0351 0x1b28  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
15:56:17.0365 0x1b28  Serenum - ok
15:56:17.0376 0x1b28  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
15:56:17.0392 0x1b28  Serial - ok
15:56:17.0491 0x1b28  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
15:56:17.0504 0x1b28  sermouse - ok
15:56:17.0558 0x1b28  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
15:56:17.0608 0x1b28  SessionEnv - ok
15:56:17.0743 0x1b28  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
15:56:17.0771 0x1b28  sffdisk - ok
15:56:17.0788 0x1b28  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
15:56:17.0800 0x1b28  sffp_mmc - ok
15:56:17.0877 0x1b28  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
15:56:17.0892 0x1b28  sffp_sd - ok
15:56:17.0923 0x1b28  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
15:56:17.0937 0x1b28  sfloppy - ok
15:56:17.0986 0x1b28  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
15:56:18.0040 0x1b28  SharedAccess - ok
15:56:18.0089 0x1b28  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:56:18.0143 0x1b28  ShellHWDetection - ok
15:56:18.0246 0x1b28  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
15:56:18.0261 0x1b28  SiSRaid2 - ok
15:56:18.0297 0x1b28  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
15:56:18.0312 0x1b28  SiSRaid4 - ok
15:56:18.0373 0x1b28  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:56:18.0398 0x1b28  SkypeUpdate - ok
15:56:18.0448 0x1b28  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
15:56:18.0489 0x1b28  Smb - ok
15:56:18.0601 0x1b28  [ 2E5F15CF86B2D1A4EA53B473129BEA14, 040A969556A3E5167CB56D0DBAF656A7EF1962B71797E13D836A8EB040B020C9 ] SMManager       C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\SMManager.exe
15:56:18.0614 0x1b28  SMManager - ok
15:56:18.0729 0x1b28  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
15:56:18.0746 0x1b28  SNMPTRAP - ok
15:56:18.0759 0x1b28  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
15:56:18.0771 0x1b28  spldr - ok
15:56:18.0804 0x1b28  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
15:56:18.0834 0x1b28  Spooler - ok
15:56:18.0994 0x1b28  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
15:56:19.0157 0x1b28  sppsvc - ok
15:56:19.0179 0x1b28  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
15:56:19.0224 0x1b28  sppuinotify - ok
15:56:19.0277 0x1b28  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
15:56:19.0323 0x1b28  srv - ok
15:56:19.0347 0x1b28  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
15:56:19.0372 0x1b28  srv2 - ok
15:56:19.0385 0x1b28  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
15:56:19.0404 0x1b28  srvnet - ok
15:56:19.0468 0x1b28  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
15:56:19.0520 0x1b28  SSDPSRV - ok
15:56:19.0532 0x1b28  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
15:56:19.0575 0x1b28  SstpSvc - ok
15:56:19.0705 0x1b28  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
15:56:19.0722 0x1b28  ssudmdm - ok
15:56:19.0832 0x1b28  [ E455F5FE92EDC3CAD3F2963C5CCA47E6, 51433C6F770BBE9B3542B3A798B3E1BF412AAB2546BC9DD844452DFFDAB211ED ] STacSV          C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
15:56:19.0853 0x1b28  STacSV - ok
15:56:19.0946 0x1b28  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:56:19.0975 0x1b28  Steam Client Service - ok
15:56:20.0000 0x1b28  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
15:56:20.0013 0x1b28  stexstor - ok
15:56:20.0090 0x1b28  [ 4A9D087C9A97071B9D06DB38567DA906, BF12E7D1DEE926E84072BCB4ABCF2F3D3D434F3EEB0A1F35673FB2F1F84A7166 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
15:56:20.0119 0x1b28  STHDA - ok
15:56:20.0201 0x1b28  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
15:56:20.0248 0x1b28  stisvc - ok
15:56:20.0286 0x1b28  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\windows\system32\drivers\vmstorfl.sys
15:56:20.0301 0x1b28  storflt - ok
15:56:20.0352 0x1b28  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\windows\system32\storsvc.dll
15:56:20.0375 0x1b28  StorSvc - ok
15:56:20.0408 0x1b28  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\windows\system32\drivers\storvsc.sys
15:56:20.0420 0x1b28  storvsc - ok
15:56:20.0464 0x1b28  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
