| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mit Trojaner identifiziert?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.03.2013, 20:57
| #1 |
 |  Mit Trojaner identifiziert? Abend! Ich benutze seit einiger Zeit AVG Free Anti Virus und habe beim letzten Scan leider einige Trojaner auf meinem Notebook gefunden :-(. Ich habe natürlich die Dateien dann gleich empfernt, welche sich in einem Unterordner von MATLAB (ein Numerik-Programm) eingenistet haben, da mir auch der Dateiname sehr komisch vorgeokmmen sind. Dennoch habe ich mir davor eine der Dateien notiert und dann ein bisschen dazu gegoogled. Und bin dann auf das Board hier gestoßen bzw. diesen Thread: http://www.trojaner-board.de/122252-...ildschirm.html Zum Glück hatte ich keine Meldungen oder der gleichen wie der Kollege im angeführten Thread. Ich weiß es ist hier zu lesen man soll nicht die Schritte aus einem anderen Thread durchführen aber ich habe trotzdem schon selbst mal versucht ein paar Sofortmaßnahmen ergriffen und folgendes gemacht: Natürlich noch 2-3 mal das System mit AVG Free gescannt --> nichts gefunden Mit Trend MicroHouseCall mal einen Schnellscann durchgeführt bzw. den identifzierten Ordner damit gescannt nichts gefunden. Und dann noch Malwarebytes heruntergeladen, aktualisiert und einen Scan durchgeführt zum Glück nichts gefunden. Jetzt stell ich mir die Frage ob mein PC sauber ist und ob der Trojaner hoffentlich nichts angerichtet hat. Gleich mal danke für eure Hilfe. MFG |
|
01.03.2013, 21:35
| #2 |
| /// Malware-holic   | Mit Trojaner identifiziert? Hi
__________________und ich stelle mir die Frage, ob du uns die Dateinamen bzw fundorte postest :-)
__________________ |
|
01.03.2013, 22:06
| #3 |
| | Mit Trojaner identifiziert? Habe gerade noch einen Scan drüber laufen lassen:
__________________Jetzt findet er 3 Dateien: "";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde., C:\Windows\Installer\1c8c7.msi";"Infiziert" "";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde., C:\Windows\Installer\21784.msi";"Infiziert" "";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde., C:\Windows\Installer\21777.msi";"Infiziert" Ich kann diese mit dem Scanner leider nicht entfernen Hier noch die Dateien aus dem alten Protokoll (tut mir leid, dass ich diese nicht gleich gepostet habe): "";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde., C:\Windows\Installer\21784.msi";"Infiziert" "";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde., C:\Windows\Installer\21777.msi";"Infiziert" "";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde., C:\Windows\Installer\1c8c7.msi";"Infiziert" "";"Trojaner: Agent2.AYYG, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\docbpdiso16.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AYYG, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\dicbpdiso16.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AWRY, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\xpcregstack.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AWRL, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\rs232_send.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AWRL, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\rs232_rec.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AVXT, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\rs232_sendrec.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AVXS, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adkmdas1800hr.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AUKD, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adrtddm6420.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AUKD, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adrtddm6430.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AUEF, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adbbpci20098.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AUBP, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adcbdas16jrexp.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.ATPK, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adgesada1.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AOQN, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adbbpci20019.mexw32";"In Virenquarantäne verschoben" "";"Trojaner: Agent2.AOQN, C:\Program Files (x86)\MATLAB\R2009a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adbbpci20023.mexw32";"In Virenquarantäne verschoben" |
|
01.03.2013, 22:16
| #4 |
| /// Malware-holic | Mit Trojaner identifiziert? hi, wurden die Dateien gelöscht oder nicht? kannnst du mal im original Verzeichniss gucken und mir datieen aus dem log, die dort noch vorhanden sind, hochladen? Trojaner-Board Upload Channel evtl. vorher packen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.03.2013, 22:27
| #5 |
| | Mit Trojaner identifiziert? Also die oben 3 angeführten dateien sind eben noch da. Die aus dem Matlab-Verzeichnis konnte ich entfernen bzw. verschieben in die Quarantäne ... würde mich interessieren ob diese wirklich ein schlimmer Trojaner sind. Die 3 Dateien habe ich jetzt upgeloadet |
|
01.03.2013, 23:30
| #6 |
| /// Malware-holic | Mit Trojaner identifiziert? Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ --> Mit Trojaner identifiziert? |
|
02.03.2013, 12:40
| #7 |
| | Mit Trojaner identifiziert? Hier bitte die gewünschten Log-Files: als Anhang, leider konnte ich sie nicht so posten, weil ich schon zu viele Zeichen habe Ich hoffe dass ich das mit dem schliessen aller Programme richtig verstanden habe (Virensacnner etc. waren aktiv). |
|
03.03.2013, 19:00
| #8 |
| /// Malware-holic | Mit Trojaner identifiziert? Hi, otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O33 - MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\Shell - "" = AutoRun
O33 - MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\Shell\AutoRun\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\Shell\install\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{5b2eb092-03f9-11e1-8ac0-f0def1720204}\Shell - "" = AutoRun
O33 - MountPoints2\{5b2eb092-03f9-11e1-8ac0-f0def1720204}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{62567265-2ca5-11e1-b2a4-00a0c6000000}\Shell - "" = AutoRun
O33 - MountPoints2\{62567265-2ca5-11e1-b2a4-00a0c6000000}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{ec6fefbd-c5a7-11e0-a6ec-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ec6fefbd-c5a7-11e0-a6ec-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 22:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
:files
:Commands
[emptytemp]
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.03.2013, 16:28
| #9 |
| | Mit Trojaner identifiziert? Hier bitte das Ergebnis: Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PWMTRV deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d04092-f150-11e1-875b-f0def1720204}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d04092-f150-11e1-875b-f0def1720204}\ not found.
File D:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d04092-f150-11e1-875b-f0def1720204}\ not found.
File D:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d04092-f150-11e1-875b-f0def1720204}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d04092-f150-11e1-875b-f0def1720204}\ not found.
File D:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b2eb092-03f9-11e1-8ac0-f0def1720204}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5b2eb092-03f9-11e1-8ac0-f0def1720204}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b2eb092-03f9-11e1-8ac0-f0def1720204}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5b2eb092-03f9-11e1-8ac0-f0def1720204}\ not found.
File E:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62567265-2ca5-11e1-b2a4-00a0c6000000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62567265-2ca5-11e1-b2a4-00a0c6000000}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62567265-2ca5-11e1-b2a4-00a0c6000000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62567265-2ca5-11e1-b2a4-00a0c6000000}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec6fefbd-c5a7-11e0-a6ec-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec6fefbd-c5a7-11e0-a6ec-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec6fefbd-c5a7-11e0-a6ec-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec6fefbd-c5a7-11e0-a6ec-806e6f6e6963}\ not found.
Q:\LenovoQDrive.exe moved successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ****
->Temp folder emptied: 197962159 bytes
->Temporary Internet Files folder emptied: 81841294 bytes
->Java cache emptied: 57914 bytes
->FireFox cache emptied: 442981759 bytes
->Flash cache emptied: 10586 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 48704 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1510544067 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 3175336 bytes
Total Files Cleaned = 2.133,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03042013_161920
Files\Folders moved on Reboot...
