| |
| |||||||
Log-Analyse und Auswertung: Trojaner tracking999/findgalaWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
03.03.2013, 16:27
| #1 |
 |  Trojaner tracking999/findgala Hallo, ich habe den Trojaner von findgala auf meinem Laptop (im Firefox). Den dritten Schritt GMER konnte ich nicht ausführen. Nach dem Start des Scans kam nach einer Weile der Hinweis : gmer funktioniert nicht mehr. Ich schloss dann das Programm. Wie geht es weiter? |
|
03.03.2013, 18:11
| #2 |
| /// Malware-holic   | Trojaner tracking999/findgala hi
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
03.03.2013, 19:02
| #3 | |
| | Trojaner tracking999/findgala Extra.txt wurde nicht erstellt. OTL.txt hänge ich an.
__________________Zitat:
|
|
03.03.2013, 19:59
| #4 |
| /// Malware-holic | Trojaner tracking999/findgala bitte als txt nicht pdf
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.03.2013, 20:07
| #5 | |
| | Trojaner tracking999/findgala Anbei die txt. Zitat:
|
|
03.03.2013, 20:37
| #6 |
| /// Malware-holic | Trojaner tracking999/findgala Hi, otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found
O4 - HKCU..\Run: [OpAgent] "OpAgent.exe" /agent File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1" File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64" File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDriveO4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112" File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" File not found
O4 - HKCU..\RunOnce: [Uninstall C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" File not found
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000 File not found
O33 - MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 22:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\Shell - "" = AutoRun
O33 - MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
:files
:Commands
[emptytemp]
__________________ --> Trojaner tracking999/findgala |
|
03.03.2013, 21:24
| #7 |
| | Trojaner tracking999/findgala Nach dem Fix erscheint folgendes Bild: Error: Unable to interpret <O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found> in the current context! Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found.> in the current context! Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context! Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [] File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [OpAgent] "OpAgent.exe" /agent File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1" File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64" File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDriveO4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112" File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" File not found> in the current context! Error: Unable to interpret <O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" File not found> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000 File not found> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000 File not found> in the current context! Error: Unable to interpret <O33 - MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 22:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)> in the current context! Error: Unable to interpret <O33 - MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe> in the current context! Error: Unable to interpret <O33 - MountPoints2\E\Shell - "" = AutoRun> in the current context! Error: Unable to interpret <O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a> in the current context! OTL by OldTimer - Version 3.2.69.0 log created on 03032013_212207 |
|
04.03.2013, 18:35
| #8 |
| /// Malware-holic | Trojaner tracking999/findgala bitte noch mal, kopieren ab :OTL
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.03.2013, 19:04
| #9 | |
| | Trojaner tracking999/findgalaZitat:
Code:
ATTFilter OTL logfile created on: 04.03.2013 18:41:24 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\SigridScherer\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,80 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 51,13% Memory free 7,60 Gb Paging File | 5,54 Gb Available in Paging File | 72,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 454,82 Gb Total Space | 216,93 Gb Free Space | 47,70% Space Free | Partition Type: NTFS Drive D: | 2,09 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 3,72 Gb Total Space | 3,10 Gb Free Space | 83,25% Space Free | Partition Type: FAT32 Drive Q: | 9,77 Gb Total Space | 1,60 Gb Free Space | 16,35% Space Free | Partition Type: NTFS Computer Name: SIGRID | User Name: SigridScherer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\SigridScherer\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\SigridScherer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files (x86)\1&1\1&1 Office-Drive Manager\DAVSRV.EXE (1&1 Internet AG) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) PRC - C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica) PRC - C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation) PRC - C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE (1&1 Mail & Media GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo) PRC - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) PRC - C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Samsung\Samsung CLP-320 Series\SPanel\Spanel.exe () PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe () PRC - C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited) PRC - c:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo Group Limited) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe () PRC - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () PRC - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) PRC - C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe () PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia) PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) PRC - C:\Program Files (x86)\ScanSoft\PDF Create 4\PdfCreate4Hook.exe (Nuance Communications, Inc.) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll () MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll () MOD - C:\Program Files (x86)\Samsung\Samsung CLP-320 Series\SPanel\spiomgr.dll () MOD - C:\Program Files (x86)\Samsung\Samsung CLP-320 Series\SPanel\Spanel.exe () MOD - C:\Program Files (x86)\Samsung\Samsung CLP-320 Series\SPanel\SMBalloon.dll () MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe () MOD - C:\Program Files (x86)\Samsung\Samsung CLP-320 Series\SPanel\SecSNMPR.dll () MOD - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () MOD - C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe () MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll () ========== Services (SafeList) ========== SRV:64bit: - (TPHDEXLGSVC) -- C:\Windows\SysNative\TPHDEXLG64.exe (Lenovo.) SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (PACSPTISVR-Sound_Organizer) -- C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe (Sony Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (TGCM_ImportWiFiSvc) -- C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Telefónica) SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AcSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Lenovo) SRV - (AcPrfMgrSvc) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) SRV - (LENOVO.TPKNRSVC) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) SRV - (LENOVO.CAMMUTE) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (Power Manager DBC Service) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo) SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) SRV - (Lenovo.VIRTSCRLSVC) -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited) SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SUService) -- c:\Program Files (x86)\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (AVerScheduleService) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AVerRemote) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia) SRV - (UleadBurningHelper) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Corel Corporation) DRV:64bit: - (ui11drdr) -- C:\Windows\SysNative\drivers\ui11drdr.SYS (1&1 Internet AG) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (uigxrdr) -- C:\Windows\SysNative\drivers\uigxrdr.SYS (1&1 Mail & Media GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (Shockprf) -- C:\Windows\SysNative\drivers\ApsX64.sys (Lenovo.) DRV:64bit: - (TPDIGIMN) -- C:\Windows\SysNative\drivers\ApsHM64.sys (Lenovo.) DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (TPPWRIF) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS () DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (5U877) -- C:\Windows\SysNative\drivers\5U877.sys (Ricoh co.,Ltd.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.) DRV:64bit: - (AVerAF35) -- C:\Windows\SysNative\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\drivers\ss_mdm.sys (MCCI Corporation) DRV:64bit: - (ss_bus) -- C:\Windows\SysNative\drivers\ss_bus.sys (MCCI Corporation) DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\drivers\ss_mdfl.sys (MCCI Corporation) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo (United States) Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (lenovo.smi) -- C:\Windows\SysNative\drivers\smiifx64.sys (Lenovo Group Limited) DRV - (SSPORT) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS (Samsung Electronics) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=64df9976-1bc1-4b0e-a210-3ab7eb3fedc3&searchtype=ds&p={searchTerms}&fr=linkury-tb IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={CDF0895D-60D1-4B30-9D0B-546E541C1F8D} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=64df9976-1bc1-4b0e-a210-3ab7eb3fedc3&searchtype=ds&p={searchTerms}&fr=linkury-tb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=64df9976-1bc1-4b0e-a210-3ab7eb3fedc3&searchtype=ds&p={searchTerms}&fr=linkury-tb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=64df9976-1bc1-4b0e-a210-3ab7eb3fedc3&searchtype=hp&fr=linkury-tb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=64df9976-1bc1-4b0e-a210-3ab7eb3fedc3&searchtype=ds&p={searchTerms}&fr=linkury-tb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=64df9976-1bc1-4b0e-a210-3ab7eb3fedc3&searchtype=ds&p={searchTerms}&fr=linkury-tb IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=64df9976-1bc1-4b0e-a210-3ab7eb3fedc3&searchtype=ds&p={searchTerms}&fr=linkury-tb IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=113480&tt=120812_bandext_3312_2&babsrc=SP_ss&mntrId=96ccceeb0000000000003859f9e11822 IE - HKCU\..\SearchScopes\{1D6C7F22-AA07-474D-8660-4221D0B53CC0}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848 IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms} IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE457DE457 IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=161&systemid=406&sr=0&q={searchTerms} IE - HKCU\..\SearchScopes\{CB283C2F-736A-44DA-ACDA-76D1C81456B4}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=D29251CD-0ECE-4A86-B446-DD6B17AA46FE&apn_sauid=57E8F7EB-BE46-405A-AE06-8C52A49FDA06 IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={CDF0895D-60D1-4B30-9D0B-546E541C1F8D} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..CT2625848.browser.search.defaultthis.engineName: true FF - prefs.js..CT3241949.browser.search.defaultthis.engineName: true FF - prefs.js..backup.old.browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://search.bearshare.net" FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: LX8CTlVhKKEeMCweV%40kvThSnVBDi.com:11 FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9 FF - prefs.js..extensions.enabledAddons: toolbar%40gmx.net:2.4 FF - prefs.js..extensions.enabledAddons: %7B0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff%7D:10.14.65.43 FF - prefs.js..extensions.enabledAddons: %7B78e516ef-11de-47a1-8364-a99b917ec5ee%7D:10.14.65.43 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.99999 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {9acd1def-c5f8-4930-b7e7-4f8ab102ff08}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {e18845dc-387b-4fa5-b6d5-c6cfeb9ea640}:2.0.1 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63 FF - prefs.js..extensions.enabledItems: dealio@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: i0ffxtbr@IObitBar.com:1.1 FF - prefs.js..extensions.enabledItems: toolbar@gmx.net:1.5.4 FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.10.20 22:01:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.02.26 16:19:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.03 15:15:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.09.17 21:21:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.08.14 19:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\Extensions [2013.02.26 21:03:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\Firefox\Profiles\iit7j8o4.default\extensions [2013.02.15 08:25:28 | 000,000,000 | ---D | M] (DVDVideoSoftTB DE) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\Firefox\Profiles\iit7j8o4.