15:56:20.0478 0x1b28  swenum - ok
15:56:20.0536 0x1b28  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
15:56:20.0589 0x1b28  swprv - ok
15:56:20.0647 0x1b28  [ 3C80203C725C28CEA5713D1AB242880A, 4056DD312C5DFDF52AA98C69964DB9F573717BF416150225F8EAB30518AE45E9 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
15:56:20.0665 0x1b28  SynTP - ok
15:56:20.0767 0x1b28  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\windows\system32\sysmain.dll
15:56:20.0867 0x1b28  SysMain - ok
15:56:20.0937 0x1b28  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
15:56:20.0959 0x1b28  TabletInputService - ok
15:56:21.0016 0x1b28  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
15:56:21.0063 0x1b28  TapiSrv - ok
15:56:21.0088 0x1b28  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
15:56:21.0133 0x1b28  TBS - ok
15:56:21.0372 0x1b28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
15:56:21.0442 0x1b28  Tcpip - ok
15:56:21.0508 0x1b28  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
15:56:21.0586 0x1b28  TCPIP6 - ok
15:56:21.0638 0x1b28  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
15:56:21.0652 0x1b28  tcpipreg - ok
15:56:21.0684 0x1b28  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
15:56:21.0711 0x1b28  TDPIPE - ok
15:56:21.0769 0x1b28  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
15:56:21.0782 0x1b28  TDTCP - ok
15:56:21.0862 0x1b28  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
15:56:21.0876 0x1b28  tdx - ok
15:56:21.0943 0x1b28  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
15:56:21.0958 0x1b28  TermDD - ok
15:56:22.0027 0x1b28  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
15:56:22.0058 0x1b28  TermService - ok
15:56:22.0090 0x1b28  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
15:56:22.0110 0x1b28  Themes - ok
15:56:22.0140 0x1b28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
15:56:22.0185 0x1b28  THREADORDER - ok
15:56:22.0253 0x1b28  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\windows\system32\drivers\tpm.sys
15:56:22.0267 0x1b28  TPM - ok
15:56:22.0292 0x1b28  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
15:56:22.0335 0x1b28  TrkWks - ok
15:56:22.0402 0x1b28  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:56:22.0449 0x1b28  TrustedInstaller - ok
15:56:22.0510 0x1b28  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
15:56:22.0523 0x1b28  tssecsrv - ok
15:56:22.0600 0x1b28  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
15:56:22.0627 0x1b28  TsUsbFlt - ok
15:56:22.0779 0x1b28  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
15:56:22.0823 0x1b28  tunnel - ok
15:56:22.0901 0x1b28  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
15:56:22.0917 0x1b28  uagp35 - ok
15:56:23.0048 0x1b28  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
15:56:23.0095 0x1b28  udfs - ok
15:56:23.0156 0x1b28  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
15:56:23.0172 0x1b28  UI0Detect - ok
15:56:23.0213 0x1b28  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
15:56:23.0228 0x1b28  uliagpkx - ok
15:56:23.0313 0x1b28  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
15:56:23.0326 0x1b28  umbus - ok
15:56:23.0441 0x1b28  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
15:56:23.0455 0x1b28  UmPass - ok
15:56:23.0513 0x1b28  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\windows\System32\umrdp.dll
15:56:23.0532 0x1b28  UmRdpService - ok
15:56:23.0833 0x1b28  [ 5713E039C0622F40347735CBA460B8FC, C9FBBA0C71D48ACC0816CDEAA16A8D85130F7E5780EDF115A0FBACF8FBED9327 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:56:23.0917 0x1b28  UNS - ok
15:56:23.0959 0x1b28  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
15:56:24.0020 0x1b28  upnphost - ok
15:56:24.0118 0x1b28  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
15:56:24.0148 0x1b28  usbaudio - ok
15:56:24.0200 0x1b28  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
15:56:24.0225 0x1b28  usbccgp - ok
15:56:24.0249 0x1b28  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
15:56:24.0265 0x1b28  usbcir - ok
15:56:24.0332 0x1b28  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
15:56:24.0344 0x1b28  usbehci - ok
15:56:24.0383 0x1b28  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