C:\Users\****\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
04.03.2013, 19:28
| #10 |
| /// Malware-holic | Mit Trojaner identifiziert? Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.03.2013, 19:53
| #11 |
| | Mit Trojaner identifiziert? hier bitte das Log vom Kaspersky Anti-Rootkit-Tool: Code:
ATTFilter 19:44:31.0395 1316 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:44:31.0769 1316 ============================================================
19:44:31.0769 1316 Current date / time: 2013/03/04 19:44:31.0769
19:44:31.0769 1316 SystemInfo:
19:44:31.0769 1316
19:44:31.0769 1316 OS Version: 6.1.7601 ServicePack: 1.0
19:44:31.0769 1316 Product type: Workstation
19:44:31.0769 1316 ComputerName: ****
19:44:31.0769 1316 UserName: ****
19:44:31.0769 1316 Windows directory: C:\Windows
19:44:31.0769 1316 System windows directory: C:\Windows
19:44:31.0769 1316 Running under WOW64
19:44:31.0769 1316 Processor architecture: Intel x64
19:44:31.0769 1316 Number of processors: 4
19:44:31.0769 1316 Page size: 0x1000
19:44:31.0769 1316 Boot type: Normal boot
19:44:31.0769 1316 ============================================================
19:44:33.0189 1316 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:44:33.0189 1316 ============================================================
19:44:33.0189 1316 \Device\Harddisk0\DR0:
19:44:33.0189 1316 MBR partitions:
19:44:33.0189 1316 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
19:44:33.0189 1316 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x1BBE47F8
19:44:33.0189 1316 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1BE3D000, BlocksNum 0x1388000
19:44:33.0189 1316 ============================================================
19:44:33.0236 1316 C: <-> \Device\Harddisk0\DR0\Partition2
19:44:33.0298 1316 Q: <-> \Device\Harddisk0\DR0\Partition3
19:44:33.0298 1316 ============================================================
19:44:33.0298 1316 Initialize success
19:44:33.0298 1316 ============================================================
19:45:19.0646 6408 ============================================================
19:45:19.0646 6408 Scan started
19:45:19.0646 6408 Mode: Manual; SigCheck; TDLFS;
19:45:19.0646 6408 ============================================================
19:45:20.0348 6408 ================ Scan system memory ========================
19:45:20.0348 6408 System memory - ok
19:45:20.0348 6408 ================ Scan services =============================
19:45:20.0644 6408 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:45:20.0785 6408 1394ohci - ok
19:45:20.0847 6408 [ 0839005949EA2DA7E9420A66614C6649 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
19:45:20.0909 6408 5U877 - ok
19:45:20.0925 6408 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:45:20.0941 6408 ACPI - ok
19:45:20.0972 6408 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:45:21.0050 6408 AcpiPmi - ok
19:45:21.0221 6408 [ 6A53AAEC52611285F32F1B71321F2604 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
19:45:21.0237 6408 AcPrfMgrSvc - ok
19:45:21.0284 6408 [ 04762CCCFBB3103E3567B582ECF561A6 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
19:45:21.0299 6408 AcSvc - ok
19:45:21.0565 6408 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:45:21.0580 6408 AdobeFlashPlayerUpdateSvc - ok
19:45:21.0643 6408 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:45:21.0674 6408 adp94xx - ok
19:45:21.0721 6408 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:45:21.0736 6408 adpahci - ok
19:45:21.0752 6408 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:45:21.0767 6408 adpu320 - ok
19:45:21.0814 6408 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:45:22.0017 6408 AeLookupSvc - ok
19:45:22.0111 6408 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:45:22.0173 6408 AFD - ok
19:45:22.0220 6408 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:45:22.0220 6408 agp440 - ok
19:45:22.0235 6408 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:45:22.0282 6408 ALG - ok
19:45:22.0313 6408 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:45:22.0329 6408 aliide - ok
19:45:22.0360 6408 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:45:22.0376 6408 amdide - ok
19:45:22.0391 6408 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:45:22.0454 6408 AmdK8 - ok
19:45:22.0454 6408 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:45:22.0501 6408 AmdPPM - ok
19:45:22.0563 6408 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:45:22.0563 6408 amdsata - ok
19:45:22.0594 6408 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:45:22.0610 6408 amdsbs - ok
19:45:22.0641 6408 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:45:22.0641 6408 amdxata - ok
19:45:22.0719 6408 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
19:45:22.0781 6408 AMPPAL - ok
19:45:22.0781 6408 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
19:45:22.0797 6408 AMPPALP - ok
19:45:22.0844 6408 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:45:23.0062 6408 AppID - ok
19:45:23.0109 6408 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:45:23.0156 6408 AppIDSvc - ok
19:45:23.0171 6408 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:45:23.0234 6408 Appinfo - ok
19:45:23.0265 6408 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:45:23.0296 6408 AppMgmt - ok
19:45:23.0359 6408 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:45:23.0374 6408 arc - ok
19:45:23.0374 6408 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:45:23.0390 6408 arcsas - ok
19:45:23.0593 6408 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:45:23.0655 6408 aspnet_state - ok
19:45:23.0686 6408 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:45:23.0749 6408 AsyncMac - ok
19:45:23.0764 6408 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:45:23.0780 6408 atapi - ok
19:45:23.0873 6408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:45:23.0936 6408 AudioEndpointBuilder - ok
19:45:23.0936 6408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:45:23.0983 6408 AudioSrv - ok
19:45:24.0388 6408 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:45:24.0497 6408 AVGIDSAgent - ok
19:45:24.0560 6408 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:45:24.0575 6408 AVGIDSDriver - ok
19:45:24.0669 6408 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:45:24.0669 6408 AVGIDSHA - ok
19:45:24.0731 6408 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:45:24.0747 6408 Avgldx64 - ok
19:45:24.0825 6408 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
19:45:24.0841 6408 Avgloga - ok
19:45:24.0887 6408 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:45:24.0903 6408 Avgmfx64 - ok
19:45:24.0965 6408 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:45:24.0965 6408 Avgrkx64 - ok
19:45:24.0997 6408 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:45:25.0012 6408 Avgtdia - ok
19:45:25.0075 6408 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:45:25.0090 6408 avgwd - ok
19:45:25.0137 6408 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:45:25.0215 6408 AxInstSV - ok
19:45:25.0262 6408 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:45:25.0277 6408 b06bdrv - ok
19:45:25.0340 6408 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:45:25.0355 6408 b57nd60a - ok
19:45:25.0387 6408 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:45:25.0418 6408 BDESVC - ok
19:45:25.0433 6408 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:45:25.0480 6408 Beep - ok
19:45:25.0558 6408 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:45:25.0621 6408 BFE - ok
19:45:25.0714 6408 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:45:25.0777 6408 BITS - ok
19:45:25.0823 6408 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:45:25.0855 6408 blbdrive - ok
19:45:25.0855 6408 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:45:25.0901 6408 bowser - ok
19:45:25.0964 6408 [ 22B58F354624F478B6B7D5A2BC4C7A06 ] BR.AS.VersionChangerService C:\Windows\SysWOW64\BR.AS.VersionChangerService.exe
19:45:26.0011 6408 BR.AS.VersionChangerService ( UnsignedFile.Multi.Generic ) - warning
19:45:26.0011 6408 BR.AS.VersionChangerService - detected UnsignedFile.Multi.Generic (1)
19:45:26.0042 6408 BrAuthorizationSvcx - ok
19:45:26.0042 6408 BrDiskImageSvcx - ok
19:45:26.0073 6408 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:45:26.0089 6408 BrFiltLo - ok
19:45:26.0089 6408 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:45:26.0104 6408 BrFiltUp - ok
19:45:26.0182 6408 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:45:26.0213 6408 Browser - ok
19:45:26.0229 6408 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:45:26.0260 6408 Brserid - ok
19:45:26.0260 6408 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:45:26.0291 6408 BrSerWdm - ok
19:45:26.0307 6408 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:45:26.0338 6408 BrUsbMdm - ok
19:45:26.0338 6408 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:45:26.0354 6408 BrUsbSer - ok
19:45:26.0416 6408 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:45:26.0447 6408 BthEnum - ok
19:45:26.0447 6408 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:45:26.0463 6408 BTHMODEM - ok
19:45:26.0479 6408 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:45:26.0510 6408 BthPan - ok
19:45:26.0557 6408 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:45:26.0635 6408 BTHPORT - ok
19:45:26.0681 6408 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:45:26.0713 6408 bthserv - ok
19:45:26.0744 6408 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:45:26.0759 6408 BTHUSB - ok
19:45:26.0806 6408 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:45:26.0822 6408 btwaudio - ok
19:45:26.0869 6408 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
19:45:26.0884 6408 btwavdt - ok
19:45:26.0993 6408 [ C73EB036BFC5A27B9CB87B29F7ED88C3 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
19:45:27.0009 6408 btwdins - ok
19:45:27.0025 6408 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:45:27.0025 6408 btwl2cap - ok
19:45:27.0040 6408 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:45:27.0040 6408 btwrchid - ok
19:45:27.0071 6408 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:45:27.0118 6408 cdfs - ok
19:45:27.0165 6408 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:45:27.0181 6408 cdrom - ok