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2013.02.15 08:25:13 | 000,000,000 | ---D | M] (FileConverter 1.3) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\Firefox\Profiles\iit7j8o4.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [2012.07.04 06:12:54 | 000,004,819 | ---- | M] () (No name found) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\firefox\profiles\iit7j8o4.default\extensions\LX8CTlVhKKEeMCweV@kvThSnVBDi.com.xpi [2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\firefox\profiles\iit7j8o4.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2013.01.18 11:58:19 | 000,492,222 | ---- | M] () (No name found) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\firefox\profiles\iit7j8o4.default\extensions\toolbar@gmx.net.xpi [2012.12.13 07:32:52 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\firefox\profiles\iit7j8o4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.01.07 17:40:22 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\SigridScherer\AppData\Roaming\mozilla\firefox\profiles\iit7j8o4.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012.08.14 19:53:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.03 15:15:14 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.08.12 08:58:40 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.14 19:16:18 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.09.17 17:03:28 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.08.12 08:58:40 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.08.12 08:58:40 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.08.14 18:56:46 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2012.08.12 08:58:40 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.08.12 08:58:40 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: CHR - homepage: CHR - Extension: No name found = C:\Users\SigridScherer\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O3:64bit: - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found. O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe () O4 - HKLM..\Run: [ScanSoft OmniPage 16-reminder] C:\Program Files (x86)\ScanSoft\OmniPage16\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [1&1_1&1 Office-Drive Manager] C:\Program Files (x86)\1&1\1&1 Office-Drive Manager\DAVSRV.EXE (1&1 Internet AG) O4 - HKCU..\Run: [GMX_GMX Upload-Manager] C:\Program Files (x86)\GMX\GMX Upload-Manager\DAVSRV.EXE (1&1 Mail & Media GmbH) O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup File not found O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKCU..\Run: [OpAgent] "OpAgent.exe" /agent File not found O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\Run: [SkyDrive] C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1" File not found O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64" File not found O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112" File not found O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" File not found O4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1" File not found O4 - Startup: C:\Users\SigridScherer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AstroWorld Today.lnk = C:\Program Files (x86)\AstroWorldSuite\AstroWorld Today\Daily.exe () O4 - Startup: C:\Users\SigridScherer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\SigridScherer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\SigridScherer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{500FFCC8-1D4F-4DD7-950F-0E51E2D5860B}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BE9C00B-290E-4919-B501-E303E60479E8}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{725BD730-750F-473A-A359-F491A9B7B9B5}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{768BE31B-0F31-4700-86AE-711D841C23DE}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7330115-0A4D-4424-A714-D91988037F22}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8A1B9CF-338A-405E-9B61-2C6C49DC9320}: NameServer = 193.189.244.206 193.189.244.225 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.06.10 17:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 22:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited) O33 - MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\Shell - "" = AutoRun O33 - MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.03.03 23:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.03 23:55:40 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.03.03 23:55:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.03.03 23:50:37 | 000,000,000 | ---D | C] -- C:\Users\SigridScherer\AppData\Local\Programs [2013.03.03 23:50:28 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\SigridScherer\Desktop\mbam-setup-1.70.0.1100(1).exe [2013.03.03 23:49:29 | 000,000,000 | ---D | C] -- C:\Users\SigridScherer\AppData\Roaming\File Scout [2013.03.03 21:22:07 | 000,000,000 | ---D | C] -- C:\_OTL [2013.03.03 11:07:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\SigridScherer\Desktop\OTL.exe [2013.03.02 01:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.03.02 01:46:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.02.26 16:19:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2013.02.26 16:19:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2013.02.09 23:14:41 | 000,000,000 | ---D | C] -- C:\Users\SigridScherer\AppData\Roaming\Free Monitor for Google [2013.02.09 22:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Monitor for Google [2013.02.09 22:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Monitor for Google [2010.05.25 10:36:56 | 002,879,818 | ---- | C] (Ingo H. de Boer ) -- C:\Program Files\WinGeno11.exe [2 C:\Users\SigridScherer\Desktop\*.tmp files -> C:\Users\SigridScherer\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.04 18:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.04 18:11:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.04 17:30:20 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.04 17:30:20 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.04 17:14:40 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2013.03.04 17:14:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.04 08:11:01 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.04 06:59:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SigridScherer\Desktop\OTL.exe [2013.03.03 23:55:41 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.03 23:50:09 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\SigridScherer\Desktop\mbam-setup-1.70.0.1100(1).exe [2013.03.03 23:41:54 | 000,008,871 | ---- | M] () -- C:\Users\SigridScherer\Desktop\downloadget.php [2013.03.03 22:40:05 | 3061,223,424 | -HS- | M] () -- C:\hiberfil.sys [2013.03.03 22:35:45 | 002,434,651 | ---- | M] () -- C:\Users\SigridScherer\Desktop\Diagnose chinesische Medizin.pdf [2013.03.03 20:05:06 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.03 20:05:06 | 000,654,340 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.03 20:05:06 | 000,616,182 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.03 20:05:06 | 000,130,180 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.03 20:05:06 | 000,106,562 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.03.03 19:00:00 | 000,133,638 | ---- | M] () -- C:\Users\SigridScherer\Desktop\OTL logfile created on 2.pdf [2013.03.03 17:35:55 | 484,360,842 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.03.03 17:14:52 | 079,409,818 | ---- | M] () -- C:\Users\SigridScherer\Documents\Firefox 19.0 (de) - 2013-03-03.pcv [2013.03.03 16:43:51 | 2261,230,725 | ---- | M] () -- C:\Users\SigridScherer\Documents\Thunderbird 17.0.3 (de) - 2013-03-03.pcv [2013.03.03 16:26:27 | 000,171,734 | ---- | M] () -- C:\Users\SigridScherer\Desktop\Trojaner 999.pdf [2013.03.03 16:12:09 | 000,377,856 | ---- | M] () -- C:\Users\SigridScherer\Desktop\gmer_2.1.19115.exe [2013.03.03 15:46:46 | 000,014,602 | ---- | M] () -- C:\Users\SigridScherer\Desktop\get-mirror-server.html [2013.03.03 11:43:21 | 000,000,000 | ---- | M] () -- C:\Users\SigridScherer\defogger_reenable [2013.03.03 11:07:08 | 000,050,477 | ---- | M] () -- C:\Users\SigridScherer\Desktop\Defogger.exe [2013.02.28 03:20:10 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2013.02.26 16:19:17 | 000,001,309 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk [2013.02.26 16:19:17 | 000,001,246 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk [2013.02.22 22:36:10 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2013.02.22 12:13:53 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.02.20 22:24:07 | 000,141,856 | ---- | M] () -- C:\Users\SigridScherer\Desktop\Konold Programm.pdf [2013.02.16 03:18:17 | 000,365,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.15 19:26:49 | 000,383,579 | ---- | M] () -- C:\Users\SigridScherer\Desktop\Gesamtdokument_Modul_1.pdf [2013.02.10 21:47:11 | 938,986,644 | ---- | M] () -- C:\Users\SigridScherer\Documents\0210210056DVB-T3sat.mpg [2013.02.09 22:42:47 | 000,001,030 | ---- | M] () -- C:\Users\SigridScherer\Desktop\Free Monitor for Google.lnk [2013.02.02 22:16:09 | 000,001,067 | ---- | M] () -- C:\Users\SigridScherer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2 C:\Users\SigridScherer\Desktop\*.tmp files -> C:\Users\SigridScherer\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.03 23:55:41 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.03 23:41:52 | 000,008,871 | ---- | C] () -- C:\Users\SigridScherer\Desktop\downloadget.php [2013.03.03 22:35:39 | 002,434,651 | ---- | C] () -- C:\Users\SigridScherer\Desktop\Diagnose chinesische Medizin.pdf [2013.03.03 18:59:51 | 000,133,638 | ---- | C] () -- C:\Users\SigridScherer\Desktop\OTL logfile created on 2.pdf [2013.03.03 17:13:37 | 079,409,818 | ---- | C] () -- C:\Users\SigridScherer\Documents\Firefox 19.0 (de) - 2013-03-03.pcv [2013.03.03 16:34:21 | 2261,230,725 | ---- | C] () -- C:\Users\SigridScherer\Documents\Thunderbird 17.0.3 (de) - 2013-03-03.pcv [2013.03.03 16:26:17 | 000,171,734 | ---- | C] () -- C:\Users\SigridScherer\Desktop\Trojaner 999.pdf [2013.03.03 15:56:11 | 000,377,856 | ---- | C] () -- C:\Users\SigridScherer\Desktop\gmer_2.1.19115.exe [2013.03.03 15:46:45 | 000,014,602 | ---- | C] () -- C:\Users\SigridScherer\Desktop\get-mirror-server.html [2013.03.03 11:43:21 | 000,000,000 | ---- | C] () -- C:\Users\SigridScherer\defogger_reenable [2013.03.03 11:07:07 | 000,050,477 | ---- | C] () -- C:\Users\SigridScherer\Desktop\Defogger.exe [2013.02.26 16:19:17 | 000,001,309 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube Download.lnk [2013.02.26 16:19:17 | 000,001,246 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk [2013.02.20 22:24:06 | 000,141,856 | ---- | C] () -- C:\Users\SigridScherer\Desktop\Konold Programm.pdf [2013.02.15 19:26:48 | 000,383,579 | ---- | C] () -- C:\Users\SigridScherer\Desktop\Gesamtdokument_Modul_1.pdf [2013.02.10 21:00:56 | 938,986,644 | ---- | C] () -- C:\Users\SigridScherer\Documents\0210210056DVB-T3sat.mpg [2013.02.09 22:42:47 | 000,001,030 | ---- | C] () -- C:\Users\SigridScherer\Desktop\Free Monitor for Google.lnk [2013.01.02 20:02:18 | 000,000,024 | ---- | C] () -- C:\ProgramData\process.inc [2013.01.02 14:13:08 | 000,103,832 | ---- | C] () -- C:\Users\SigridScherer\GoToAssistDownloadHelper.exe [2012.12.26 10:56:25 | 000,049,152 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.dll [2012.12.26 10:56:25 | 000,003,456 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.sys [2012.12.26 10:56:16 | 000,598,016 | R--- | C] () -- C:\Windows\SysWow64\sptlib21.dll [2012.12.26 10:56:16 | 000,307,200 | R--- | C] () -- C:\Windows\SysWow64\sptlib01.dll [2012.12.26 10:56:16 | 000,294,912 | R--- | C] () -- C:\Windows\SysWow64\sptlib11.dll [2012.12.26 10:56:16 | 000,290,816 | R--- | C] () -- C:\Windows\SysWow64\sptlib22.dll [2012.12.26 10:56:16 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib03.dll [2012.12.26 10:56:16 | 000,225,280 | R--- | C] () -- C:\Windows\SysWow64\sptlib02.dll [2012.12.26 10:56:16 | 000,135,168 | R--- | C] () -- C:\Windows\SysWow64\sptlib12.dll [2012.12.16 13:20:36 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\TXTUSER.EXE [2012.11.29 11:55:17 | 000,000,080 | ---- | C] () -- C:\Windows\wiso.ini [2012.11.21 10:37:30 | 000,484,656 | ---- | C] () -- C:\Windows\ssndii.exe [2012.08.30 08:05:59 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012.08.16 08:59:37 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7420.DAT [2012.08.16 08:53:01 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2012.08.16 08:53:01 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2012.08.10 20:32:46 | 000,000,845 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2012.08.10 20:32:46 | 000,000,168 | ---- | C] () -- C:\Windows\brpcfx.ini [2012.08.10 20:31:57 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2011.12.15 18:47:28 | 000,000,019 | ---- | C] () -- C:\Windows\SoundConverter.INI [2011.11.07 22:14:23 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.11.07 13:48:35 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2011.09.17 02:50:04 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.09.16 17:23:27 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2011.09.16 17:23:26 | 000,105,408 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2011.09.16 17:23:25 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.05.25 10:36:58 | 000,000,733 | ---- | C] () -- C:\Program Files\XnView.lnk [2010.05.25 10:36:56 | 000,002,001 | ---- | C] () -- C:\Program Files\Ulead Photo Express 4.0 SE.lnk [2010.05.25 10:36:56 | 000,001,943 | ---- | C] () -- C:\Program Files\Philips GoGear Spark Gere-Manager.lnk [2010.05.25 10:36:56 | 000,001,848 | ---- | C] () -- C:\Program Files\PHOTOfunSTUDIO -viewer-.lnk [2010.05.25 10:36:56 | 000,001,791 | ---- | C] () -- C:\Program Files\Toshiba TEMPRO-Meldungen.lnk [2010.05.25 10:36:56 | 000,000,923 | ---- | C] () -- C:\Program Files\Switch.lnk [2010.05.25 10:36:56 | 000,000,845 | ---- | C] () -- C:\Program Files\profiSUBMIT.lnk [2010.05.25 10:36:56 | 000,000,743 | ---- | C] () -- C:\Program Files\WinGeno.lnk [2010.05.25 10:36:46 | 054,732,488 | ---- | C] () -- C:\Program Files\PDFT20_TB.exe [2010.05.25 10:36:46 | 000,001,920 | ---- | C] () -- C:\Program Files\Panorama Maker 4.lnk [2010.05.25 10:36:46 | 000,001,891 | ---- | C] () -- C:\Program Files\PaperPort.lnk [2010.05.25 10:36:46 | 000,001,009 | ---- | C] () -- C:\Program Files\OpenOffice.org 3.1.lnk [2010.05.25 10:36:46 | 000,000,978 | ---- | C] () -- C:\Program Files\PDF-Datei umwandeln in... .lnk [2010.05.25 10:36:46 | 000,000,956 | ---- | C] () -- C:\Program Files\PDF-Datei erstellen .lnk [2010.05.25 10:36:46 | 000,000,859 | ---- | C] () -- C:\Program Files\pdfsam.lnk [2010.05.25 10:36:17 | 162,153,104 | ---- | C] () -- C:\Program Files\OOo_3.1.0_Win32Intel_install_wJRE_de.exe [2010.05.25 10:36:17 | 000,002,115 | ---- | C] () -- C:\Program Files\Media Impression.lnk [2010.05.25 10:36:17 | 000,002,000 | ---- | C] () -- C:\Program Files\Nokia Software Updater.lnk [2010.05.25 10:36:17 | 000,001,928 | ---- | C] () -- C:\Program Files\Nokia Ovi Suite.lnk [2010.05.25 10:36:17 | 000,001,908 | ---- | C] () -- C:\Program Files\Nokia PC Suite.lnk [2010.05.25 10:36:17 | 000,000,936 | ---- | C] () -- C:\Program Files\MailStore Home.lnk [2010.05.25 10:36:17 | 000,000,919 | ---- | C] () -- C:\Program Files\MyHeritage Family Tree Builder.lnk [2010.05.25 10:36:17 | 000,000,815 | ---- | C] () -- C:\Program Files\McAfee Security Scan.lnk [2010.05.25 10:36:17 | 000,000,738 | ---- | C] () -- C:\Program Files\KaloMa 5.0.lnk [2010.05.25 10:36:17 | 000,000,709 | ---- | C] () -- C:\Program Files\MAGIX MP3 Maker SE.lnk [2010.05.25 10:36:17 | 000,000,695 | ---- | C] () -- C:\Program Files\Nvu.lnk [2010.05.25 10:36:17 | 000,000,104 | ---- | C] () -- C:\Program Files\Microsoft Outlook - Verknüpfung.lnk [2010.05.25 10:36:17 | 000,000,104 | ---- | C] () -- C:\Program Files\Microsoft Outlook - Verknüpfung (3).lnk [2010.05.25 10:36:17 | 000,000,104 | ---- | C] () -- C:\Program Files\Microsoft Outlook - Verknüpfung (2).lnk [2010.05.25 10:36:16 | 000,002,725 | ---- | C] () -- C:\Program Files\Infoalp Pdf Splitter & Merger.lnk [2010.05.25 10:36:16 | 000,001,746 | ---- | C] () -- C:\Program Files\iMB SLMB 1.0.lnk [2010.05.25 10:36:16 | 000,000,775 | ---- | C] () -- C:\Program Files\Juice.lnk [2010.05.25 10:36:15 | 001,226,417 | ---- | C] () -- C:\Program Files\HomepageFIX_sigrid_scherer_19-07-2009_22-22-01.zip [2010.05.25 10:36:15 | 000,002,078 | ---- | C] () -- C:\Program Files\Google Earth.lnk [2010.05.25 10:36:15 | 000,001,976 | ---- | C] () -- C:\Program Files\Google Chrome.lnk [2010.05.25 10:36:15 | 000,001,892 | ---- | C] () -- C:\Program Files\Adobe Reader 9.lnk [2010.05.25 10:36:15 | 000,001,887 | ---- | C] () -- C:\Program Files\Adobe Reader 8.lnk [2010.05.25 10:36:15 | 000,001,790 | ---- | C] () -- C:\Program Files\Chandler.lnk [2010.05.25 10:36:15 | 000,001,675 | ---- | C] () -- C:\Program Files\CCleaner.lnk [2010.05.25 10:36:15 | 000,001,461 | ---- | C] () -- C:\Program Files\AstroStar Profi 4.0.lnk [2010.05.25 10:36:15 | 000,001,023 | ---- | C] () -- C:\Program Files\Foxit Reader.lnk [2010.05.25 10:36:15 | 000,001,020 | ---- | C] () -- C:\Program Files\ElsterFormular 2008-2009.lnk [2010.05.25 10:36:15 | 000,000,948 | ---- | C] () -- C:\Program Files\GMX Upload-Manager.lnk [2010.05.25 10:36:15 | 000,000,822 | ---- | C] () -- C:\Program Files\Digitale Bibliothek 4.lnk ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.07 09:28:30 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\1&1 [2012.08.14 19:16:13 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Babylon [2012.08.28 21:30:14 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\BrowserCompanion [2012.11.29 12:21:11 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Buhl Data Service [2011.12.13 20:14:09 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager [2012.08.14 19:07:48 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\convert [2013.03.04 17:14:24 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Dropbox [2013.02.26 16:19:09 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\DVDVideoSoft [2013.02.26 16:19:20 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\DVDVideoSoftIEHelpers [2012.08.15 09:38:09 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\elsterformular [2013.03.03 23:49:29 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\File Scout [2013.01.17 23:14:50 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\FileZilla [2013.02.10 10:54:46 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Free Monitor for Google [2011.11.09 05:49:49 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\GMX [2012.11.10 10:58:26 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\ICAClient [2012.08.11 12:22:15 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\IN-MEDIAKG [2012.09.20 20:47:28 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\InterVideo [2011.11.07 13:21:58 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Leadertech [2011.11.07 22:11:27 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\LibreOffice [2012.08.14 19:22:27 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\loadtbs [2013.01.02 20:04:52 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\mresreg [2012.09.17 21:20:46 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Nokia [2013.01.02 12:40:51 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Notepad++ [2013.02.26 16:19:09 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\OpenCandy [2011.11.24 20:06:30 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\OpenOffice.org [2012.02.01 19:43:39 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\PC Suite [2012.11.22 10:27:40 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\PC-FAX TX [2011.11.18 16:48:27 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\PCDr [2012.12.30 21:02:14 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\PerformerSoft [2012.12.28 18:22:39 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\PhotoScape [2012.08.30 09:59:14 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\ScanSoft [2011.11.07 21:39:18 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\TeamViewer [2011.12.16 15:05:27 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Telefónica [2012.08.11 15:37:03 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\TGCMLog [2011.11.07 13:43:15 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Thunderbird [2012.10.16 13:12:24 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\TuneUp Software [2012.08.30 08:44:22 | 000,000,000 | ---D | M] -- C:\Users\SigridScherer\AppData\Roaming\Zeon ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.08.11 08:50:11 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.02.15 10:42:43 | 000,000,000 | -HSD | M] -- C:\Boot [2012.12.16 13:36:50 | 000,000,000 | ---D | M] -- C:\Brother [2013.03.03 17:35:52 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.11.07 13:17:23 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.11.19 12:07:03 | 000,000,000 | ---D | M] -- C:\HDW40_TMP [2011.09.16 17:23:30 | 000,000,000 | ---D | M] -- C:\Intel [2011.09.17 02:40:07 | 000,000,000 | ---D | M] -- C:\mfg [2012.08.29 20:12:03 | 000,000,000 | ---D | M] -- C:\OP16ProSP1 [2012.12.16 13:20:37 | 000,000,000 | ---D | M] -- C:\pc-bib [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.11.21 22:13:43 | 000,000,000 | R--D | M] -- C:\Program Files [2013.03.03 23:55:39 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2013.02.22 22:36:10 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.11.07 13:17:23 | 000,000,000 | -HSD | M] -- C:\Programme [2013.01.10 15:55:14 | 000,000,000 | -H-D | M] -- C:\SkyDriveTemp [2011.11.07 13:21:08 | 000,000,000 | ---D | M] -- C:\swshare [2011.11.07 13:21:12 | 000,000,000 | ---D | M] -- C:\SWTOOLS [2013.03.04 18:45:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.08.10 20:30:18 | 000,000,000 | R--D | M] -- C:\Users [2013.03.03 17:35:55 | 000,000,000 | ---D | M] -- C:\Windows [2013.03.03 21:22:07 | 000,000,000 | ---D | M] -- C:\_OTL < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 06:08:49 | 000,032,616 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.11.07 13:17:40 | 000,000,466 | ---- | C] () -- C:\Windows\Tasks\SystemToolsDailyTest.job [2011.11.07 13:17:41 | 000,000,528 | ---- | C] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [2012.08.11 08:47:45 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.12.28 18:12:50 | 000,001,120 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.12.28 18:12:58 | 000,001,124 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job < MD5 for: AGP440.SYS > [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2011.11.28 13:32:42 | 000,036,352 | ---- | M] (Panasonic Corporation) MD5=13AC953457F078435DF6CBB5ED46F4EC -- C:\Program Files (x86)\Panasonic\HD Writer AE 4.0\Core\EventLog\EventLog.dll [2011.11.28 13:32:42 | 000,036,352 | ---- | M] (Panasonic Corporation) MD5=13AC953457F078435DF6CBB5ED46F4EC -- C:\Program Files (x86)\Panasonic\HD Writer AE 4.0\Core\Spec\AVCHD\BDCore\EventLog.dll < MD5 for: EXPLORER.EXE > [2011.09.17 03:03:13 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011.09.17 03:03:13 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.09.17 03:03:13 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.09.17 03:03:13 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011.09.17 03:03:13 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.09.17 03:03:13 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: IASTOR.SYS > [2010.01.15 21:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\SWTOOLS\DRIVERS\IMSM\iaStor.sys [2010.01.15 21:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\drivers\iaStor.sys [2010.01.15 21:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_5d42c6448888c5bd\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.09.17 03:05:28 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.09.17 03:05:28 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.09.17 03:05:28 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.09.17 03:05:28 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.09.17 03:05:28 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.09.17 03:05:28 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.09.17 03:05:28 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.09.17 03:05:28 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [2009.07.14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll < %USERPROFILE%\*.