15:56:24.0407 0x1b28  usbhub - ok
15:56:24.0454 0x1b28  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
15:56:24.0468 0x1b28  usbohci - ok
15:56:24.0536 0x1b28  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
15:56:24.0557 0x1b28  usbprint - ok
15:56:24.0597 0x1b28  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
15:56:24.0613 0x1b28  USBSTOR - ok
15:56:24.0638 0x1b28  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
15:56:24.0651 0x1b28  usbuhci - ok
15:56:24.0698 0x1b28  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
15:56:24.0717 0x1b28  usbvideo - ok
15:56:24.0835 0x1b28  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\windows\system32\DRIVERS\usb8023x.sys
15:56:24.0856 0x1b28  usb_rndisx - ok
15:56:24.0889 0x1b28  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
15:56:24.0935 0x1b28  UxSms - ok
15:56:24.0978 0x1b28  [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] VaultSvc        C:\windows\system32\lsass.exe
15:56:24.0992 0x1b28  VaultSvc - ok
15:56:25.0020 0x1b28  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\windows\system32\DRIVERS\VClone.sys
15:56:25.0044 0x1b28  VClone - ok
15:56:25.0221 0x1b28  [ BBE2B5036D2FF45458C747FB2513591D, 22A2E672E9EF5F39BB9E75D54B6AD83E6C63C5126E3C4D7BD02777F3DE39F505 ] vcsFPService    C:\windows\system32\vcsFPService.exe
15:56:25.0300 0x1b28  vcsFPService - ok
15:56:25.0319 0x1b28  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
15:56:25.0330 0x1b28  vdrvroot - ok
15:56:25.0400 0x1b28  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
15:56:25.0455 0x1b28  vds - ok
15:56:25.0514 0x1b28  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
15:56:25.0535 0x1b28  vga - ok
15:56:25.0557 0x1b28  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
15:56:25.0604 0x1b28  VgaSave - ok
15:56:25.0647 0x1b28  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
15:56:25.0664 0x1b28  vhdmp - ok
15:56:25.0717 0x1b28  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
15:56:25.0728 0x1b28  viaide - ok
15:56:25.0848 0x1b28  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\windows\system32\drivers\vmbus.sys
15:56:25.0865 0x1b28  vmbus - ok
15:56:25.0879 0x1b28  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\windows\system32\drivers\VMBusHID.sys
15:56:25.0894 0x1b28  VMBusHID - ok
15:56:25.0921 0x1b28  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
15:56:25.0936 0x1b28  volmgr - ok
15:56:25.0993 0x1b28  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
15:56:26.0021 0x1b28  volmgrx - ok
15:56:26.0042 0x1b28  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\windows\system32\drivers\volsnap.sys
15:56:26.0065 0x1b28  volsnap - ok
15:56:26.0148 0x1b28  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\windows\system32\DRIVERS\vpchbus.sys
15:56:26.0169 0x1b28  vpcbus - ok
15:56:26.0232 0x1b28  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\windows\system32\DRIVERS\vpcnfltr.sys
15:56:26.0263 0x1b28  vpcnfltr - ok
15:56:26.0308 0x1b28  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\windows\system32\DRIVERS\vpcusb.sys
15:56:26.0321 0x1b28  vpcusb - ok
15:56:26.0339 0x1b28  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\windows\system32\drivers\vpcvmm.sys
15:56:26.0362 0x1b28  vpcvmm - ok
15:56:26.0510 0x1b28  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
15:56:26.0526 0x1b28  vsmraid - ok
15:56:26.0593 0x1b28  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
15:56:26.0674 0x1b28  VSS - ok
15:56:26.0704 0x1b28  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
15:56:26.0723 0x1b28  vwifibus - ok
15:56:26.0749 0x1b28  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
15:56:26.0772 0x1b28  vwififlt - ok
15:56:26.0891 0x1b28  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
15:56:26.0908 0x1b28  vwifimp - ok
15:56:26.0941 0x1b28  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
15:56:26.0992 0x1b28  W32Time - ok
15:56:27.0035 0x1b28  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
15:56:27.0048 0x1b28  WacomPen - ok
15:56:27.0157 0x1b28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
15:56:27.0205 0x1b28  WANARP - ok
15:56:27.0210 0x1b28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
15:56:27.0249 0x1b28  Wanarpv6 - ok