19:45:27.0227 6408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:45:27.0274 6408 CertPropSvc - ok
19:45:27.0290 6408 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:45:27.0321 6408 circlass - ok
19:45:27.0352 6408 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:45:27.0368 6408 CLFS - ok
19:45:27.0446 6408 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:45:27.0446 6408 clr_optimization_v2.0.50727_32 - ok
19:45:27.0508 6408 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:45:27.0524 6408 clr_optimization_v2.0.50727_64 - ok
19:45:27.0586 6408 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:45:27.0758 6408 clr_optimization_v4.0.30319_32 - ok
19:45:27.0820 6408 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:45:27.0867 6408 clr_optimization_v4.0.30319_64 - ok
19:45:27.0914 6408 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:45:27.0945 6408 CmBatt - ok
19:45:27.0961 6408 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:45:27.0976 6408 cmdide - ok
19:45:28.0054 6408 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
19:45:28.0070 6408 CNG - ok
19:45:28.0132 6408 [ 22BC1C27274D1CB1C3A8C14CDBA0CDF2 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
19:45:28.0163 6408 CnxtHdAudService - ok
19:45:28.0195 6408 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:45:28.0195 6408 Compbatt - ok
19:45:28.0195 6408 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:45:28.0241 6408 CompositeBus - ok
19:45:28.0257 6408 COMSysApp - ok
19:45:28.0288 6408 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:45:28.0288 6408 crcdisk - ok
19:45:28.0351 6408 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:45:28.0366 6408 CryptSvc - ok
19:45:28.0413 6408 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:45:28.0460 6408 CSC - ok
19:45:28.0507 6408 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:45:28.0538 6408 CscService - ok
19:45:28.0585 6408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:45:28.0647 6408 DcomLaunch - ok
19:45:28.0678 6408 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:45:28.0741 6408 defragsvc - ok
19:45:28.0756 6408 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:45:28.0803 6408 DfsC - ok
19:45:28.0834 6408 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:45:28.0881 6408 Dhcp - ok
19:45:28.0897 6408 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:45:28.0943 6408 discache - ok
19:45:28.0975 6408 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:45:28.0975 6408 Disk - ok
19:45:29.0006 6408 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:45:29.0037 6408 dmvsc - ok
19:45:29.0068 6408 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:45:29.0099 6408 Dnscache - ok
19:45:29.0131 6408 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:45:29.0177 6408 dot3svc - ok
19:45:29.0349 6408 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
19:45:29.0380 6408 DozeSvc - ok
19:45:29.0380 6408 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:45:29.0427 6408 DPS - ok
19:45:29.0474 6408 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:45:29.0489 6408 drmkaud - ok
19:45:29.0536 6408 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:45:29.0552 6408 DXGKrnl - ok
19:45:29.0599 6408 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
19:45:29.0614 6408 DzHDD64 - ok
19:45:29.0661 6408 [ 324FCD2DD8A4229DDEF3CC954FF12FA5 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
19:45:29.0677 6408 e1kexpress - ok
19:45:29.0723 6408 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:45:29.0770 6408 EapHost - ok
19:45:29.0864 6408 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:45:29.0957 6408 ebdrv - ok
19:45:30.0004 6408 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:45:30.0035 6408 EFS - ok
19:45:30.0113 6408 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:45:30.0145 6408 ehRecvr - ok
19:45:30.0176 6408 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:45:30.0191 6408 ehSched - ok
19:45:30.0301 6408 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
19:45:30.0316 6408 ElbyCDIO - ok
19:45:30.0363 6408 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:45:30.0379 6408 elxstor - ok
19:45:30.0379 6408 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:45:30.0410 6408 ErrDev - ok
19:45:30.0472 6408 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:45:30.0519 6408 EventSystem - ok
19:45:30.0613 6408 [ 6EB16C7286FBCD3AB206743BA813EC48 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:45:30.0628 6408 EvtEng - ok
19:45:30.0675 6408 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:45:30.0706 6408 exfat - ok
19:45:30.0706 6408 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:45:30.0769 6408 fastfat - ok
19:45:30.0831 6408 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:45:30.0847 6408 Fax - ok
19:45:30.0878 6408 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:45:30.0909 6408 fdc - ok
19:45:30.0956 6408 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:45:30.0987 6408 fdPHost - ok
19:45:30.0987 6408 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:45:31.0034 6408 FDResPub - ok
19:45:31.0049 6408 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:45:31.0065 6408 FileInfo - ok
19:45:31.0081 6408 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:45:31.0127 6408 Filetrace - ok
19:45:31.0143 6408 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:45:31.0159 6408 flpydisk - ok
19:45:31.0205 6408 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:45:31.0221 6408 FltMgr - ok
19:45:31.0330 6408 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:45:31.0361 6408 FontCache - ok
19:45:31.0424 6408 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:45:31.0439 6408 FontCache3.0.0.0 - ok
19:45:31.0455 6408 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:45:31.0486 6408 FsDepends - ok
19:45:31.0549 6408 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:45:31.0549 6408 Fs_Rec - ok
19:45:31.0580 6408 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:45:31.0595 6408 fvevol - ok
19:45:31.0627 6408 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:45:31.0642 6408 gagp30kx - ok
19:45:31.0673 6408 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:45:31.0720 6408 gpsvc - ok
19:45:31.0736 6408 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:45:31.0767 6408 hcw85cir - ok
19:45:31.0829 6408 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:45:31.0845 6408 HdAudAddService - ok
19:45:31.0876 6408 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:45:31.0907 6408 HDAudBus - ok
19:45:31.0954 6408 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:45:31.0970 6408 HECIx64 - ok
19:45:31.0970 6408 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:45:32.0001 6408 HidBatt - ok
19:45:32.0017 6408 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:45:32.0048 6408 HidBth - ok
19:45:32.0063 6408 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:45:32.0079 6408 HidIr - ok
19:45:32.0110 6408 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:45:32.0141 6408 hidserv - ok
19:45:32.0157 6408 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:45:32.0173 6408 HidUsb - ok
19:45:32.0204 6408 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:45:32.0266 6408 hkmsvc - ok
19:45:32.0282 6408 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:45:32.0297 6408 HomeGroupListener - ok
19:45:32.0329 6408 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:45:32.0344 6408 HomeGroupProvider - ok
19:45:32.0360 6408 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:45:32.0375 6408 HpSAMD - ok
19:45:32.0407 6408 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:45:32.0453 6408 HTTP - ok
19:45:32.0485 6408 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:45:32.0485 6408 hwpolicy - ok
19:45:32.0500 6408 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:45:32.0516 6408 i8042prt - ok
19:45:32.0703 6408 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:45:32.0719 6408 iaStor - ok
19:45:32.0812 6408 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:45:32.0828 6408 iaStorV - ok
19:45:32.0875 6408 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
19:45:32.0890 6408 IBMPMDRV - ok
19:45:32.0921 6408 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
19:45:32.0921 6408 IBMPMSVC - ok
19:45:33.0077 6408 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:45:33.0109 6408 idsvc - ok
19:45:34.0013 6408 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:45:34.0435 6408 igfx - ok
19:45:34.0481 6408 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:45:34.0497 6408 iirsp - ok
19:45:34.0559 6408 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:45:34.0622 6408 IKEEXT - ok
19:45:34.0653 6408 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
19:45:34.0700 6408 Impcd - ok
19:45:34.0747 6408 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:45:34.0793 6408 IntcDAud - ok
19:45:34.0793 6408 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:45:34.0809 6408 intelide - ok
19:45:34.0840 6408 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:45:34.0856 6408 intelppm - ok
19:45:34.0887 6408 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:45:34.0934 6408 IPBusEnum - ok
19:45:34.0981 6408 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:45:35.0012 6408 IpFilterDriver - ok
19:45:35.0090 6408 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:45:35.0152 6408 iphlpsvc - ok
19:45:35.0168 6408 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:45:35.0183 6408 IPMIDRV - ok
19:45:35.0183 6408 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:45:35.0230 6408 IPNAT - ok
19:45:35.0277 6408 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:45:35.0308 6408 IRENUM - ok
19:45:35.0308 6408 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:45:35.0308 6408 isapnp - ok
19:45:35.0339 6408 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:45:35.0355 6408 iScsiPrt - ok
19:45:35.0449 6408 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
19:45:35.0449 6408 IviRegMgr - ok
19:45:35.0495 6408 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:45:35.0511 6408 kbdclass - ok
19:45:35.0558 6408 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:45:35.0589 6408 kbdhid - ok
19:45:35.0605 6408 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:45:35.0620 6408 KeyIso - ok
19:45:35.0667 6408 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:45:35.0683 6408 KSecDD - ok