* > [2013.03.03 11:43:21 | 000,000,000 | ---- | M] () -- C:\Users\SigridScherer\defogger_reenable [2013.01.02 14:13:09 | 000,103,832 | ---- | M] () -- C:\Users\SigridScherer\GoToAssistDownloadHelper.exe [2013.03.04 18:43:26 | 005,242,880 | -HS- | M] () -- C:\Users\SigridScherer\ntuser.dat [2013.03.04 18:43:26 | 000,262,144 | -HS- | M] () -- C:\Users\SigridScherer\ntuser.dat.LOG1 [2011.11.07 13:17:27 | 000,000,000 | -HS- | M] () -- C:\Users\SigridScherer\ntuser.dat.LOG2 [2011.11.07 14:13:00 | 000,065,536 | -HS- | M] () -- C:\Users\SigridScherer\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2011.11.07 14:13:00 | 000,524,288 | -HS- | M] () -- C:\Users\SigridScherer\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2011.11.07 14:13:00 | 000,524,288 | -HS- | M] () -- C:\Users\SigridScherer\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012.05.01 18:22:48 | 000,065,536 | -HS- | M] () -- C:\Users\SigridScherer\ntuser.dat{eccba8c6-93ae-11e1-8d71-e89a8fd0b317}.TM.blf [2012.05.01 18:22:48 | 000,524,288 | -HS- | M] () -- C:\Users\SigridScherer\ntuser.dat{eccba8c6-93ae-11e1-8d71-e89a8fd0b317}.TMContainer00000000000000000001.regtrans-ms [2012.05.01 18:22:48 | 000,524,288 | -HS- | M] () -- C:\Users\SigridScherer\ntuser.dat{eccba8c6-93ae-11e1-8d71-e89a8fd0b317}.TMContainer00000000000000000002.regtrans-ms [2011.11.07 13:17:27 | 000,000,020 | -HS- | M] () -- C:\Users\SigridScherer\ntuser.ini [2012.08.16 08:23:21 | 000,000,000 | ---- | M] () -- C:\Users\SigridScherer\Sti_Trace.log < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ========== Alternate Data Streams ========== @Alternate Data Stream - 1097 bytes -> C:\Users\SigridScherer\Desktop\Ihr Eintrag wurde vorlaeufig im Therapeuten-Netzwerk aufgenommen.eml:OECustomProperty < End of report > |
|
04.03.2013, 19:21
| #10 |
| /// Malware-holic | Trojaner tracking999/findgala den fix solltest du noch mal ausführen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.03.2013, 19:43
| #11 |
| | Trojaner tracking999/findgala All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{DFEFCDEE-CF1A-4FC8-88AD-129872198372} not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{DFEFCDEE-CF1A-4FC8-88AD-129872198372} not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PWMTRV not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OpAgent not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDriveO4 - HKCU..\RunOnce: [Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112 not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\SigridScherer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1 deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft &Excel exportieren\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft &Excel exportieren\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{091cc397-e07e-11e0-b19a-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{091cc397-e07e-11e0-b19a-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{091cc397-e07e-11e0-b19a-806e6f6e6963}\ not found. File Q:\LenovoQDrive.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1dffa550-510f-11e2-8a15-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5f0b372e-1afa-11e2-8479-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70f57da0-0743-11e2-878a-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70f57da0-0743-11e2-878a-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70f57da0-0743-11e2-878a-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{826c83c7-ea6a-11e1-8c83-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f6ff1-27de-11e1-be69-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f6ffe-27de-11e1-be69-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f700b-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f700b-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f700b-27de-11e1-be69-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f7029-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932f7029-27de-11e1-be69-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{932f7029-27de-11e1-be69-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa36faa2-00e0-11e2-9aa1-e89a8fd0b317}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found. File E:\LaunchU3.exe -a not found. ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: SigridScherer ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1425542 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 4169111 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes RecycleBin emptied: 1153564635 bytes Total Files Cleaned = 1.105,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 03042013_193623 Files\Folders moved on Reboot... File\Folder C:\Users\SigridScherer\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! PendingFileRenameOperations files... Registry entries deleted on Reboot... |
|
04.03.2013, 20:41
| #12 |
| /// Malware-holic | Trojaner tracking999/findgala Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.03.2013, 21:33
| #13 | |
| | Trojaner tracking999/findgalaZitat:
21:31:05.0550 6360 ============================================================ 21:31:05.0550 6360 Current date / time: 2013/03/04 21:31:05.0550 21:31:05.0550 6360 SystemInfo: 21:31:05.0550 6360 21:31:05.0550 6360 OS Version: 6.1.7601 ServicePack: 1.0 21:31:05.0550 6360 Product type: Workstation 21:31:05.0550 6360 ComputerName: SIGRID 21:31:05.0550 6360 UserName: SigridScherer 21:31:05.0550 6360 Windows directory: C:\Windows 21:31:05.0550 6360 System windows directory: C:\Windows 21:31:05.0550 6360 Running under WOW64 21:31:05.0550 6360 Processor architecture: Intel x64 21:31:05.0550 6360 Number of processors: 4 21:31:05.0550 6360 Page size: 0x1000 21:31:05.0550 6360 Boot type: Normal boot 21:31:05.0550 6360 ============================================================ 21:31:06.0016 6360 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:31:06.0021 6360 Drive \Device\Harddisk1\DR1 - Size: 0xEE2B7E00 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:31:06.0030 6360 ============================================================ 21:31:06.0030 6360 \Device\Harddisk0\DR0: 21:31:06.0031 6360 MBR partitions: 21:31:06.0031 6360 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000 21:31:06.0031 6360 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x38DA4FF8 21:31:06.0031 6360 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38FFD800, BlocksNum 0x1388000 21:31:06.0031 6360 \Device\Harddisk1\DR1: 21:31:06.0032 6360 MBR partitions: 21:31:06.0032 6360 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x40, BlocksNum 0x77157F 21:31:06.0032 6360 ============================================================ 21:31:06.0055 6360 C: <-> \Device\Harddisk0\DR0\Partition2 21:31:06.0119 6360 Q: <-> \Device\Harddisk0\DR0\Partition3 21:31:06.0119 6360 ============================================================ 21:31:06.0119 6360 Initialize success 21:31:06.0119 6360 ============================================================ 21:31:07.0526 5868 ============================================================ 21:31:07.0526 5868 Scan started 21:31:07.0526 5868 Mode: Manual; 21:31:07.0526 5868 ============================================================ 21:31:07.0792 5868 ================ Scan system memory ======================== 21:31:07.0792 5868 System memory - ok 21:31:07.0792 5868 ================ Scan services ============================= 21:31:07.0929 5868 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:31:07.0931 5868 1394ohci - ok 21:31:07.0976 5868 [ 0FC813D822BFC06169CE4E0D00669021 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys 21:31:07.0977 5868 5U877 - ok 21:31:07.0998 5868 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:31:08.0000 5868 ACPI - ok 21:31:08.0014 5868 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:31:08.0015 5868 AcpiPmi - ok 21:31:08.0144 5868 [ DEECCADBD25F65D65293A09721B3A447 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 21:31:08.0146 5868 AcPrfMgrSvc - ok 21:31:08.0163 5868 [ A7753804C6C66C9C80F4E29659FD721C ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 21:31:08.0165 5868 AcSvc - ok 21:31:08.0276 5868 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:31:08.0277 5868 AdobeARMservice - ok 21:31:08.0409 5868 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:31:08.0413 5868 AdobeFlashPlayerUpdateSvc - ok 21:31:08.0454 5868 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:31:08.0459 5868 adp94xx - ok 21:31:08.0508 5868 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:31:08.0510 5868 adpahci - ok 21:31:08.0527 5868 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:31:08.0529 5868 adpu320 - ok 21:31:08.0557 5868 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:31:08.0558 5868 AeLookupSvc - ok 21:31:08.0604 5868 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 21:31:08.0608 5868 AFD - ok 21:31:08.0639 5868 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:31:08.0640 5868 agp440 - ok 21:31:08.0664 5868 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:31:08.0665 5868 ALG - ok 21:31:08.0696 5868 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:31:08.0697 5868 aliide - ok 21:31:08.0707 5868 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:31:08.0707 5868 amdide - ok 21:31:08.0725 5868 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:31:08.0726 5868 AmdK8 - ok 21:31:08.0742 5868 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:31:08.0743 5868 AmdPPM - ok 21:31:08.0761 5868 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:31:08.0763 5868 amdsata - ok 21:31:08.0795 5868 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:31:08.0797 5868 amdsbs - ok 21:31:08.0812 5868 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:31:08.0813 5868 amdxata - ok 21:31:08.0889 5868 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 21:31:08.0890 5868 AntiVirSchedulerService - ok 21:31:08.0910 5868 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 21:31:08.0912 5868 AntiVirService - ok 21:31:08.0963 5868 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:31:08.0964 5868 AppID - ok 21:31:08.0995 5868 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:31:08.0996 5868 AppIDSvc - ok 21:31:09.0015 5868 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 21:31:09.0016 5868 Appinfo - ok 21:31:09.0100 5868 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:31:09.0101 5868 Apple Mobile Device - ok 21:31:09.0134 5868 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 21:31:09.0135 5868 arc - ok 21:31:09.0150 5868 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:31:09.0151 5868 arcsas - ok 21:31:09.0175 5868 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:31:09.0175 5868 AsyncMac - ok 21:31:09.0200 5868 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:31:09.0201 5868 atapi - ok 21:31:09.0243 5868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:31:09.0248 5868 AudioEndpointBuilder - ok 21:31:09.0275 5868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:31:09.0281 5868 AudioSrv - ok 21:31:09.0338 5868 [ F0FC8614A0200F0DFEF70FEA581CB84E ] AVerAF35 C:\Windows\system32\Drivers\AVerAF35.sys 