15:56:27.0373 0x1b28  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
15:56:27.0423 0x1b28  WatAdminSvc - ok
15:56:27.0511 0x1b28  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
15:56:27.0568 0x1b28  wbengine - ok
15:56:27.0651 0x1b28  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
15:56:27.0680 0x1b28  WbioSrvc - ok
15:56:27.0749 0x1b28  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
15:56:27.0778 0x1b28  wcncsvc - ok
15:56:27.0819 0x1b28  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:56:27.0833 0x1b28  WcsPlugInService - ok
15:56:27.0873 0x1b28  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
15:56:27.0884 0x1b28  Wd - ok
15:56:27.0999 0x1b28  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
15:56:28.0034 0x1b28  Wdf01000 - ok
15:56:28.0058 0x1b28  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
15:56:28.0108 0x1b28  WdiServiceHost - ok
15:56:28.0115 0x1b28  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
15:56:28.0133 0x1b28  WdiSystemHost - ok
15:56:28.0202 0x1b28  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\windows\System32\webclnt.dll
15:56:28.0228 0x1b28  WebClient - ok
15:56:28.0263 0x1b28  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
15:56:28.0314 0x1b28  Wecsvc - ok
15:56:28.0323 0x1b28  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
15:56:28.0368 0x1b28  wercplsupport - ok
15:56:28.0464 0x1b28  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
15:56:28.0514 0x1b28  WerSvc - ok
15:56:28.0663 0x1b28  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
15:56:28.0709 0x1b28  WfpLwf - ok
15:56:28.0726 0x1b28  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
15:56:28.0738 0x1b28  WIMMount - ok
15:56:28.0765 0x1b28  WinDefend - ok
15:56:28.0833 0x1b28  WinHttpAutoProxySvc - ok
15:56:28.0893 0x1b28  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
15:56:28.0937 0x1b28  Winmgmt - ok
15:56:29.0044 0x1b28  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
15:56:29.0128 0x1b28  WinRM - ok
15:56:29.0260 0x1b28  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\windows\system32\DRIVERS\WinUsb.sys
15:56:29.0281 0x1b28  WinUSB - ok
15:56:29.0330 0x1b28  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
15:56:29.0370 0x1b28  Wlansvc - ok
15:56:29.0509 0x1b28  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:56:29.0594 0x1b28  wlidsvc - ok
15:56:29.0810 0x1b28  [ 874787489B7250D545EDBEA954C3CEC6, C81AF125EB64BD9C45B5AC34EABF43580C383ADFEC436BC6C7043452F2BAEDA7 ] wltrysvc        C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
15:56:29.0870 0x1b28  wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
15:56:32.0387 0x1b28  wltrysvc ( UnsignedFile.Multi.Generic ) - warning
15:56:34.0867 0x1b28  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
15:56:34.0885 0x1b28  WmiAcpi - ok
15:56:34.0923 0x1b28  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
15:56:34.0942 0x1b28  wmiApSrv - ok
15:56:35.0045 0x1b28  WMPNetworkSvc - ok
15:56:35.0098 0x1b28  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
15:56:35.0114 0x1b28  WPCSvc - ok
15:56:35.0180 0x1b28  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
15:56:35.0202 0x1b28  WPDBusEnum - ok
15:56:35.0220 0x1b28  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
15:56:35.0265 0x1b28  ws2ifsl - ok
15:56:35.0278 0x1b28  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\system32\wscsvc.dll
15:56:35.0302 0x1b28  wscsvc - ok
15:56:35.0306 0x1b28  WSearch - ok
15:56:35.0415 0x1b28  [ 3D4032E6A5885C007AEF4BA816AB4032, 21EB2B5B5A64EED44B5B7743820842205175F52A6F5525BD0F95DCB2733F449C ] wuauserv        C:\windows\system32\wuaueng.dll
15:56:35.0581 0x1b28  wuauserv - ok
15:56:35.0632 0x1b28  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
15:56:35.0651 0x1b28  WudfPf - ok
15:56:35.0677 0x1b28  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
15:56:35.0698 0x1b28  WUDFRd - ok
15:56:35.0731 0x1b28  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
15:56:35.0749 0x1b28  wudfsvc - ok
15:56:35.0823 0x1b28  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
15:56:35.0870 0x1b28  WwanSvc - ok
15:56:35.0923 0x1b28  ================ Scan global ===============================
15:56:35.0978 0x1b28  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