19:45:35.0729 6408 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:45:35.0745 6408 KSecPkg - ok
19:45:35.0745 6408 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:45:35.0792 6408 ksthunk - ok
19:45:35.0870 6408 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:45:35.0901 6408 KtmRm - ok
19:45:35.0963 6408 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:45:36.0010 6408 LanmanServer - ok
19:45:36.0057 6408 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:45:36.0119 6408 LanmanWorkstation - ok
19:45:36.0197 6408 [ 8B5EB24FCE3926128138B769D50CEE1B ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
19:45:36.0213 6408 LENOVO.CAMMUTE - ok
19:45:36.0369 6408 [ 7CFE36AF06E9C0984021796EDC8AC207 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
19:45:36.0369 6408 LENOVO.MICMUTE - ok
19:45:36.0416 6408 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
19:45:36.0416 6408 lenovo.smi - ok
19:45:36.0447 6408 [ F1A055E1381528E947CDB959117B67D0 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
19:45:36.0447 6408 LENOVO.TPKNRSVC - ok
19:45:36.0494 6408 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
19:45:36.0494 6408 Lenovo.VIRTSCRLSVC - ok
19:45:36.0541 6408 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:45:36.0587 6408 lltdio - ok
19:45:36.0619 6408 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:45:36.0665 6408 lltdsvc - ok
19:45:36.0697 6408 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:45:36.0759 6408 lmhosts - ok
19:45:36.0853 6408 [ 25884CA77F8D926B69167BC231D3726E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:45:36.0868 6408 LMS - ok
19:45:36.0899 6408 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:45:36.0915 6408 LSI_FC - ok
19:45:36.0915 6408 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:45:36.0946 6408 LSI_SAS - ok
19:45:36.0946 6408 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:45:36.0962 6408 LSI_SAS2 - ok
19:45:36.0962 6408 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:45:36.0977 6408 LSI_SCSI - ok
19:45:37.0009 6408 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:45:37.0055 6408 luafv - ok
19:45:37.0102 6408 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:45:37.0118 6408 MBAMProtector - ok
19:45:37.0211 6408 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:45:37.0211 6408 MBAMScheduler - ok
19:45:37.0336 6408 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:45:37.0367 6408 MBAMService - ok
19:45:37.0399 6408 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:45:37.0430 6408 Mcx2Svc - ok
19:45:37.0477 6408 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:45:37.0477 6408 megasas - ok
19:45:37.0508 6408 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:45:37.0523 6408 MegaSR - ok
19:45:37.0570 6408 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:45:37.0617 6408 MMCSS - ok
19:45:37.0633 6408 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:45:37.0695 6408 Modem - ok
19:45:37.0726 6408 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:45:37.0757 6408 monitor - ok
19:45:37.0773 6408 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:45:37.0789 6408 mouclass - ok
19:45:37.0789 6408 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:45:37.0820 6408 mouhid - ok
19:45:37.0867 6408 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:45:37.0867 6408 mountmgr - ok
19:45:37.0991 6408 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:45:38.0007 6408 MozillaMaintenance - ok
19:45:38.0023 6408 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:45:38.0038 6408 mpio - ok
19:45:38.0069 6408 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:45:38.0101 6408 mpsdrv - ok
19:45:38.0225 6408 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:45:38.0257 6408 MpsSvc - ok
19:45:38.0288 6408 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:45:38.0319 6408 MRxDAV - ok
19:45:38.0350 6408 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:45:38.0413 6408 mrxsmb - ok
19:45:38.0444 6408 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:45:38.0459 6408 mrxsmb10 - ok
19:45:38.0475 6408 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:45:38.0491 6408 mrxsmb20 - ok
19:45:38.0537 6408 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:45:38.0537 6408 msahci - ok
19:45:38.0553 6408 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:45:38.0553 6408 msdsm - ok
19:45:38.0569 6408 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:45:38.0600 6408 MSDTC - ok
19:45:38.0615 6408 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:45:38.0662 6408 Msfs - ok
19:45:38.0693 6408 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:45:38.0740 6408 mshidkmdf - ok
19:45:38.0740 6408 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:45:38.0756 6408 msisadrv - ok
19:45:38.0818 6408 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:45:38.0865 6408 MSiSCSI - ok
19:45:38.0865 6408 msiserver - ok
19:45:38.0896 6408 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:45:38.0959 6408 MSKSSRV - ok
19:45:38.0974 6408 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:45:39.0021 6408 MSPCLOCK - ok
19:45:39.0037 6408 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:45:39.0083 6408 MSPQM - ok
19:45:39.0146 6408 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:45:39.0146 6408 MsRPC - ok
19:45:39.0177 6408 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:45:39.0177 6408 mssmbios - ok
19:45:39.0473 6408 MSSQL$SQLEXPRESS - ok
19:45:39.0676 6408 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:45:39.0692 6408 MSSQLServerADHelper100 - ok
19:45:39.0770 6408 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:45:39.0801 6408 MSTEE - ok
19:45:39.0832 6408 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:45:39.0848 6408 MTConfig - ok
19:45:39.0863 6408 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:45:39.0879 6408 Mup - ok
19:45:39.0957 6408 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:45:40.0035 6408 napagent - ok
19:45:40.0082 6408 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:45:40.0113 6408 NativeWifiP - ok
19:45:40.0331 6408 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:45:40.0347 6408 NDIS - ok
19:45:40.0425 6408 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:45:40.0456 6408 NdisCap - ok
19:45:40.0487 6408 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:45:40.0519 6408 NdisTapi - ok
19:45:40.0534 6408 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:45:40.0581 6408 Ndisuio - ok
19:45:40.0597 6408 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:45:40.0628 6408 NdisWan - ok
19:45:40.0628 6408 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:45:40.0675 6408 NDProxy - ok
19:45:40.0675 6408 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:45:40.0721 6408 NetBIOS - ok
19:45:40.0721 6408 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:45:40.0753 6408 NetBT - ok
19:45:40.0784 6408 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:45:40.0784 6408 Netlogon - ok
19:45:40.0831 6408 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:45:40.0877 6408 Netman - ok
19:45:40.0940 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:41.0018 6408 NetMsmqActivator - ok
19:45:41.0033 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:41.0049 6408 NetPipeActivator - ok
19:45:41.0065 6408 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:45:41.0111 6408 netprofm - ok
19:45:41.0127 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:41.0127 6408 NetTcpActivator - ok
19:45:41.0127 6408 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:41.0143 6408 NetTcpPortSharing - ok
19:45:42.0281 6408 [ 219A40EEEA50D638BA9D08680C354A0C ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
19:45:42.0718 6408 NETwNs64 - ok
19:45:42.0781 6408 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:45:42.0781 6408 nfrd960 - ok
19:45:42.0859 6408 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:45:42.0905 6408 NlaSvc - ok
19:45:43.0061 6408 [ C31FA031335EFF434B2D94278E74BCCE ] npf C:\Windows\system32\drivers\npf.sys
19:45:43.0061 6408 npf - ok
19:45:43.0093 6408 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:45:43.0124 6408 Npfs - ok
19:45:43.0155 6408 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:45:43.0186 6408 nsi - ok
19:45:43.0217 6408 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:45:43.0264 6408 nsiproxy - ok
19:45:43.0498 6408 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:45:43.0561 6408 Ntfs - ok
19:45:43.0607 6408 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:45:43.0639 6408 Null - ok
19:45:43.0685 6408 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:45:43.0701 6408 nvraid - ok
19:45:43.0732 6408 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:45:43.0748 6408 nvstor - ok
19:45:43.0779 6408 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:45:43.0795 6408 nv_agp - ok
19:45:44.0231 6408 [ 31A5A921ADEC44AAAD26240050085718 ] ODMV3 C:\Program Files (x86)\Common Files\Hilscher\ODMV3\ODMV3.exe
19:45:44.0263 6408 ODMV3 ( UnsignedFile.Multi.Generic ) - warning
19:45:44.0263 6408 ODMV3 - detected UnsignedFile.Multi.Generic (1)
19:45:44.0434 6408 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:45:44.0465 6408 odserv - ok
19:45:44.0497 6408 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:45:44.0543 6408 ohci1394 - ok
19:45:44.0637 6408 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:44.0653 6408 ose - ok
19:45:45.0167 6408 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:45:45.0261 6408 osppsvc - ok
19:45:45.0323 6408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:45:45.0355 6408 p2pimsvc - ok
19:45:45.0386 6408 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:45:45.0401 6408 p2psvc - ok
19:45:45.0417 6408 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:45:45.0433 6408 Parport - ok
19:45:45.0511 6408 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:45:45.0526 6408 partmgr - ok
19:45:45.0542 6408 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:45:45.0589 6408 PcaSvc - ok
19:45:45.0620 6408 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:45:45.0620 6408 pci - ok
19:45:45.0620 6408 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:45:45.0635 6408 pciide - ok
19:45:45.0651 6408 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:45:45.0667 6408 pcmcia - ok