21:31:09.0342 5868 AVerAF35 - ok 21:31:09.0411 5868 [ A33C07F7527FC4CBC664C3137EB7D744 ] AVerRemote C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe 21:31:09.0413 5868 AVerRemote - ok 21:31:09.0441 5868 [ 9AEBB2D487D9BF4C0F354899D842EDD0 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 21:31:09.0443 5868 AVerScheduleService - ok 21:31:09.0455 5868 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 21:31:09.0456 5868 avgntflt - ok 21:31:09.0507 5868 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 21:31:09.0508 5868 avipbb - ok 21:31:09.0520 5868 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 21:31:09.0520 5868 avkmgr - ok 21:31:09.0578 5868 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:31:09.0579 5868 AxInstSV - ok 21:31:09.0619 5868 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:31:09.0621 5868 b06bdrv - ok 21:31:09.0673 5868 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:31:09.0675 5868 b57nd60a - ok 21:31:09.0710 5868 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:31:09.0711 5868 BDESVC - ok 21:31:09.0725 5868 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:31:09.0725 5868 Beep - ok 21:31:09.0771 5868 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:31:09.0776 5868 BFE - ok 21:31:09.0807 5868 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 21:31:09.0813 5868 BITS - ok 21:31:09.0843 5868 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:31:09.0843 5868 blbdrive - ok 21:31:09.0894 5868 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:31:09.0895 5868 bowser - ok 21:31:09.0926 5868 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:31:09.0926 5868 BrFiltLo - ok 21:31:09.0938 5868 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:31:09.0938 5868 BrFiltUp - ok 21:31:09.0983 5868 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:31:09.0984 5868 Browser - ok 21:31:10.0022 5868 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys 21:31:10.0024 5868 Brserid - ok 21:31:10.0039 5868 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:31:10.0040 5868 BrSerWdm - ok 21:31:10.0068 5868 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:31:10.0069 5868 BrUsbMdm - ok 21:31:10.0101 5868 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys 21:31:10.0102 5868 BrUsbSer - ok 21:31:10.0177 5868 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 21:31:10.0181 5868 BrYNSvc - ok 21:31:10.0239 5868 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 21:31:10.0239 5868 BthEnum - ok 21:31:10.0274 5868 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:31:10.0275 5868 BTHMODEM - ok 21:31:10.0309 5868 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:31:10.0310 5868 BthPan - ok 21:31:10.0370 5868 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 21:31:10.0377 5868 BTHPORT - ok 21:31:10.0409 5868 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:31:10.0410 5868 bthserv - ok 21:31:10.0455 5868 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 21:31:10.0456 5868 BTHUSB - ok 21:31:10.0497 5868 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys 21:31:10.0498 5868 btusbflt - ok 21:31:10.0512 5868 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 21:31:10.0513 5868 btwaudio - ok 21:31:10.0547 5868 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 21:31:10.0549 5868 btwavdt - ok 21:31:10.0633 5868 [ 1BA00F5A3012365CB5B1A5DBABC1943C ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 21:31:10.0646 5868 btwdins - ok 21:31:10.0666 5868 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 21:31:10.0666 5868 btwl2cap - ok 21:31:10.0698 5868 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 21:31:10.0698 5868 btwrchid - ok 21:31:10.0714 5868 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:31:10.0714 5868 cdfs - ok 21:31:10.0755 5868 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:31:10.0757 5868 cdrom - ok 21:31:10.0784 5868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:31:10.0785 5868 CertPropSvc - ok 21:31:10.0825 5868 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 21:31:10.0826 5868 circlass - ok 21:31:10.0847 5868 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:31:10.0851 5868 CLFS - ok 21:31:10.0939 5868 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:31:10.0940 5868 clr_optimization_v2.0.50727_32 - ok 21:31:10.0990 5868 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:31:10.0992 5868 clr_optimization_v2.0.50727_64 - ok 21:31:11.0050 5868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:31:11.0052 5868 clr_optimization_v4.0.30319_32 - ok 21:31:11.0125 5868 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:31:11.0126 5868 clr_optimization_v4.0.30319_64 - ok 21:31:11.0164 5868 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:31:11.0164 5868 CmBatt - ok 21:31:11.0185 5868 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:31:11.0185 5868 cmdide - ok 21:31:11.0239 5868 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 21:31:11.0242 5868 CNG - ok 21:31:11.0262 5868 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:31:11.0262 5868 Compbatt - ok 21:31:11.0301 5868 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:31:11.0302 5868 CompositeBus - ok 21:31:11.0320 5868 COMSysApp - ok 21:31:11.0343 5868 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:31:11.0343 5868 crcdisk - ok 21:31:11.0393 5868 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:31:11.0395 5868 CryptSvc - ok 21:31:11.0437 5868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:31:11.0442 5868 DcomLaunch - ok 21:31:11.0472 5868 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:31:11.0475 5868 defragsvc - ok 21:31:11.0497 5868 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:31:11.0498 5868 DfsC - ok 21:31:11.0530 5868 DgiVecp - ok 21:31:11.0552 5868 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:31:11.0555 5868 Dhcp - ok 21:31:11.0581 5868 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:31:11.0582 5868 discache - ok 21:31:11.0616 5868 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 21:31:11.0617 5868 Disk - ok 21:31:11.0642 5868 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:31:11.0644 5868 Dnscache - ok 21:31:11.0678 5868 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:31:11.0680 5868 dot3svc - ok 21:31:11.0695 5868 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:31:11.0697 5868 DPS - ok 21:31:11.0724 5868 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:31:11.0724 5868 drmkaud - ok 21:31:11.0759 5868 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:31:11.0767 5868 DXGKrnl - ok 21:31:11.0798 5868 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:31:11.0800 5868 EapHost - ok 21:31:11.0893 5868 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:31:11.0915 5868 ebdrv - ok 21:31:11.0945 5868 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 21:31:11.0946 5868 EFS - ok 21:31:12.0005 5868 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:31:12.0013 5868 ehRecvr - ok 21:31:12.0026 5868 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 21:31:12.0028 5868 ehSched - ok 21:31:12.0077 5868 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:31:12.0083 5868 elxstor - ok 21:31:12.0108 5868 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:31:12.0110 5868 ErrDev - ok 21:31:12.0155 5868 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:31:12.0159 5868 EventSystem - ok 21:31:12.0208 5868 [ CA2E486FE6212FFD5FD171AC1A0B17BE ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys 21:31:12.0215 5868 ewusbmbb - ok 21:31:12.0258 5868 ewusbnet - ok 21:31:12.0301 5868 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 21:31:12.0304 5868 ew_hwusbdev - ok 21:31:12.0343 5868 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:31:12.0348 5868 exfat - ok 21:31:12.0375 5868 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:31:12.0386 5868 fastfat - ok 21:31:12.0440 5868 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 21:31:12.0446 5868 Fax - ok 21:31:12.0465 5868 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 21:31:12.0467 5868 fdc - ok 21:31:12.0496 5868 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:31:12.0497 5868 fdPHost - ok 21:31:12.0514 5868 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:31:12.0515 5868 FDResPub - ok 21:31:12.0541 5868 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:31:12.0543 5868 FileInfo - ok 21:31:12.0557 5868 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:31:12.0559 5868 Filetrace - ok 21:31:12.0585 5868 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:31:12.0587 5868 flpydisk - ok 21:31:12.0603 5868 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:31:12.0608 5868 FltMgr - ok 21:31:12.0685 5868 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 21:31:12.0702 5868 FontCache - ok 21:31:12.0794 5868 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:31:12.0796 5868 FontCache3.0.0.0 - ok 21:31:12.0825 5868 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:31:12.0828 5868 FsDepends - ok 21:31:12.0853 5868 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:31:12.0856 5868 Fs_Rec - ok 21:31:12.0884 5868 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:31:12.0889 5868 fvevol - ok 21:31:12.0922 5868 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:31:12.0925 5868 gagp30kx - ok 21:31:12.0967 5868 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:31:12.0970 5868 GEARAspiWDM - ok 21:31:13.0014 5868 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:31:13.0024 5868 gpsvc - ok 21:31:13.0108 5868 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:31:13.0109 5868 gupdate - ok 21:31:13.0118 5868 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:31:13.0120 5868 gupdatem - ok 21:31:13.0155 5868 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:31:13.0157 5868 hcw85cir - ok 21:31:13.0188 5868 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:31:13.0195 5868 HdAudAddService - ok 21:31:13.0224 5868 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:31:13.0227 5868 HDAudBus - ok 21:31:13.0254 5868 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 21:31:13.0257 5868 HECIx64 - ok 21:31:13.0277 5868 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:31:13.0279 5868 HidBatt - ok 21:31:13.0301 5868 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:31:13.0304 5868 HidBth - ok 21:31:13.0335 5868 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 21:31:13.0337 5868 HidIr - ok 21:31:13.0356 5868 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 21:31:13.0357 5868 hidserv - ok 21:31:13.0397 5868 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:31:13.0399 5868 HidUsb - ok 21:31:13.0419 5868 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:31:13.0421 5868 hkmsvc - ok 21:31:13.0443 5868 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:31:13.0446 5868 HomeGroupListener - ok 21:31:13.0477 5868 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:31:13.0483 5868 HomeGroupProvider - ok 21:31:13.0506 5868 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:31:13.0509 5868 HpSAMD - ok 21:31:13.0550 5868 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:31:13.0573 5868 HTTP - ok 21:31:13.0610 5868 [ 1642C62F1FD5E1FF44608283994A7BB8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys 21:31:13.0613 5868 huawei_enumerator - ok 21:31:13.0639 5868 [ 4B80AF36EE9F31361C1DCB2EE563719A ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 21:31:13.0644 5868 hwdatacard - ok 21:31:13.0657 5868 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:31:13.0657 5868 hwpolicy - ok 21:31:13.0697 5868 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:31:13.0700 5868 i8042prt - ok 21:31:13.0735 5868 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 21:31:13.0740 5868 iaStor - ok 21:31:13.0781 5868 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:31:13.0789 5868 iaStorV - ok 21:31:13.0815 5868 [ 3761FAB385F1C2F51B2FAD48CFABBE9D ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 21:31:13.0817 5868 IBMPMDRV - ok 21:31:13.0828 5868 [ FC22310F3862E2C7C8722EF4778D5CC3 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 