15:56:36.0026 0x1b28  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\windows\system32\winsrv.dll
15:56:36.0038 0x1b28  [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\windows\system32\winsrv.dll
15:56:36.0106 0x1b28  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
15:56:36.0180 0x1b28  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
15:56:36.0189 0x1b28  [ Global ] - ok
15:56:36.0189 0x1b28  ================ Scan MBR ==================================
15:56:36.0200 0x1b28  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:56:37.0117 0x1b28  \Device\Harddisk0\DR0 - ok
15:56:37.0118 0x1b28  ================ Scan VBR ==================================
15:56:37.0124 0x1b28  [ AFF3909263E923176CACAF5AACA3414E ] \Device\Harddisk0\DR0\Partition1
15:56:37.0125 0x1b28  \Device\Harddisk0\DR0\Partition1 - ok
15:56:37.0174 0x1b28  [ FD025B9932901AAFA6BA86E92A064F82 ] \Device\Harddisk0\DR0\Partition2
15:56:37.0175 0x1b28  \Device\Harddisk0\DR0\Partition2 - ok
15:56:37.0203 0x1b28  [ 7C1526F42E5B511DFEDF7030CE403473 ] \Device\Harddisk0\DR0\Partition3
15:56:37.0205 0x1b28  \Device\Harddisk0\DR0\Partition3 - ok
15:56:37.0219 0x1b28  [ 06C07695FDD6E811948B8D7C255BA3D7 ] \Device\Harddisk0\DR0\Partition4
15:56:37.0220 0x1b28  \Device\Harddisk0\DR0\Partition4 - ok
15:56:37.0221 0x1b28  ================ Scan generic autorun ======================
15:56:37.0289 0x1b28  [ 75B2B53A5A75087D48ADE7C1CEBC3687, 1BA5B45E76EFA059D0CB3DC2670F63CCAD7557093087B3F01EF2409215C9068D ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
15:56:37.0302 0x1b28  IAAnotif - ok
15:56:37.0459 0x1b28  [ 9313EAEE8B071F86FD894AE05E661626, BAB264E029C2BB3F58F79773D81554A5CA7F5B95E3C91360B906E9F904C26B98 ] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
15:56:37.0518 0x1b28  HPPowerAssistant - ok
15:56:37.0520 0x1b28  SynTPEnh - ok
15:56:37.0621 0x1b28  [ FCEB9FE1AEFAAE5B3B00346B733962FF, 3C31F8EAF478DFEF6E0A54E9BBA1BF7E9A727F2C8B1D15F1661DAD69E6AA36F0 ] C:\Program Files\ActivIdentity\ActivClient\acevents.exe
15:56:37.0639 0x1b28  acevents - ok
15:56:37.0682 0x1b28  [ D49E5EB3CADD483178A0194ED7FE1F73, F426578D43D98240CF8B9937DB6E61A7C71A229D076A8165A3352710C3ABC470 ] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
15:56:37.0705 0x1b28  accrdsub - ok
15:56:37.0806 0x1b28  [ 338CDFF897991205BBF927A0AD73B48E, FF23B5763647909531DB898FBD5B18DA69A399BB3AE8FD3E1C5014ED657120B5 ] C:\Program Files\IDT\WDM\sttray64.exe
15:56:37.0851 0x1b28  SysTrayApp - ok
15:56:37.0888 0x1b28  [ AA592FB633A9BE3AFFD23540D76E3045, 643311766B9D676214C07D5D72FA26D8E384DAB299F9F5AD3A5D1997B2C720BE ] C:\windows\system32\igfxtray.exe
15:56:37.0904 0x1b28  IgfxTray - ok
15:56:37.0967 0x1b28  [ C22BF3FA47C4103FB6C57128942135FC, 3761F0E4976950C9DD4E4DA45D3D10FFF7A7CC3A7DCC03E44FE63E6ECFD5B7BB ] C:\windows\system32\hkcmd.exe
15:56:37.0988 0x1b28  HotKeysCmds - ok
15:56:38.0012 0x1b28  [ 4F524D27FD99F4DE2C691DD223111C75, CE27EF961AA312B40AC3F73818A16CF7FD3FFCD8F7620250C6D80ADA4C15A8B4 ] C:\windows\system32\igfxpers.exe
15:56:38.0033 0x1b28  Persistence - ok
15:56:38.0249 0x1b28  [ 8E38A7E3249999BF90CB23505D22A5A8, 04E6EAFA14552EA6B9FBABFB76A38CA2E57C98CA64A6189F183B603DD0CD6738 ] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
15:56:38.0503 0x1b28  Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )
15:56:40.0869 0x1b28  Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - warning
15:56:44.0555 0x1b28  [ B306A2EBB988668A52C6CAE0FDFA7244, FF4A7C8E94E59A6F3645670311AA5872B144D2899856C292883208AEEC87BB19 ] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
15:56:45.0467 0x1b28  File Sanitizer - detected UnsignedFile.Multi.Generic ( 1 )
15:56:47.0855 0x1b28  Detect skipped due to KSN trusted
15:56:47.0855 0x1b28  File Sanitizer - ok
15:56:47.0938 0x1b28  [ 171DB53EDAE292E36E46E58190BB95F2, C8EF0277052BFA22FA5C783FE33B1CCCFD93454A234201FC7416B3B4F3337891 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
15:56:47.0952 0x1b28  IMSS - ok
15:56:48.0039 0x1b28  [ 245312D48BFB24BBA1A3A3472C6C0EBB, 0FCD5EBDDB8E62E2C987CFC8DA48CBB91FEF90D0FFE8473A610F64EA94ABD4AC ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP Connection Manager.exe
15:56:48.0082 0x1b28  HP Connection Manager.exe - ok