19:45:45.0698 6408 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:45:45.0698 6408 pcw - ok
19:45:45.0729 6408 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:45:45.0776 6408 PEAUTH - ok
19:45:45.0854 6408 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:45:45.0901 6408 PeerDistSvc - ok
19:45:45.0994 6408 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:45:46.0057 6408 PerfHost - ok
19:45:46.0135 6408 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:45:46.0213 6408 pla - ok
19:45:46.0275 6408 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:45:46.0291 6408 PlugPlay - ok
19:45:46.0322 6408 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
19:45:46.0337 6408 pmxdrv - ok
19:45:46.0384 6408 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:45:46.0400 6408 PNRPAutoReg - ok
19:45:46.0431 6408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:45:46.0447 6408 PNRPsvc - ok
19:45:46.0493 6408 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:45:46.0540 6408 PolicyAgent - ok
19:45:46.0603 6408 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
19:45:46.0634 6408 Power - ok
19:45:46.0852 6408 [ 9D1F6EAD9EC4F2B1FBC87194E0AB37E2 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
19:45:46.0899 6408 Power Manager DBC Service - ok
19:45:46.0930 6408 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:45:46.0977 6408 PptpMiniport - ok
19:45:46.0993 6408 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:45:47.0039 6408 Processor - ok
19:45:47.0071 6408 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:45:47.0102 6408 ProfSvc - ok
19:45:47.0117 6408 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:45:47.0133 6408 ProtectedStorage - ok
19:45:47.0164 6408 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
19:45:47.0180 6408 psadd - ok
19:45:47.0227 6408 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:45:47.0258 6408 Psched - ok
19:45:47.0398 6408 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
19:45:47.0398 6408 PSI - ok
19:45:47.0632 6408 [ 4751E1872446CE21207E43AE4C0EC52A ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
19:45:47.0710 6408 PwmEWSvc - ok
19:45:47.0897 6408 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:45:47.0929 6408 ql2300 - ok
19:45:47.0960 6408 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:45:47.0975 6408 ql40xx - ok
19:45:48.0022 6408 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:45:48.0038 6408 QWAVE - ok
19:45:48.0038 6408 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:45:48.0085 6408 QWAVEdrv - ok
19:45:48.0085 6408 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:45:48.0116 6408 RasAcd - ok
19:45:48.0163 6408 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:45:48.0194 6408 RasAgileVpn - ok
19:45:48.0225 6408 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:45:48.0287 6408 RasAuto - ok
19:45:48.0319 6408 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:45:48.0365 6408 Rasl2tp - ok
19:45:48.0412 6408 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:45:48.0443 6408 RasMan - ok
19:45:48.0443 6408 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:45:48.0490 6408 RasPppoe - ok
19:45:48.0506 6408 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:45:48.0568 6408 RasSstp - ok
19:45:48.0584 6408 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:45:48.0615 6408 rdbss - ok
19:45:48.0646 6408 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:45:48.0646 6408 rdpbus - ok
19:45:48.0677 6408 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:45:48.0709 6408 RDPCDD - ok
19:45:48.0740 6408 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:45:48.0740 6408 RDPDR - ok
19:45:48.0787 6408 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:45:48.0833 6408 RDPENCDD - ok
19:45:48.0833 6408 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:45:48.0865 6408 RDPREFMP - ok
19:45:48.0927 6408 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:45:48.0958 6408 RdpVideoMiniport - ok
19:45:48.0989 6408 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:45:49.0005 6408 RDPWD - ok
19:45:49.0021 6408 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:45:49.0036 6408 rdyboost - ok
19:45:49.0145 6408 [ F09087C51C6AE42AE7DABE1EB3E44C17 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:45:49.0145 6408 RegSrvc - ok
19:45:49.0223 6408 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:45:49.0270 6408 RemoteAccess - ok
19:45:49.0317 6408 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:45:49.0348 6408 RemoteRegistry - ok
19:45:49.0395 6408 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:45:49.0426 6408 RFCOMM - ok
19:45:49.0457 6408 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:45:49.0504 6408 RpcEptMapper - ok
19:45:49.0551 6408 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:45:49.0567 6408 RpcLocator - ok
19:45:49.0613 6408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:45:49.0645 6408 RpcSs - ok
19:45:49.0738 6408 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\Windows\system32\DRIVERS\RsFx0105.sys
19:45:49.0754 6408 RsFx0105 - ok
19:45:49.0769 6408 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:45:49.0801 6408 rspndr - ok
19:45:49.0863 6408 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:45:49.0879 6408 s3cap - ok
19:45:49.0894 6408 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:45:49.0910 6408 SamSs - ok
19:45:50.0081 6408 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\Sandra.sys
19:45:50.0097 6408 SANDRA - ok
19:45:50.0113 6408 [ 96F6F3E594D780B7E20FDC94504D4D89 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe
19:45:50.0144 6408 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
19:45:50.0144 6408 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
19:45:50.0175 6408 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:45:50.0191 6408 sbp2port - ok
19:45:50.0237 6408 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:45:50.0315 6408 SCardSvr - ok
19:45:50.0331 6408 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:45:50.0378 6408 scfilter - ok
19:45:50.0503 6408 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:45:50.0549 6408 Schedule - ok
19:45:50.0596 6408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:45:50.0627 6408 SCPolicySvc - ok
19:45:50.0721 6408 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:45:50.0768 6408 SDRSVC - ok
19:45:50.0799 6408 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:45:50.0846 6408 secdrv - ok
19:45:50.0861 6408 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:45:50.0877 6408 seclogon - ok
19:45:51.0142 6408 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
19:45:51.0173 6408 Secunia PSI Agent - ok
19:45:51.0361 6408 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
19:45:51.0376 6408 Secunia Update Agent - ok
19:45:51.0439 6408 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:45:51.0485 6408 SENS - ok
19:45:51.0517 6408 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:45:51.0548 6408 SensrSvc - ok
19:45:51.0595 6408 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:45:51.0626 6408 Serenum - ok
19:45:51.0657 6408 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:45:51.0688 6408 Serial - ok
19:45:51.0735 6408 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:45:51.0751 6408 sermouse - ok
19:45:51.0782 6408 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:45:51.0829 6408 SessionEnv - ok
19:45:51.0829 6408 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:45:51.0844 6408 sffdisk - ok
19:45:51.0844 6408 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:45:51.0875 6408 sffp_mmc - ok
19:45:51.0875 6408 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:45:51.0891 6408 sffp_sd - ok
19:45:51.0891 6408 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:45:51.0922 6408 sfloppy - ok
19:45:51.0985 6408 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:45:52.0047 6408 SharedAccess - ok
19:45:52.0125 6408 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:45:52.0156 6408 ShellHWDetection - ok
19:45:52.0219 6408 [ 29E316DE2C0261C30C08F872032C53A2 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
19:45:52.0219 6408 Shockprf - ok
19:45:52.0281 6408 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:45:52.0297 6408 SiSRaid2 - ok
19:45:52.0328 6408 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:45:52.0343 6408 SiSRaid4 - ok
19:45:52.0453 6408 [ C84A3DCE4D9D70A4D8FBFA4B7DD6FF0B ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:45:52.0468 6408 SkypeUpdate - ok
19:45:52.0484 6408 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:45:52.0531 6408 Smb - ok
19:45:52.0624 6408 [ 8B4B5E4C0382D7ECBB48DC989AE20FA6 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
19:45:52.0640 6408 SmbDrvI - ok
19:45:52.0796 6408 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
19:45:52.0796 6408 smihlp - ok
19:45:52.0874 6408 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:45:52.0889 6408 SNMPTRAP - ok
19:45:52.0936 6408 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:45:52.0936 6408 spldr - ok
19:45:53.0045 6408 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:45:53.0045 6408 Spooler - ok
19:45:53.0357 6408 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:45:53.0467 6408 sppsvc - ok
19:45:53.0482 6408 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:45:53.0513 6408 sppuinotify - ok
19:45:53.0529 6408 sptd - ok
19:45:54.0137 6408 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
19:45:54.0153 6408 SQLAgent$SQLEXPRESS - ok
19:45:54.0325 6408 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:45:54.0356 6408 SQLBrowser - ok
19:45:54.0418 6408 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:45:54.0434 6408 SQLWriter - ok
19:45:54.0543 6408 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:45:54.0590 6408 srv - ok
19:45:54.0621 6408 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:45:54.0652 6408 srv2 - ok
19:45:54.0699 6408 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:45:54.0699 6408 srvnet - ok
19:45:54.0746 6408 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:45:54.0777 6408 SSDPSRV - ok
19:45:54.0777 6408 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:45:54.0808 6408 SstpSvc - ok
19:45:54.0855 6408 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:45:54.0871 6408 stexstor - ok