21:31:13.0831 5868 IBMPMSVC - ok 21:31:13.0866 5868 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:31:13.0889 5868 idsvc - ok 21:31:14.0138 5868 [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:31:14.0373 5868 igfx - ok 21:31:14.0406 5868 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:31:14.0408 5868 iirsp - ok 21:31:14.0450 5868 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 21:31:14.0455 5868 IKEEXT - ok 21:31:14.0492 5868 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 21:31:14.0496 5868 Impcd - ok 21:31:14.0597 5868 [ 1C11E5D258BC374E7FBD598D75E49B75 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 21:31:14.0672 5868 IntcAzAudAddService - ok 21:31:14.0728 5868 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 21:31:14.0734 5868 IntcDAud - ok 21:31:14.0761 5868 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:31:14.0763 5868 intelide - ok 21:31:14.0800 5868 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:31:14.0801 5868 intelppm - ok 21:31:14.0839 5868 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:31:14.0843 5868 IPBusEnum - ok 21:31:14.0875 5868 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:31:14.0878 5868 IpFilterDriver - ok 21:31:14.0927 5868 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:31:14.0936 5868 iphlpsvc - ok 21:31:14.0961 5868 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:31:14.0964 5868 IPMIDRV - ok 21:31:14.0984 5868 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:31:14.0986 5868 IPNAT - ok 21:31:15.0052 5868 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:31:15.0075 5868 iPod Service - ok 21:31:15.0102 5868 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:31:15.0105 5868 IRENUM - ok 21:31:15.0133 5868 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:31:15.0136 5868 isapnp - ok 21:31:15.0160 5868 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:31:15.0166 5868 iScsiPrt - ok 21:31:15.0198 5868 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe 21:31:15.0200 5868 IviRegMgr - ok 21:31:15.0217 5868 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:31:15.0220 5868 kbdclass - ok 21:31:15.0252 5868 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:31:15.0254 5868 kbdhid - ok 21:31:15.0279 5868 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 21:31:15.0281 5868 KeyIso - ok 21:31:15.0318 5868 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:31:15.0321 5868 KSecDD - ok 21:31:15.0344 5868 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:31:15.0348 5868 KSecPkg - ok 21:31:15.0392 5868 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:31:15.0394 5868 ksthunk - ok 21:31:15.0417 5868 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:31:15.0425 5868 KtmRm - ok 21:31:15.0468 5868 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:31:15.0474 5868 LanmanServer - ok 21:31:15.0492 5868 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:31:15.0498 5868 LanmanWorkstation - ok 21:31:15.0552 5868 [ 8B5EB24FCE3926128138B769D50CEE1B ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 21:31:15.0554 5868 LENOVO.CAMMUTE - ok 21:31:15.0589 5868 [ C88EB33793420A79F601FB5E33E2EDD9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 21:31:15.0591 5868 LENOVO.MICMUTE - ok 21:31:15.0601 5868 [ 5ACFF5823634BC2C4EBF559C3B33E18E ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys 21:31:15.0604 5868 lenovo.smi - ok 21:31:15.0621 5868 [ F1A055E1381528E947CDB959117B67D0 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 21:31:15.0623 5868 LENOVO.TPKNRSVC - ok 21:31:15.0637 5868 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 21:31:15.0639 5868 Lenovo.VIRTSCRLSVC - ok 21:31:15.0671 5868 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:31:15.0673 5868 lltdio - ok 21:31:15.0690 5868 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:31:15.0697 5868 lltdsvc - ok 21:31:15.0725 5868 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:31:15.0726 5868 lmhosts - ok 21:31:15.0780 5868 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 21:31:15.0785 5868 LMS - ok 21:31:15.0821 5868 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:31:15.0825 5868 LSI_FC - ok 21:31:15.0858 5868 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:31:15.0861 5868 LSI_SAS - ok 21:31:15.0872 5868 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:31:15.0875 5868 LSI_SAS2 - ok 21:31:15.0892 5868 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:31:15.0895 5868 LSI_SCSI - ok 21:31:15.0927 5868 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:31:15.0930 5868 luafv - ok 21:31:15.0989 5868 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:31:15.0990 5868 MBAMProtector - ok 21:31:16.0082 5868 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:31:16.0091 5868 MBAMScheduler - ok 21:31:16.0164 5868 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 21:31:16.0176 5868 MBAMService - ok 21:31:16.0212 5868 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:31:16.0216 5868 Mcx2Svc - ok 21:31:16.0239 5868 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 21:31:16.0241 5868 megasas - ok 21:31:16.0259 5868 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:31:16.0266 5868 MegaSR - ok 21:31:16.0283 5868 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:31:16.0285 5868 MMCSS - ok 21:31:16.0306 5868 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:31:16.0308 5868 Modem - ok 21:31:16.0334 5868 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:31:16.0334 5868 monitor - ok 21:31:16.0378 5868 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:31:16.0380 5868 mouclass - ok 21:31:16.0411 5868 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:31:16.0413 5868 mouhid - ok 21:31:16.0445 5868 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:31:16.0467 5868 mountmgr - ok 21:31:16.0489 5868 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:31:16.0494 5868 mpio - ok 21:31:16.0518 5868 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:31:16.0525 5868 mpsdrv - ok 21:31:16.0566 5868 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:31:16.0573 5868 MpsSvc - ok 21:31:16.0597 5868 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:31:16.0601 5868 MRxDAV - ok 21:31:16.0628 5868 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:31:16.0631 5868 mrxsmb - ok 21:31:16.0665 5868 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:31:16.0670 5868 mrxsmb10 - ok 21:31:16.0683 5868 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:31:16.0685 5868 mrxsmb20 - ok 21:31:16.0711 5868 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:31:16.0712 5868 msahci - ok 21:31:16.0731 5868 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:31:16.0735 5868 msdsm - ok 21:31:16.0760 5868 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:31:16.0765 5868 MSDTC - ok 21:31:16.0781 5868 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:31:16.0782 5868 Msfs - ok 21:31:16.0787 5868 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:31:16.0789 5868 mshidkmdf - ok 21:31:16.0799 5868 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:31:16.0800 5868 msisadrv - ok 21:31:16.0829 5868 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:31:16.0833 5868 MSiSCSI - ok 21:31:16.0839 5868 msiserver - ok 21:31:16.0857 5868 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:31:16.0859 5868 MSKSSRV - ok 21:31:16.0880 5868 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:31:16.0882 5868 MSPCLOCK - ok 21:31:16.0893 5868 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:31:16.0895 5868 MSPQM - ok 21:31:16.0917 5868 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:31:16.0923 5868 MsRPC - ok 21:31:16.0943 5868 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:31:16.0943 5868 mssmbios - ok 21:31:16.0964 5868 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:31:16.0966 5868 MSTEE - ok 21:31:16.0981 5868 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:31:16.0983 5868 MTConfig - ok 21:31:16.0997 5868 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:31:16.0998 5868 Mup - ok 21:31:17.0032 5868 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:31:17.0040 5868 napagent - ok 21:31:17.0075 5868 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:31:17.0081 5868 NativeWifiP - ok 21:31:17.0145 5868 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:31:17.0178 5868 NDIS - ok 21:31:17.0224 5868 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:31:17.0227 5868 NdisCap - ok 21:31:17.0249 5868 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:31:17.0251 5868 NdisTapi - ok 21:31:17.0300 5868 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:31:17.0304 5868 Ndisuio - ok 21:31:17.0328 5868 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:31:17.0333 5868 NdisWan - ok 21:31:17.0361 5868 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:31:17.0364 5868 NDProxy - ok 21:31:17.0386 5868 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:31:17.0386 5868 NetBIOS - ok 21:31:17.0409 5868 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:31:17.0414 5868 NetBT - ok 21:31:17.0426 5868 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 21:31:17.0427 5868 Netlogon - ok 21:31:17.0457 5868 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:31:17.0460 5868 Netman - ok 21:31:17.0485 5868 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:31:17.0489 5868 netprofm - ok 21:31:17.0514 5868 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:31:17.0517 5868 NetTcpPortSharing - ok 21:31:17.0549 5868 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:31:17.0552 5868 nfrd960 - ok 21:31:17.0587 5868 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:31:17.0590 5868 NlaSvc - ok 21:31:17.0620 5868 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys 21:31:17.0623 5868 nmwcd - ok 21:31:17.0658 5868 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys 21:31:17.0660 5868 nmwcdc - ok 21:31:17.0671 5868 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:31:17.0672 5868 Npfs - ok 21:31:17.0693 5868 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:31:17.0696 5868 nsi - ok 21:31:17.0720 5868 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:31:17.0722 5868 nsiproxy - ok 21:31:17.0799 5868 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:31:17.0840 5868 Ntfs - ok 21:31:17.0856 5868 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:31:17.0858 5868 Null - ok 21:31:17.0882 5868 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:31:17.0886 5868 nvraid - ok 21:31:17.0892 5868 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:31:17.0895 5868 nvstor - ok 21:31:17.0927 5868 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:31:17.0930 5868 nv_agp - ok 21:31:17.0947 5868 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:31:17.0949 5868 ohci1394 - ok 21:31:17.0983 5868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:31:17.0989 5868 p2pimsvc - ok 21:31:18.0009 5868 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:31:18.0017 5868 p2psvc - ok 21:31:18.0123 5868 [ F9AAE0A3C086DB9E83F38BDA4C7C61E2 ] PACSPTISVR-Sound_Organizer C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe 21:31:18.0128 5868 PACSPTISVR-Sound_Organizer - ok 21:31:18.0154 5868 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 21:31:18.0157 5868 Parport - ok 21:31:18.0191 5868 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:31:18.0193 5868 partmgr - ok 21:31:18.0220 5868 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:31:18.0226 5868 PcaSvc - ok 21:31:18.0266 5868 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 21:31:18.0268 5868 pccsmcfd - ok 21:31:18.0291 5868 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:31:18.0295 5868 pci - ok 21:31:18.0311 5868 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:31:18.0313 5868 pciide - ok 21:31:18.0329 5868 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:31:18.0334 5868 pcmcia - ok 21:31:18.0358 5868 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:31:18.0359 5868 pcw - ok 21:31:18.0385 5868 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:31:18.0408 5868 PEAUTH - ok 21:31:18.0496 5868 