15:56:48.0160 0x1b28  [ B73AA827C38D84B0793F709EE1524F10, F22CE104947DA16EC672F2BDA4D799FCD22F940040A9518901FBCCCDCE57C492 ] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
15:56:48.0179 0x1b28  QLBController - ok
15:56:48.0284 0x1b28  [ E83C81F40E072A697816F7311B87F471, 26F76EE173BB7F1D57837F71A9D22287DB1381A8C69EEB3B3BA7EB9B166A7828 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:56:48.0320 0x1b28  avgnt - ok
15:56:48.0370 0x1b28  [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:56:48.0385 0x1b28  SunJavaUpdateSched - ok
15:56:48.0427 0x1b28  [ F8A3337DE768B126B061F1B7CD38A436, F93EE8D8D7CA28658587F82C38AE6C13D51A03CFE8DE6AC3BA35DC6A1DB986CE ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
15:56:48.0446 0x1b28  KiesTrayAgent - ok
15:56:48.0533 0x1b28  [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] C:\Program Files (x86)\PDF24\pdf24.exe
15:56:48.0550 0x1b28  PDFPrint - ok
15:56:48.0655 0x1b28  [ 0B867A6BAB305C186AD57B6CEA53D981, 226DD3DEA47BA402CBADDC5AD6EE65254599582C9A0BDD1D502D109740B6690B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:56:48.0675 0x1b28  Avira SystrayStartTrigger - ok
15:56:48.0792 0x1b28  [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4, CD89A31004E3E5A3253554CABF70B89D4F2FCBC40161FFA9E633CD85261A2769 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:56:48.0831 0x1b28  Adobe ARM - ok
15:56:48.0948 0x1b28  [ F36C84F16B1089C0FFBFE8DFF754AB6B, 5135643FA467C2F72D4E403D81D0DABD50620E4E5EF7D340D88A94A18DBEC07E ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
15:56:49.0014 0x1b28  HPAdvisorDock - ok
15:56:49.0127 0x1b28  [ C06F76EC21B1CD5D8EB8A95243371A67, 7F10DA2C66484E1C4E3E0CAD5CCC2B961E004909BC14F11E2FABB0E3826E8BF9 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
15:56:49.0211 0x1b28  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
15:56:51.0575 0x1b28  Detect skipped due to KSN trusted
15:56:51.0575 0x1b28  LightScribe Control Panel - ok
15:56:51.0733 0x1b28  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\*******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:56:51.0747 0x1b28  Dropbox Update - ok
15:56:51.0827 0x1b28  GoogleDriveSync - ok
15:56:51.0912 0x1b28  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:56:51.0970 0x1b28  RESTART_STICKY_NOTES - ok
15:56:53.0005 0x1b28  [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe
15:56:53.0745 0x1b28  CCleaner Monitoring - ok
15:56:54.0093 0x1b28  [ FF74D2A2E3A3615A765B5181DB18551D, C38F06705B4E3264ABA10317BF3DE6D022E9B9D5B3016B08121512E84880963C ] C:\Program Files (x86)\Steam\steam.exe
15:56:54.0198 0x1b28  Steam - ok
15:56:54.0204 0x1b28  Waiting for KSN requests completion. In queue: 14
15:56:55.0204 0x1b28  Waiting for KSN requests completion. In queue: 14
15:56:56.0204 0x1b28  Waiting for KSN requests completion. In queue: 14
15:56:56.0569 0x1850  Object required for P2P: [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:56:57.0204 0x1b28  Waiting for KSN requests completion. In queue: 6
15:56:58.0204 0x1b28  Waiting for KSN requests completion. In queue: 6
15:56:59.0016 0x1850  Object send P2P result: true
15:56:59.0016 0x1850  Object required for P2P: [ FF74D2A2E3A3615A765B5181DB18551D ] C:\Program Files (x86)\Steam\steam.exe
15:56:59.0205 0x1b28  Waiting for KSN requests completion. In queue: 1
15:57:00.0205 0x1b28  Waiting for KSN requests completion. In queue: 1
15:57:01.0205 0x1b28  Waiting for KSN requests completion. In queue: 1
15:57:01.0458 0x1850  Object send P2P result: true
15:57:02.0232 0x1b28  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.133 ), 0x41000 ( enabled : updated )
15:57:02.0244 0x1b28  Win FW state via NFP2: enabled ( trusted )
15:57:04.0612 0x1b28  ============================================================
15:57:04.0612 0x1b28  Scan finished
15:57:04.0612 0x1b28  ============================================================
15:57:04.0627 0x11b0  Detected object count: 2
15:57:04.0627 0x11b0  Actual detected object count: 2
15:57:41.0969 0x11b0  wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:41.0969 0x11b0  wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:57:41.0969 0x11b0  Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - skipped by user
15:57:41.0969 0x11b0  Broadcom Wireless Manager UI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:57:54.0139 0x198c  Deinitialize success
         