19:45:54.0933 6408 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:45:54.0964 6408 stisvc - ok
19:45:54.0980 6408 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:45:54.0980 6408 storflt - ok
19:45:55.0042 6408 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
19:45:55.0073 6408 StorSvc - ok
19:45:55.0120 6408 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:45:55.0120 6408 storvsc - ok
19:45:55.0323 6408 [ 5D8B9129DA2EB060BC9346FD9724632E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
19:45:55.0339 6408 SUService - ok
19:45:55.0354 6408 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:45:55.0370 6408 swenum - ok
19:45:55.0417 6408 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:45:55.0463 6408 swprv - ok
19:45:55.0604 6408 [ 9A17BF37F3B2FB9B686214780E4F8223 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:45:55.0619 6408 SynTP - ok
19:45:55.0729 6408 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:45:55.0775 6408 SysMain - ok
19:45:55.0807 6408 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:45:55.0822 6408 TabletInputService - ok
19:45:55.0838 6408 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:45:55.0885 6408 TapiSrv - ok
19:45:55.0900 6408 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:45:55.0931 6408 TBS - ok
19:45:56.0181 6408 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:45:56.0290 6408 Tcpip - ok
19:45:56.0321 6408 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:45:56.0353 6408 TCPIP6 - ok
19:45:56.0446 6408 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:45:56.0446 6408 tcpipreg - ok
19:45:56.0524 6408 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:45:56.0602 6408 TDPIPE - ok
19:45:56.0633 6408 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:45:56.0633 6408 TDTCP - ok
19:45:56.0649 6408 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:45:56.0696 6408 tdx - ok
19:45:56.0696 6408 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:45:56.0711 6408 TermDD - ok
19:45:56.0789 6408 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:45:56.0836 6408 TermService - ok
19:45:56.0852 6408 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:45:56.0867 6408 Themes - ok
19:45:57.0039 6408 [ 39AC444E07FDBD8C2E8E291A65D515D3 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
19:45:57.0086 6408 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - warning
19:45:57.0086 6408 ThinkVantage Registry Monitor Service - detected UnsignedFile.Multi.Generic (1)
19:45:57.0133 6408 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:45:57.0148 6408 THREADORDER - ok
19:45:57.0179 6408 [ 8B359A7F4C715B84C76DE3C5167797C5 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
19:45:57.0179 6408 TPDIGIMN - ok
19:45:57.0211 6408 [ 0C1C7753A5539C898ADAFFDE835DF7A8 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
19:45:57.0211 6408 TPHDEXLGSVC - ok
19:45:57.0304 6408 [ 373B3EABBE1B07E3CDE98E1452B6D131 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
19:45:57.0320 6408 TPHKLOAD - ok
19:45:57.0382 6408 [ 5B62F45C87CC0FB176C5358EEA6CFB4C ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
19:45:57.0398 6408 TPHKSVC - ok
19:45:57.0429 6408 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
19:45:57.0476 6408 TPM - ok
19:45:57.0554 6408 [ 6EE437A872E0184D6D09F65C5EA0AABA ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
19:45:57.0569 6408 TPPWRIF - ok
19:45:57.0601 6408 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:45:57.0632 6408 TrkWks - ok
19:45:57.0757 6408 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:45:57.0788 6408 TrustedInstaller - ok
19:45:57.0819 6408 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:45:57.0866 6408 tssecsrv - ok
19:45:57.0959 6408 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:45:58.0022 6408 TsUsbFlt - ok
19:45:58.0053 6408 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:45:58.0069 6408 TsUsbGD - ok
19:45:58.0115 6408 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:45:58.0178 6408 tunnel - ok
19:45:58.0209 6408 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
19:45:58.0225 6408 TurboB - ok
19:45:58.0256 6408 [ B670DF651F00194434ADC6B326743709 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:45:58.0271 6408 TurboBoost - ok
19:45:58.0412 6408 [ 003AFB1490828615B041849ABB40EAA1 ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
19:45:58.0443 6408 TVT Backup Service - ok
19:45:58.0490 6408 [ 4DAAE0413CD4E816258838E2FAFB3147 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
19:45:58.0505 6408 TVTI2C - ok
19:45:58.0521 6408 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:45:58.0537 6408 uagp35 - ok
19:45:58.0583 6408 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:45:58.0630 6408 udfs - ok
19:45:58.0661 6408 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:45:58.0693 6408 UI0Detect - ok
19:45:58.0802 6408 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
19:45:58.0833 6408 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
19:45:58.0833 6408 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
19:45:58.0849 6408 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:45:58.0849 6408 uliagpkx - ok
19:45:58.0880 6408 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:45:58.0895 6408 umbus - ok
19:45:58.0911 6408 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:45:58.0942 6408 UmPass - ok
19:45:58.0958 6408 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:45:58.0989 6408 UmRdpService - ok
19:45:59.0254 6408 [ 2B971A72C0D6BD8A710E2748353773DD ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:45:59.0285 6408 UNS - ok
19:45:59.0441 6408 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:45:59.0504 6408 upnphost - ok
19:45:59.0551 6408 [ EBF228A52517042DE4F38A40285BC8D9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:45:59.0613 6408 usbccgp - ok
19:45:59.0660 6408 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:45:59.0675 6408 usbcir - ok
19:45:59.0707 6408 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:45:59.0753 6408 usbehci - ok
19:45:59.0785 6408 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:45:59.0816 6408 usbhub - ok
19:45:59.0847 6408 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:45:59.0863 6408 usbohci - ok
19:45:59.0878 6408 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:45:59.0909 6408 usbprint - ok
19:45:59.0941 6408 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:45:59.0972 6408 USBSTOR - ok
19:46:00.0003 6408 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:46:00.0019 6408 usbuhci - ok
19:46:00.0050 6408 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:46:00.0065 6408 usbvideo - ok
19:46:00.0112 6408 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:46:00.0175 6408 UxSms - ok
19:46:00.0206 6408 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:46:00.0206 6408 VaultSvc - ok
19:46:00.0284 6408 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
19:46:00.0362 6408 VClone - ok
19:46:00.0393 6408 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:46:00.0393 6408 vdrvroot - ok
19:46:00.0424 6408 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:46:00.0502 6408 vds - ok
19:46:00.0533 6408 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:46:00.0549 6408 vga - ok
19:46:00.0549 6408 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:46:00.0596 6408 VgaSave - ok
19:46:00.0611 6408 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:46:00.0627 6408 vhdmp - ok
19:46:00.0627 6408 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:46:00.0643 6408 viaide - ok
19:46:00.0658 6408 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:46:00.0674 6408 vmbus - ok
19:46:00.0674 6408 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:46:00.0689 6408 VMBusHID - ok
19:46:00.0721 6408 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:46:00.0721 6408 volmgr - ok
19:46:00.0721 6408 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:46:00.0736 6408 volmgrx - ok
19:46:00.0752 6408 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:46:00.0767 6408 volsnap - ok
19:46:00.0799 6408 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:46:00.0814 6408 vsmraid - ok
19:46:01.0859 6408 [ CA64A8838B4674D14BDF88ABA2F253EA ] VSPerfDrv100 C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
19:46:01.0859 6408 VSPerfDrv100 - ok
19:46:01.0984 6408 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:46:02.0047 6408 VSS - ok
19:46:02.0062 6408 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:46:02.0093 6408 vwifibus - ok
19:46:02.0109 6408 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:46:02.0140 6408 vwififlt - ok
19:46:02.0171 6408 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:46:02.0203 6408 vwifimp - ok
19:46:02.0234 6408 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:46:02.0281 6408 W32Time - ok
19:46:02.0296 6408 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:46:02.0327 6408 WacomPen - ok
19:46:02.0359 6408 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:46:02.0421 6408 WANARP - ok
19:46:02.0421 6408 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:46:02.0452 6408 Wanarpv6 - ok
19:46:02.0608 6408 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:46:02.0639 6408 WatAdminSvc - ok
19:46:02.0764 6408 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:46:02.0827 6408 wbengine - ok
19:46:02.0858 6408 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:46:02.0873 6408 WbioSrvc - ok
19:46:02.0905 6408 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:46:02.0951 6408 wcncsvc - ok
19:46:02.0967 6408 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:46:02.0998 6408 WcsPlugInService - ok
19:46:03.0029 6408 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:46:03.0045 6408 Wd - ok
19:46:03.0170 6408 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:46:03.0185 6408 Wdf01000 - ok
19:46:03.0201 6408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:46:03.0217 6408 WdiServiceHost - ok
19:46:03.0232 6408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:46:03.0248 6408 WdiSystemHost - ok
19:46:03.0279 6408 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:46:03.0326 6408 WebClient - ok
19:46:03.0373 6408 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:46:03.0404 6408 Wecsvc - ok
19:46:03.0419 6408 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:46:03.0466 6408 wercplsupport - ok