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:31:18.0499 5868 PerfHost - ok 21:31:18.0567 5868 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:31:18.0613 5868 pla - ok 21:31:18.0687 5868 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:31:18.0698 5868 PlugPlay - ok 21:31:18.0712 5868 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:31:18.0716 5868 PNRPAutoReg - ok 21:31:18.0742 5868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:31:18.0746 5868 PNRPsvc - ok 21:31:18.0794 5868 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys 21:31:18.0796 5868 Point64 - ok 21:31:18.0830 5868 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:31:18.0836 5868 PolicyAgent - ok 21:31:18.0868 5868 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll 21:31:18.0874 5868 Power - ok 21:31:18.0920 5868 [ BAC02775CF629E5FE80BEA952F4448EF ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 21:31:18.0923 5868 Power Manager DBC Service - ok 21:31:18.0961 5868 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:31:18.0964 5868 PptpMiniport - ok 21:31:18.0997 5868 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 21:31:19.0000 5868 Processor - ok 21:31:19.0039 5868 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:31:19.0045 5868 ProfSvc - ok 21:31:19.0055 5868 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:31:19.0056 5868 ProtectedStorage - ok 21:31:19.0095 5868 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 21:31:19.0097 5868 psadd - ok 21:31:19.0120 5868 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:31:19.0123 5868 Psched - ok 21:31:19.0166 5868 [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 21:31:19.0167 5868 PxHlpa64 - ok 21:31:19.0229 5868 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:31:19.0271 5868 ql2300 - ok 21:31:19.0287 5868 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:31:19.0291 5868 ql40xx - ok 21:31:19.0318 5868 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:31:19.0324 5868 QWAVE - ok 21:31:19.0334 5868 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:31:19.0337 5868 QWAVEdrv - ok 21:31:19.0356 5868 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:31:19.0358 5868 RasAcd - ok 21:31:19.0389 5868 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:31:19.0392 5868 RasAgileVpn - ok 21:31:19.0407 5868 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:31:19.0412 5868 RasAuto - ok 21:31:19.0424 5868 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:31:19.0427 5868 Rasl2tp - ok 21:31:19.0444 5868 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:31:19.0451 5868 RasMan - ok 21:31:19.0462 5868 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:31:19.0465 5868 RasPppoe - ok 21:31:19.0477 5868 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:31:19.0480 5868 RasSstp - ok 21:31:19.0502 5868 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:31:19.0507 5868 rdbss - ok 21:31:19.0520 5868 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 21:31:19.0523 5868 rdpbus - ok 21:31:19.0536 5868 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:31:19.0538 5868 RDPCDD - ok 21:31:19.0548 5868 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:31:19.0550 5868 RDPENCDD - ok 21:31:19.0564 5868 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:31:19.0566 5868 RDPREFMP - ok 21:31:19.0607 5868 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:31:19.0612 5868 RDPWD - ok 21:31:19.0633 5868 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:31:19.0638 5868 rdyboost - ok 21:31:19.0660 5868 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:31:19.0683 5868 RemoteAccess - ok 21:31:19.0706 5868 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:31:19.0712 5868 RemoteRegistry - ok 21:31:19.0751 5868 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:31:19.0755 5868 RFCOMM - ok 21:31:19.0768 5868 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:31:19.0773 5868 RpcEptMapper - ok 21:31:19.0788 5868 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:31:19.0791 5868 RpcLocator - ok 21:31:19.0812 5868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:31:19.0818 5868 RpcSs - ok 21:31:19.0848 5868 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:31:19.0851 5868 rspndr - ok 21:31:19.0876 5868 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 21:31:19.0881 5868 RSUSBSTOR - ok 21:31:19.0928 5868 [ 24452CCCC3808B5AB0341A384BB72200 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 21:31:19.0933 5868 RtkAudioService - ok 21:31:19.0962 5868 [ 5B04929EF24F87E239B880FAAE410E3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:31:19.0968 5868 RTL8167 - ok 21:31:20.0008 5868 [ 7C44C9A974DE5508910BFDE4ABC2E16C ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys 21:31:20.0043 5868 RTL8192Ce - ok 21:31:20.0056 5868 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 21:31:20.0058 5868 SamSs - ok 21:31:20.0079 5868 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:31:20.0082 5868 sbp2port - ok 21:31:20.0114 5868 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:31:20.0120 5868 SCardSvr - ok 21:31:20.0146 5868 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:31:20.0148 5868 scfilter - ok 21:31:20.0180 5868 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:31:20.0215 5868 Schedule - ok 21:31:20.0238 5868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:31:20.0239 5868 SCPolicySvc - ok 21:31:20.0260 5868 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:31:20.0266 5868 SDRSVC - ok 21:31:20.0280 5868 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:31:20.0283 5868 secdrv - ok 21:31:20.0299 5868 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:31:20.0303 5868 seclogon - ok 21:31:20.0313 5868 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 21:31:20.0316 5868 SENS - ok 21:31:20.0340 5868 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:31:20.0344 5868 SensrSvc - ok 21:31:20.0356 5868 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 21:31:20.0358 5868 Serenum - ok 21:31:20.0394 5868 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 21:31:20.0397 5868 Serial - ok 21:31:20.0432 5868 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:31:20.0434 5868 sermouse - ok 21:31:20.0532 5868 [ E90CE237E99C5D26CB3872318A7799D0 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 21:31:20.0550 5868 ServiceLayer - ok 21:31:20.0593 5868 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:31:20.0597 5868 SessionEnv - ok 21:31:20.0618 5868 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:31:20.0621 5868 sffdisk - ok 21:31:20.0629 5868 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:31:20.0631 5868 sffp_mmc - ok 21:31:20.0649 5868 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:31:20.0651 5868 sffp_sd - ok 21:31:20.0656 5868 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:31:20.0658 5868 sfloppy - ok 21:31:20.0692 5868 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:31:20.0699 5868 SharedAccess - ok 21:31:20.0718 5868 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:31:20.0726 5868 ShellHWDetection - ok 21:31:20.0757 5868 [ 380B52126E62C6C2D3C8BA805AADFDC7 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 21:31:20.0760 5868 Shockprf - ok 21:31:20.0799 5868 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:31:20.0802 5868 SiSRaid2 - ok 21:31:20.0821 5868 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:31:20.0824 5868 SiSRaid4 - ok 21:31:20.0858 5868 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:31:20.0861 5868 Smb - ok 21:31:20.0889 5868 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:31:20.0893 5868 SNMPTRAP - ok 21:31:20.0907 5868 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:31:20.0908 5868 spldr - ok 21:31:20.0964 5868 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:31:20.0987 5868 Spooler - ok 21:31:21.0087 5868 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:31:21.0178 5868 sppsvc - ok 21:31:21.0203 5868 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:31:21.0207 5868 sppuinotify - ok 21:31:21.0235 5868 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:31:21.0242 5868 srv - ok 21:31:21.0290 5868 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:31:21.0299 5868 srv2 - ok 21:31:21.0319 5868 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:31:21.0323 5868 srvnet - ok 21:31:21.0351 5868 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:31:21.0357 5868 SSDPSRV - ok 21:31:21.0384 5868 SSPORT - ok 21:31:21.0401 5868 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:31:21.0404 5868 SstpSvc - ok 21:31:21.0431 5868 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys 21:31:21.0435 5868 ss_bus - ok 21:31:21.0469 5868 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys 21:31:21.0471 5868 ss_mdfl - ok 21:31:21.0488 5868 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys 21:31:21.0493 5868 ss_mdm - ok 21:31:21.0529 5868 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:31:21.0532 5868 stexstor - ok 21:31:21.0566 5868 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:31:21.0589 5868 stisvc - ok 21:31:21.0671 5868 [ 7F7958C5B40F9441D1E8D704310D46FF ] SUService c:\Program Files (x86)\Lenovo\System Update\SUService.exe 21:31:21.0672 5868 SUService - ok 21:31:21.0697 5868 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:31:21.0699 5868 swenum - ok 21:31:21.0728 5868 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:31:21.0739 5868 swprv - ok 21:31:21.0810 5868 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 21:31:21.0846 5868 SynTP - ok 21:31:21.0897 5868 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:31:21.0939 5868 SysMain - ok 21:31:21.0958 5868 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:31:21.0963 5868 TabletInputService - ok 21:31:21.0980 5868 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:31:21.0988 5868 TapiSrv - ok 21:31:22.0003 5868 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:31:22.0007 5868 TBS - ok 21:31:22.0084 5868 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:31:22.0150 5868 Tcpip - ok 21:31:22.0205 5868 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:31:22.0216 5868 TCPIP6 - ok 21:31:22.0255 5868 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:31:22.0257 5868 tcpipreg - ok 21:31:22.0287 5868 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:31:22.0289 5868 TDPIPE - ok 21:31:22.0320 5868 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:31:22.0322 5868 TDTCP - ok 21:31:22.0341 5868 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:31:22.0344 5868 tdx - ok 21:31:22.0451 5868 [ 01A402D34732CA3DA91786ADCC765069 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe 21:31:22.0536 5868 TeamViewer6 - ok 21:31:22.0557 5868 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:31:22.0560 5868 TermDD - ok 21:31:22.0592 5868 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:31:22.0615 5868 TermService - ok 21:31:22.0672 5868 [ 42A267904416DBEB1DA0295D9042BF0D ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe 21:31:22.0676 5868 TGCM_ImportWiFiSvc - ok 21:31:22.0689 5868 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:31:22.0694 5868 Themes - ok 21:31:22.0721 5868 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:31:22.0723 5868 THREADORDER - ok 21:31:22.0734 5868 [ 5523C729F1ED31B63C88490AF3D220FA ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys 21:31:22.0735 5868 TPDIGIMN - ok 21:31:22.0762 5868 [ ECB098A3404ACB8A05F0673DC086BB43 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe 21:31:22.0766 5868 TPHDEXLGSVC - ok 21:31:22.0832 5868 [ 2CF225E19490F499528B926263FE4554 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 21:31:22.0834 5868 TPHKSVC - ok 21:31:22.0866 5868 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys 21:31:22.0868 5868 TPM - ok 21:31:22.0898 5868 [ 2C067E01D6BBCCC88B233B868E210907 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys 21:31:22.0900 5868 TPPWRIF - ok 21:31:22.0921 5868 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:31:22.0926 5868 TrkWks - ok 21:31:22.0964 5868 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:31:22.0968 