Alt 21.02.2016, 16:03   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Schritt 1

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 21.02.2016, 19:01   #9
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



MBAM-txt.:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.02.2016
Suchlaufzeit: 17:26
Protokolldatei: MBAM-Logfile 1.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.21.04
Rootkit-Datenbank: v2016.02.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ******

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 409264
Abgelaufene Zeit: 55 Min., 4 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, In Quarantäne, [45131a491d7ce2544d00225ce51d39c7], 
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, In Quarantäne, [45131a491d7ce2544d00225ce51d39c7], 
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [12463a293f5adb5b133e770755adf709], 
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [12463a293f5adb5b133e770755adf709], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 22.02.2016, 21:09   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



OK. Und ESET bitte...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.02.2016, 23:22   #11
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Hab's versucht, ESET hat jeweils nach 3,5h und 47% nicht mehr weiter gemacht.

Gibt's noch einen anderen Weg?

Alt 25.02.2016, 09:33   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Der dauert lange. Lass ihn laufen...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 25.02.2016, 19:35   #13
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6be0bd4d89dfda44b131e6ac6a7527a7
# end=init
# utc_time=2016-02-21 06:59:50
# local_time=2016-02-21 06:59:50 (+0000, Westeuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28233
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6be0bd4d89dfda44b131e6ac6a7527a7
# end=updated
# utc_time=2016-02-21 07:03:43
# local_time=2016-02-21 07:03:43 (+0000, Westeuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6be0bd4d89dfda44b131e6ac6a7527a7
# end=init
# utc_time=2016-02-23 05:29:45
# local_time=2016-02-23 05:29:45 (+0000, Westeuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28266
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6be0bd4d89dfda44b131e6ac6a7527a7
# end=updated
# utc_time=2016-02-23 05:32:07
# local_time=2016-02-23 05:32:07 (+0000, Westeuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6be0bd4d89dfda44b131e6ac6a7527a7
# end=init
# utc_time=2016-02-25 12:22:07
# local_time=2016-02-25 12:22:07 (+0000, Westeuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28296
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6be0bd4d89dfda44b131e6ac6a7527a7
# end=updated
# utc_time=2016-02-25 12:23:01
# local_time=2016-02-25 12:23:01 (+0000, Westeuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6be0bd4d89dfda44b131e6ac6a7527a7
# engine=28296
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-25 07:01:54
# local_time=2016-02-25 07:01:54 (+0000, Westeuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 78762537 208891964 0 0
# scanned=272561
# found=2
# cleaned=0
# scan_time=23932
sh=A0867E6C018019D4E76B0DA3E067413C1E9193D5 ft=1 fh=25de646db16c1e53 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*******\Downloads\ashampoo_burning_studio_6_free_6.83_4312.exe"
sh=45A30A7CB5CBF88FB013D55585DC9835D2D9A1FA ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*******\Downloads\SopCast3.5.0.zip"
         

Alt 26.02.2016, 08:26   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Welche Probleme bestehen aktuell?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 26.02.2016, 10:42   #15
GSR-Wurm
 
Seit neustem 100% CPU-Auslastung - Ursache unklar - Standard

Seit neustem 100% CPU-Auslastung - Ursache unklar



Insbesondere bestehen Probleme mit Firefox. Oftmals ist einfach nur ein Youtubetab geöffnet (zum Musikhören beispielsweise) und das führt zu einer 100%igen CPU-Auslastung laut dem Taskmanager.