19:46:03.0482 6408 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:46:03.0529 6408 WerSvc - ok
19:46:03.0560 6408 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:46:03.0575 6408 WfpLwf - ok
19:46:03.0607 6408 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:46:03.0607 6408 WIMMount - ok
19:46:03.0638 6408 WinDefend - ok
19:46:03.0653 6408 WinHttpAutoProxySvc - ok
19:46:03.0747 6408 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:46:03.0763 6408 Winmgmt - ok
19:46:04.0137 6408 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
19:46:04.0215 6408 WinRM - ok
19:46:04.0277 6408 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
19:46:04.0309 6408 WinUsb - ok
19:46:04.0387 6408 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:46:04.0433 6408 Wlansvc - ok
19:46:04.0511 6408 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:46:04.0527 6408 wlcrasvc - ok
19:46:04.0839 6408 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:46:04.0870 6408 wlidsvc - ok
19:46:04.0917 6408 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:46:04.0948 6408 WmiAcpi - ok
19:46:05.0089 6408 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:46:05.0104 6408 wmiApSrv - ok
19:46:05.0151 6408 WMPNetworkSvc - ok
19:46:05.0182 6408 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:46:05.0198 6408 WPCSvc - ok
19:46:05.0213 6408 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:46:05.0229 6408 WPDBusEnum - ok
19:46:05.0260 6408 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:46:05.0291 6408 ws2ifsl - ok
19:46:05.0307 6408 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:46:05.0338 6408 wscsvc - ok
19:46:05.0338 6408 WSearch - ok
19:46:05.0525 6408 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:46:05.0588 6408 wuauserv - ok
19:46:05.0650 6408 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:46:05.0697 6408 WudfPf - ok
19:46:05.0728 6408 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:46:05.0759 6408 WUDFRd - ok
19:46:05.0822 6408 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:46:05.0837 6408 wudfsvc - ok
19:46:05.0884 6408 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:46:05.0915 6408 WwanSvc - ok
19:46:06.0680 6408 [ 5BCB1F6CB749B6826BE1C0F16FF2F600 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:46:06.0742 6408 ZeroConfigService - ok
19:46:06.0773 6408 ================ Scan global ===============================
19:46:06.0805 6408 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:46:06.0851 6408 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:46:06.0851 6408 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:46:06.0883 6408 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:46:06.0961 6408 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:46:06.0961 6408 [Global] - ok
19:46:06.0961 6408 ================ Scan MBR ==================================
19:46:06.0992 6408 [ 0F15BE13F65277A8CBD133C035284D95 ] \Device\Harddisk0\DR0
19:46:07.0881 6408 \Device\Harddisk0\DR0 - ok
19:46:07.0881 6408 ================ Scan VBR ==================================
19:46:07.0928 6408 [ 2A4DBC0840EC59B92A299ACD78189292 ] \Device\Harddisk0\DR0\Partition1
19:46:07.0928 6408 \Device\Harddisk0\DR0\Partition1 - ok
19:46:07.0928 6408 [ B035461409D9C058ACEDAE8CDD2B3EBF ] \Device\Harddisk0\DR0\Partition2
19:46:07.0928 6408 \Device\Harddisk0\DR0\Partition2 - ok
19:46:07.0959 6408 [ 2EFA2001F6B73B5755729AD851CB6805 ] \Device\Harddisk0\DR0\Partition3
19:46:07.0959 6408 \Device\Harddisk0\DR0\Partition3 - ok
19:46:07.0959 6408 ============================================================
19:46:07.0959 6408 Scan finished
19:46:07.0959 6408 ============================================================
19:46:07.0975 6488 Detected object count: 5
19:46:07.0975 6488 Actual detected object count: 5
19:48:56.0271 6488 BR.AS.VersionChangerService ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:56.0271 6488 BR.AS.VersionChangerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:56.0271 6488 ODMV3 ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:56.0271 6488 ODMV3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:56.0271 6488 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:56.0271 6488 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:56.0271 6488 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:56.0271 6488 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:56.0271 6488 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
19:48:56.0271 6488 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
04.03.2013, 21:15
| #12 |
| /// Malware-holic | Mit Trojaner identifiziert? Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.03.2013, 23:31
| #13 |
| | Mit Trojaner identifiziert? also ist grad fertig geworden, habe genau wie beschrieben einen weiteren neustart wegen der Registry-Meldung bebraucht. Hier das Log: Code:
ATTFilter Combofix Logfile: |
|
05.03.2013, 19:20
| #14 |
| /// Malware-holic | Mit Trojaner identifiziert? Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.03.2013, 12:52
| #15 |
| | Mit Trojaner identifiziert? hallo, ich habe jetzt die angeforderte Liste gepostet. Um teilweise ein bisschen schreibarbeit zu sparen habe ich zum Teil etwas in Blöcke zusammengefasst die vorstinallierten Programme habe ich jetzt mal als notwendig eingestuft. darüber lässt sich sicher streiten ob ich wirklich alle brauche Code:
ATTFilter 7-Zip 9.20 (x64 edition) Igor Pavlov 31.10.2011 4,53MB 9.20.00.0 (notwendig) Access Help Lenovo 13.08.2011 3.01 (notwendig) Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 27.02.2013 6,00MB 11.6.602.171 (notwendig) Adobe Flash Player 11 Plugin Adobe Systems Incorporated 27.02.2013 6,00MB 11.6.602.171 (notwendig) Adobe Reader 9.5.4 - Deutsch Adobe Systems Incorporated 21.02.2013 118MB 9.5.4 (notwendig) Anzeige am Bildschirm 16.02.2013 6.67.05 (notwendig) Aspell 0.6 Dictionary (Language: de) 31.10.2011 (notwendig) Aspell 0.6 Dictionary (Language: en) 31.10.2011 (notwendig) Aspell Data 31.10.2011 (notwendig) Automation Net PVI Runtime V3.0.2 Bernecker + Rainer Industrie Elektronik Ges.m.b.H. 22.02.2012 3.0.2.3114 (notwendig) Automation Runtime AS3.0 AR X8.14 Bernecker & Rainer Industrie Elektronik Ges.m.b.H. 22.02.2012 8.14.23.0 (notwendig) Automation Studio V3.0.90 Bernecker + Rainer Industrie Elektronik Ges.m.b.H. 22.02.2012 3.0.90.18 (notwendig) Automation Studio Version Changer V2.5.3 Bernecker & Rainer Industrie Elektronik Ges.m.b.H. 22.02.2012 2.5.3.7011 (notwendig) AVG 2013 AVG Technologies 15.02.2013 2013.0.2899 (notwendig) CCleaner Piriform 25.02.2013 3.28 (notwendig) CDBurnerXP CDBurnerXP 21.10.2012 17,6MB 4.4.2.3442 (notwendig) Client Security - Password Manager Lenovo Group Limited 13.08.2011 229MB 8.30.0023.00 (notwendig) Conexant 20585 SmartAudio HD Conexant 13.08.2011 4.95.48.50 (notwendig) Corel Burn.Now Lenovo Edition Corel Corporation 13.08.2011 80,9MB 4.5.0 (notwendig) Corel DVD MovieFactory Lenovo Edition Corel Corporation 13.08.2011 318MB 7.0.0 (notwendig) Create Recovery Media Lenovo Group Limited 13.08.2011 8,04MB 1.20.0.00 (notwendig) Dienstprogramm "ThinkPad UltraNav" Lenovo 13.08.2011 2.13.0 (notwendig) Disable AMT Profile Synchronization Pop-up for Windows Vista/7 13.08.2011 1.00 (notwendig) Dotfuscator Software Services - Community Edition PreEmptive Solutions 01.02.2012 6,45MB 5.0.2500.0 (unbekannt) Dropbox Dropbox, Inc. 16.02.2013 1.6.16 (notwendig) DTM Library Hilscher GmbH 22.02.2012 197MB 1.0320.110721.6237 (notwendig) Energie-Manager 16.02.2013 6.40 Ethernet Device Configuration Tool Hilscher GmbH 22.02.2012 2,59MB 1.0501.110526.5798 (notwendig) Facemoods Toolbar 01.11.2011 (unnötig) FreeCommander 2009.02b Marek Jasinski 01.11.2011 2009.02 (notwendig) GIMP 2.6.11 The GIMP Team 01.11.2011 107MB 2.6.11 (notwendig) GPL Ghostscript Artifex Software Inc. 01.11.2011 9.04 (notwendig) GSview 5.0 Ghostgum Software Pty Ltd 10.12.2012 5.0 (notwendig) ImageMagick 6.8.0-2 Q16 (2012-11-01) ImageMagick Studio LLC 26.10.2012 70,4MB 6.8.0 (unötig) ImgBurn LIGHTNING UK! 01.11.2011 2.5.6.0 (notwendig) Inkscape 0.48.3.1 23.11.2012 0.48.3.1 (notwendig) Integrated Camera Driver Installer Package Ver.1.1.0.48 RICOH 13.08.2011 1.1.0.48 (notwendig) Intel(R) Control Center Intel Corporation 05.03.2012 1.2.1.1007 (notwendig) Intel(R) Management Engine Components Intel Corporation 05.03.2012 6.0.0.1179 (notwendig) Intel(R) Network Connections Drivers Intel 10.10.2012 916KB 16.8 (notwendig) Intel(R) Processor Graphics Intel Corporation 17.07.2012 8.15.10.2622 (notwendig) Intel® PROSet/Wireless WiFi-Software Intel Corporation 11.09.2012 145MB 15.02.0000.1258 (notwendig) InterVideo WinDVD 8 InterVideo Inc. 13.08.2011 163MB 8.0.20.199 (notwendig) IrfanView (remove only) Irfan Skiljan 15.02.2013 2,00MB 4.35 (notwendig) Java 7 Update 17 Oracle 06.03.2013 129MB 7.0.170 (notwendig) JDownloader 0.9 AppWork GmbH 01.11.2011 0.9 (notwendig) Lenovo Auto Scroll Utility 04.07.2012 1.11 (notwendig) Lenovo Patch Utility Lenovo Group Limited 16.02.2013 1,33MB 1.3.0.9 (notwendig) Lenovo Patch Utility 64 bit Lenovo Group Limited 16.02.2013 298KB 1.3.0.9 (notwendig) Lenovo Power Management Driver 15.02.2013 1.66.00.22 (notwendig) Lenovo Registration Lenovo Inc. 13.08.2011 4,09MB 1.0.2 (notwendig) Lenovo System Interface Driver 16.11.2011 1.05 (notwendig) Lenovo System Update Lenovo 16.02.2013 13,3MB 5.02.0007 (notwendig) Lenovo ThinkVantage Toolbox PC-Doctor, Inc. 31.10.2011 6.0.5849.23 (notwendig) Lenovo Warranty Information Lenovo 13.08.2011 893KB 1.0.0004.00 (notwendig) Lenovo Welcome Lenovo 13.08.2011 2.02.003.0 (notwendig) LibreOffice 4.0 Help Pack (German) The Document Foundation 15.02.2013 23,3MB 4.0.0.3 (notwendig) LibreOffice 4.0.0.3 The Document Foundation 15.02.2013 373MB 4.0.0.3 (notwendig) LyX 1.6.10-2 LyX Team 31.10.2011 1.6.10-2 (notwendig) LyX 2.0.4 LyX Team 27.08.2012 2.0.4 (notwendig) Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 26.02.2013 18,4MB 1.70.0.1100 (notwendig) Maple 14 (32-bit) Maplesoft 31.10.2011 14.0.0.0 (notwendig) MATLAB R2009a The MathWorks, Inc. 06.12.2011 7.8 (notwendig) MATLAB R2010a The MathWorks, Inc. 30.11.2011 7.10 (notwendig) Message Center Plus Lenovo Group Limited 13.08.2011 1,70MB 2.0.0012.00 (notwendig) Metafile to EPS Converter Joost Verburg 29.08.2012 (notwendig) Microsoft .NET Framework 4 Client Profile Microsoft Corporation 16.02.2011 38,8MB 4.0.30319 (notwendig) Microsoft .NET Framework 4 Extended Microsoft