Daneben habe ich aber auch das Gefühl, dass der Rechner sehr lange zum hochfahren braucht.
Kann das sein dass allgemein im Hintergrund noch viele Programme "mitlaufen" die ich an sich eigentlich nicht dauerhaft brauche? Wenn ja, wo kann ich die denn abschalten bzw. kann man sich eine Liste anzeigen lassen?

Danke für deinen Support!

Antwort

Themen zu Seit neustem 100% CPU-Auslastung - Ursache unklar
100%, 100% cpu-auslastung, abend, angezeigt, arbeiten, benötige, cpu-auslastung, eingefangen, feststellen, firefox, gefangen, guten, leistung, möglicherweise, nicht mehr, prozesse, quasi, seitdem, stelle, taskmanager, unklar, verschiedene, w-lan, woche, wochen



Ähnliche Themen: Seit neustem 100% CPU-Auslastung - Ursache unklar


  1. Diverse Probleme mit Rechner und seit neustem: WShelper.exe
    Log-Analyse und Auswertung - 12.01.2015 (36)
  2. seit neustem fehlermeldung bei chrome!
    Plagegeister aller Art und deren Bekämpfung - 13.12.2014 (13)
  3. CPU bei BF 4 seit kurzen ab und zu auf 100% aber nur 50% Auslastung an Threads
    Plagegeister aller Art und deren Bekämpfung - 09.09.2014 (3)
  4. Virus? seit neustem Uhrzeit verstellt/ Browser sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 25.07.2013 (15)
  5. Hohe CPU-Auslastung, was könnte (hier) die Ursache sein? Ein Trojaner?
    Log-Analyse und Auswertung - 22.06.2013 (11)
  6. Internet laggt seit neustem
    Netzwerk und Hardware - 13.02.2013 (3)
  7. Seit Heute Morgen CPU Auslastung immer 100%
    Plagegeister aller Art und deren Bekämpfung - 19.12.2012 (20)
  8. Anleitung unklar
    Mülltonne - 08.11.2012 (10)
  9. Rundll32.exe seit tagen permanent bei 50% auslastung.
    Log-Analyse und Auswertung - 14.07.2012 (1)
  10. PC Auslastung seit paar tagen Extrem hoch.
    Plagegeister aller Art und deren Bekämpfung - 26.03.2012 (25)
  11. CPU Auslastung seit 3 Tagen ständig auf 100% und alles laggt !
    Log-Analyse und Auswertung - 08.11.2011 (15)
  12. CPU-Auslastung ungerechtfertigt hoch. Virus o. Ä. als Ursache?
    Log-Analyse und Auswertung - 03.05.2010 (0)
  13. Neustart des PC's - Problem unklar
    Plagegeister aller Art und deren Bekämpfung - 23.05.2009 (11)
  14. Browser seit neustem zu langsam...
    Log-Analyse und Auswertung - 14.09.2008 (1)
  15. Seit einige zeit ,PC abstorze und 100% svchost.exe auslastung
    Log-Analyse und Auswertung - 11.06.2008 (1)
  16. CPU Auslastung seit neustem immer 100%
    Log-Analyse und Auswertung - 03.06.2008 (8)
  17. Kann das mal jemand checken?Seit neustem startet auch noch mein Pc neu..
    Log-Analyse und Auswertung - 05.03.2006 (4)

Zum Thema Seit neustem 100% CPU-Auslastung - Ursache unklar - Guten Abend, ich bin vor ca 2 Wochen nach UK gezogen und habe seitdem verschiedene W-LAN benutzt. Leider musste ich nun feststellen, dass mein PC, insbesondere wenn Firefox geöffnet ist, - Seit neustem 100% CPU-Auslastung - Ursache unklar...
Archiv
Du betrachtest: Seit neustem 100% CPU-Auslastung - Ursache unklar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.