Corporation 15.12.2011 51,9MB 4.0.30319 (notwendig) Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 15.12.2011 83,4MB 4.0.30319 (notwendig) Microsoft ASP.NET MVC 2 Microsoft Corporation 15.12.2011 482KB 2.0.50217.0 (notwendig) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation 15.12.2011 2,25MB 2.0.50217.0 (notwendig) Microsoft Help Viewer 1.1 Microsoft Corporation 01.02.2012 3,97MB 1.1.40219 (notwendig) Microsoft Office 2010 Microsoft Corporation 13.08.2011 6,40MB 14.0.4763.1000 (notwendig) Microsoft Office Enterprise 2007 Microsoft Corporation 31.10.2011 12.0.6612.1000 (notwendig) Microsoft Office File Validation Add-In Microsoft Corporation 06.12.2011 7,95MB 14.0.5130.5003 (notwendig) Microsoft Office Live Add-in 1.5 Microsoft Corporation 22.04.2012 508KB 2.0.4024.1 (notwendig) Microsoft Silverlight Microsoft Corporation 16.05.2012 50,6MB 5.1.10411.0 (notwendig) Microsoft Silverlight 3 SDK Microsoft Corporation 15.12.2011 31,9MB 3.0.40818.0 (notwendig) Microsoft Silverlight 4 SDK Microsoft Corporation 01.02.2012 51,6MB 4.0.50826.0 (notwendig) Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 13.08.2011 1,69MB 3.1.0000 (notwendig) Microsoft SQL Server 2008 (64-bit) Microsoft Corporation 15.12.2011 (notwendig) Microsoft SQL Server 2008 Browser Microsoft Corporation 01.02.2012 7,95MB 10.3.5500.0 (notwendig) Microsoft SQL Server 2008 Native Client Microsoft Corporation 01.02.2012 6,39MB 10.3.5500.0 (notwendig) Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft Corporation 01.02.2012 5,54MB 10.50.1750.9 (notwendig) siehe Kommentar Ende Microsoft-Programme Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft Corporation 01.02.2012 11,8MB 10.50.1750.9 Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 01.02.2012 12,4MB 10.50.1750.9 Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft Corporation 01.02.2012 6,24MB 10.50.1750.9 Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft Corporation 01.02.2012 6,73MB 10.50.1750.9 Microsoft SQL Server 2008 Setup Support Files Microsoft Corporation 01.02.2012 27,3MB 10.3.5500.0 Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Corporation 15.12.2011 3,39MB 3.5.8080.0 Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Corporation 15.12.2011 4,50MB 3.5.8080.0 Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft Corporation 15.12.2011 10,1MB 10.1.2512.8 Microsoft SQL Server System CLR Types Microsoft Corporation 01.02.2012 930KB 10.50.1750.9 Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 01.02.2012 846KB 10.50.1750.9 Microsoft SQL Server VSS Writer Microsoft Corporation 01.02.2012 4,00MB 10.3.5500.0 Microsoft Sync Framework 2.0 Core Components (x64) ENU Microsoft Corporation 01.11.2011 1,33MB 2.0.1578.0 Microsoft Sync Framework 2.0 Provider Services (x64) ENU Microsoft Corporation 01.11.2011 3,20MB 2.0.1578.0 Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Corporation 15.12.2011 1,00MB 1.0.3010.0 Microsoft Sync Framework SDK v1.0 SP1 Microsoft Corporation 15.12.2011 29,6MB 1.0.3010.0 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Corporation 15.12.2011 2,84MB 1.0.3010.0 Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Corporation 15.12.2011 541KB 2.0.3010.0 Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Corporation 01.02.2012 10.0.40219 Microsoft Visio Professional 2010 Microsoft Corporation 28.08.2012 14.0.6029.1000 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 08.11.2011 300KB 8.0.56336 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 03.11.2011 620KB 8.0.61000 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 23.11.2012 788KB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 22.02.2012 240KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 30.10.2011 592KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 08.11.2011 600KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Corporation 15.12.2011 272KB 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 10.01.2013 13,8MB 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 Microsoft Corporation 01.02.2012 33,4MB 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 10.01.2013 11,1MB 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Corporation 01.02.2012 26,3MB 10.0.40219 Microsoft Visual F# 2.0 Runtime Microsoft Corporation 01.02.2012 5,84MB 10.0.40219 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 01.02.2012 33,4MB 10.0.40219 Microsoft Visual Studio 2010 IntelliTrace Collection (x64) Microsoft Corporation 01.02.2012 832KB 10.0.40219 Microsoft Visual Studio 2010 Service Pack 1 Microsoft Corporation 01.02.2012 75,9MB 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 10.01.2013 10.0.40303 Microsoft Visual Studio 2010 Ultimate - ENU Microsoft Corporation 15.12.2011 10.0.30319 Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU Microsoft Corporation 10.01.2013 10.0.40303 Microsoft Visual Studio Macro Tools Microsoft Corporation 15.12.2011 9.0.30729 alle Microsoft Programme stufe ich als (notwendig) ein ! MiKTeX 2.9 MiKTeX.org 31.10.2011 2.9 (notwendig) Mobile Broadband Lenovo 13.08.2011 16,4MB 3.6.0034 (notwendig) Mozilla Firefox 19.0 (x86 de) Mozilla 01.03.2013 43,7MB 19.0 (notwendig) Mozilla Maintenance Service Mozilla 01.03.2013 330KB 19.0 (notwendig) MSXML 4.0 SP2 (KB954430) Microsoft Corporation 30.10.2011 1,27MB 4.20.9870.0 (notwendig) MSXML 4.0 SP2 (KB973688) Microsoft Corporation 30.10.2011 1,33MB 4.20.9876.0 (notwendig) Notepad++ 01.11.2011 5.9.5 (notwendig) OpenOffice.org 3.4.1 Apache Software Foundation 23.11.2012 331MB 3.41.9593 (notwendig) PDFCreator Frank Heindörfer, Philip Chinery 11.01.2012 1.2.3 (notwendig) PDFill PDF Editor with FREE Writer and FREE Tools PlotSoft LLC 06.12.2012 22,3MB 9.0 (unnötig) Qualcomm Gobi 2000 Package for Lenovo QUALCOMM 13.08.2011 62,8MB 1.1.170 (notwendig) Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 13.08.2011 1.00 (notwendig) Rescue and Recovery Lenovo Group Limited 13.08.2011 85,0MB 4.30.0025.00 (notwendig) Runtime Utility Center V4.0.0.8 Bernecker + Rainer Industrie Elektronik Ges.m.b.H. 22.02.2012 4.0.0.8 (notwendig) Secunia PSI (3.0.0.6001) Secunia 15.02.2013 5,76MB 3.0.0.6001 (notwendig) Secure Download Manager e-academy Inc. 17.10.2012 935KB 3.0.5 (notwendig) SiSoftware Sandra Lite 2012.SP1 SiSoftware 15.12.2011 95,2MB 18.24.2012.1 (notwendig) Skype™ 6.2 Skype Technologies S.A. 15.02.2013 20,2MB 6.2.106 (notwendig) Spybot - Search & Destroy Safer Networking Limited 01.11.2011 1.6.2 (notwendig) SumatraPDF Krzysztof Kowalczyk 18.08.2012 8,19MB 2.1.1 (notwendig) SyncToy 2.1 (x64) Microsoft 01.11.2011 1,45MB 2.1.0 (notwendig) ThinkPad Bluetooth with Enhanced Data Rate Software Broadcom Corporation 13.08.2011 144MB 6.2.1.100 (notwendig) ThinkPad FullScreen Magnifier 16.11.2011 2.40 (notwendig) ThinkPad UltraNav Driver 08.11.2012 46,4MB 16.2.5.0 (notwendig) ThinkVantage Access Connections Lenovo 08.11.2012 108MB 5.97 (notwendig) ThinkVantage Communications Utility Lenovo 13.08.2011 4,06MB 1.43 (notwendig) ThinkVantage Fingerprint Software Authentec Inc. 08.11.2012 49,0MB 5.9.8.7264 (notwendig) ThinkVantage GPS Lenovo 13.08.2011 32,1MB 2.60 (notwendig) ThinkVantage System für aktiven Festplattenschutz Lenovo 13.08.2011 15,6MB 1.72 (notwendig) Verizon Wireless Mobile Broadband Self Activation Smith Micro Software, Inc. 13.08.2011 4,27MB 3.1.4 (notwendig) VeryPDF PDF to Any Converter v2.0 VeryPDF.com Company 06.12.2012 (unnötig) VirtualCloneDrive Elaborate Bytes 28.08.2012 (notwendig) Alle Visual studio sachen sind notwendig, wobei was hat des mit AVG zu tun? vermutlich braucht der scanner da irgendwelche Biliotheken? Visual Studio 2008 x64 Redistributables AVG Technologies 30.10.2011 10,0MB 10.0.0.2 Visual Studio 2010 Prerequisites - English Microsoft Corporation 01.02.2012 23,1MB 10.0.40219 Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU Microsoft Corporation 15.12.2011 10,7MB 4.0.8080.0 Visual Studio 2010 x64 Redistributables AVG Technologies 15.12.2012 12,4MB 13.0.0.1 VLC media player 2.0.5 VideoLAN 15.02.2013 2.0.5 (notwendig) WCF RIA Services V1.0 SP1 Microsoft Corporation 01.02.2012 12,3MB 4.1.60114.0 (notwendig) Web Deployment Tool Microsoft Corporation 15.12.2011 3,10MB 1.1.0618 (notwendig) Winamp Nullsoft, Inc 31.10.2011 5.622 (notwendig) Winamp Detector Plug-in Nullsoft, Inc 31.10.2011 75,0KB 1.0.0.1 (notwendig) Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) Broadcom 13.08.2011 06/15/2009 6.2.0.9000 (notwendig) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) Broadcom 13.08.2011 07/30/2009 6.2.0.9405 (notwendig) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) Broadcom 13.08.2011 07/28/2009 6.2.0.9800 (notwendig) Windows Live Essentials Microsoft Corporation 13.08.2011 15.4.3508.1109 (unbekannt) alle weiteren Windows-Sachen werden als (notwendig) eingestuft Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 13.08.2011 5,57MB 15.4.5722.2 Windows-Treiberpaket - Intel (e1kexpress) Net (06/22/2010 11.5.10.1012) Intel 13.08.2011 06/22/2010 11.5.10.1012 Windows-Treiberpaket - Intel (HECIx64) System (09/17/2009 6.0.0.1179) Intel 13.08.2011 09/17/2009 6.0.0.1179 Windows-Treiberpaket - Intel System (06/04/2009 1.0.0.0002) Intel 13.08.2011 06/04/2009 1.0.0.0002 Windows-Treiberpaket - Intel System (10/28/2009 9.1.1.1022) Intel 13.08.2011 10/28/2009 9.1.1.1022 Windows-Treiberpaket - Intel System (10/28/2009 9.1.1.1022) Intel 05.03.2012 10/28/2009 9.1.1.1022 Windows-Treiberpaket - Intel USB (08/20/2009 9.1.1.1020) Intel 13.08.2011 08/20/2009 9.1.1.1020 Windows-Treiberpaket - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) Lenovo 13.08.2011 11/18/2009 1.60.0.4 Windows-Treiberpaket - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) Synaptics 13.08.2011 03/24/2011 15.2.19.0 WinMerge 2.12.4 Thingamahoochie Software 01.11.2011 2.12.4 (notwendig) Überwachungstool für die Intel® Turbo-Boost-Technik Intel 13.08.2011 1,13MB 1.0.186.3 (notwendig) Einen kleinen negativen Effekt konnte ich schon feststellen. Das Lenovo eigne Tool zeigt mir nicht mehr den aktuellen Ladezustand des Akkus in der Taskleiste an. Müsste durch das Combofix-Tool entstanden sein. |
|
| Themen zu Mit Trojaner identifiziert? |
| anderen, anti, avg, board, dateien, dateiname, durchgeführt, folge, folgendes, frage, free, ide, malwarebytes, meldungen, natürlich, nichts, notebook, sauber, scan, system, thread, trend, trojaner, versucht, virus |
WARNUNG an die MITLESER: 
Linear-Darstellung