5868 TrustedInstaller - ok 21:31:22.0986 5868 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:31:22.0989 5868 tssecsrv - ok 21:31:23.0008 5868 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:31:23.0011 5868 TsUsbFlt - ok 21:31:23.0017 5868 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:31:23.0019 5868 TsUsbGD - ok 21:31:23.0050 5868 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:31:23.0054 5868 tunnel - ok 21:31:23.0074 5868 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:31:23.0077 5868 uagp35 - ok 21:31:23.0103 5868 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:31:23.0110 5868 udfs - ok 21:31:23.0139 5868 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:31:23.0143 5868 UI0Detect - ok 21:31:23.0192 5868 [ 4AD47E4A6AEBB8D2D54414BCDAC0AA38 ] ui11drdr C:\Windows\system32\DRIVERS\ui11drdr.sys 21:31:23.0196 5868 ui11drdr - ok 21:31:23.0249 5868 [ FDB805B2749DACE784BD05125979B478 ] uigxrdr C:\Windows\system32\DRIVERS\uigxrdr.sys 21:31:23.0254 5868 uigxrdr - ok 21:31:23.0341 5868 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 21:31:23.0344 5868 UleadBurningHelper - ok 21:31:23.0381 5868 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:31:23.0384 5868 uliagpkx - ok 21:31:23.0418 5868 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:31:23.0421 5868 umbus - ok 21:31:23.0440 5868 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 21:31:23.0442 5868 UmPass - ok 21:31:23.0578 5868 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 21:31:23.0657 5868 UNS - ok 21:31:23.0703 5868 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:31:23.0712 5868 upnphost - ok 21:31:23.0747 5868 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 21:31:23.0749 5868 upperdev - ok 21:31:23.0779 5868 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:31:23.0782 5868 usbccgp - ok 21:31:23.0825 5868 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:31:23.0828 5868 usbcir - ok 21:31:23.0848 5868 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:31:23.0851 5868 usbehci - ok 21:31:23.0876 5868 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:31:23.0883 5868 usbhub - ok 21:31:23.0917 5868 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:31:23.0919 5868 usbohci - ok 21:31:23.0944 5868 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:31:23.0946 5868 usbprint - ok 21:31:23.0988 5868 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:31:23.0992 5868 usbscan - ok 21:31:24.0007 5868 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys 21:31:24.0009 5868 usbser - ok 21:31:24.0029 5868 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:31:24.0032 5868 USBSTOR - ok 21:31:24.0050 5868 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:31:24.0052 5868 usbuhci - ok 21:31:24.0078 5868 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:31:24.0083 5868 usbvideo - ok 21:31:24.0108 5868 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:31:24.0112 5868 UxSms - ok 21:31:24.0128 5868 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 21:31:24.0129 5868 VaultSvc - ok 21:31:24.0156 5868 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:31:24.0158 5868 vdrvroot - ok 21:31:24.0178 5868 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:31:24.0201 5868 vds - ok 21:31:24.0220 5868 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:31:24.0223 5868 vga - ok 21:31:24.0243 5868 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:31:24.0245 5868 VgaSave - ok 21:31:24.0271 5868 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:31:24.0276 5868 vhdmp - ok 21:31:24.0286 5868 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:31:24.0288 5868 viaide - ok 21:31:24.0318 5868 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:31:24.0320 5868 volmgr - ok 21:31:24.0333 5868 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:31:24.0339 5868 volmgrx - ok 21:31:24.0353 5868 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:31:24.0359 5868 volsnap - ok 21:31:24.0372 5868 vpnva - ok 21:31:24.0385 5868 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:31:24.0388 5868 vsmraid - ok 21:31:24.0443 5868 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:31:24.0503 5868 VSS - ok 21:31:24.0526 5868 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:31:24.0528 5868 vwifibus - ok 21:31:24.0551 5868 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:31:24.0553 5868 vwififlt - ok 21:31:24.0562 5868 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 21:31:24.0564 5868 vwifimp - ok 21:31:24.0601 5868 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:31:24.0609 5868 W32Time - ok 21:31:24.0626 5868 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:31:24.0628 5868 WacomPen - ok 21:31:24.0664 5868 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:31:24.0667 5868 WANARP - ok 21:31:24.0672 5868 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:31:24.0673 5868 Wanarpv6 - ok 21:31:24.0715 5868 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:31:24.0747 5868 wbengine - ok 21:31:24.0769 5868 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:31:24.0775 5868 WbioSrvc - ok 21:31:24.0784 5868 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:31:24.0790 5868 wcncsvc - ok 21:31:24.0799 5868 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:31:24.0803 5868 WcsPlugInService - ok 21:31:24.0815 5868 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 21:31:24.0816 5868 Wd - ok 21:31:24.0871 5868 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:31:24.0897 5868 Wdf01000 - ok 21:31:24.0918 5868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:31:24.0923 5868 WdiServiceHost - ok 21:31:24.0928 5868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:31:24.0931 5868 WdiSystemHost - ok 21:31:24.0948 5868 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 21:31:24.0954 5868 WebClient - ok 21:31:24.0961 5868 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:31:24.0966 5868 Wecsvc - ok 21:31:24.0979 5868 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:31:24.0983 5868 wercplsupport - ok 21:31:24.0992 5868 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:31:24.0996 5868 WerSvc - ok 21:31:25.0035 5868 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:31:25.0037 5868 WfpLwf - ok 21:31:25.0054 5868 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:31:25.0056 5868 WIMMount - ok 21:31:25.0081 5868 WinDefend - ok 21:31:25.0086 5868 WinHttpAutoProxySvc - ok 21:31:25.0141 5868 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:31:25.0146 5868 Winmgmt - ok 21:31:25.0225 5868 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:31:25.0304 5868 WinRM - ok 21:31:25.0356 5868 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:31:25.0359 5868 WinUsb - ok 21:31:25.0390 5868 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:31:25.0416 5868 Wlansvc - ok 21:31:25.0449 5868 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:31:25.0451 5868 wlcrasvc - ok 21:31:25.0588 5868 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:31:25.0666 5868 wlidsvc - ok 21:31:25.0693 5868 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:31:25.0694 5868 WmiAcpi - ok 21:31:25.0729 5868 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:31:25.0734 5868 wmiApSrv - ok 21:31:25.0767 5868 WMPNetworkSvc - ok 21:31:25.0796 5868 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:31:25.0801 5868 WPCSvc - ok 21:31:25.0835 5868 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:31:25.0840 5868 WPDBusEnum - ok 21:31:25.0874 5868 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:31:25.0877 5868 ws2ifsl - ok 21:31:25.0894 5868 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 21:31:25.0900 5868 wscsvc - ok 21:31:25.0905 5868 WSearch - ok 21:31:25.0997 5868 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:31:26.0078 5868 wuauserv - ok 21:31:26.0134 5868 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:31:26.0137 5868 WudfPf - ok 21:31:26.0159 5868 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:31:26.0164 5868 WUDFRd - ok 21:31:26.0214 5868 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:31:26.0219 5868 wudfsvc - ok 21:31:26.0249 5868 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 21:31:26.0256 5868 WwanSvc - ok 21:31:26.0320 5868 ================ Scan global =============================== 21:31:26.0343 5868 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:31:26.0393 5868 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 21:31:26.0404 5868 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 21:31:26.0431 5868 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:31:26.0447 5868 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:31:26.0455 5868 [Global] - ok 21:31:26.0455 5868 ================ Scan MBR ================================== 21:31:26.0463 5868 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 21:31:26.0785 5868 \Device\Harddisk0\DR0 - ok 21:31:26.0796 5868 [ 4A1D07BE4D842114083B748678A24ECB ] \Device\Harddisk1\DR1 21:31:26.0809 5868 \Device\Harddisk1\DR1 - ok 21:31:26.0810 5868 ================ Scan VBR ================================== 21:31:26.0816 5868 [ CE7FD86531D8EF0FA8B5D389AC85D060 ] \Device\Harddisk0\DR0\Partition1 21:31:26.0820 5868 \Device\Harddisk0\DR0\Partition1 - ok 21:31:26.0851 5868 [ A23683951A6CD649EA8F3D2766253889 ] \Device\Harddisk0\DR0\Partition2 21:31:26.0854 5868 \Device\Harddisk0\DR0\Partition2 - ok 21:31:26.0888 5868 [ 84312315140665B42B0AA8E3B264B3F1 ] \Device\Harddisk0\DR0\Partition3 21:31:26.0897 5868 \Device\Harddisk0\DR0\Partition3 - ok 21:31:26.0904 5868 [ 3448AACC324CAF8B179522411149A8C7 ] \Device\Harddisk1\DR1\Partition1 21:31:26.0907 5868 \Device\Harddisk1\DR1\Partition1 - ok 21:31:26.0908 5868 ============================================================ 21:31:26.0908 5868 Scan finished 21:31:26.0908 5868 ============================================================ 21:31:26.0925 6600 Detected object count: 0 21:31:26.0925 6600 Actual detected object count: 0 |
|
04.03.2013, 21:34
| #14 |
| /// Malware-holic | Trojaner tracking999/findgala bitte anleitung noch mal lesen, tdss killer richtig konfigurieren und ausführen, Log posten und bitte zitiere nicht dauern die ganzen Posts, dass ist unnötig
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.03.2013, 21:56
| #15 |
| | Trojaner tracking999/findgala 21:50:04.0452 6652 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 21:50:04.0609 6652 ============================================================ 21:50:04.0609 6652 Current date / time: 2013/03/04 21:50:04.0609 21:50:04.0609 6652 SystemInfo: 21:50:04.0609 6652 21:50:04.0609 6652 OS Version: 6.1.7601 ServicePack: 1.0 21:50:04.0609 6652 Product type: Workstation 21:50:04.0609 6652 ComputerName: SIGRID 21:50:04.0609 6652 UserName: SigridScherer 21:50:04.0609 6652 Windows directory: C:\Windows 21:50:04.0609 6652 System windows directory: C:\Windows 21:50:04.0609 6652 Running under WOW64 21:50:04.0609 6652 Processor architecture: Intel x64 21:50:04.0609 6652 Number of processors: 4 21:50:04.0609 6652 Page size: 0x1000 21:50:04.0609 6652 Boot type: Normal boot 21:50:04.0609 6652 ============================================================ 21:50:05.0300 6652 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:50:05.0305 6652 Drive \Device\Harddisk1\DR1 - Size: 0xEE2B7E00 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:50:05.0313 6652 ============================================================ 21:50:05.0313 6652 \Device\Harddisk0\DR0: 21:50:05.0313 6652 MBR partitions: 21:50:05.0313 6652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000 21:50:05.0313 6652 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x38DA4FF8 21:50:05.0313 6652 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38FFD800, BlocksNum 0x1388000 21:50:05.0313 6652 \Device\Harddisk1\DR1: 21:50:05.0314 6652 MBR partitions: 21:50:05.0315 6652 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x40, BlocksNum 0x77157F 21:50:05.0315 6652 ============================================================ 21:50:05.0353 6652 C: <-> \Device\Harddisk0\DR0\Partition2 21:50:05.0414 6652 Q: <-> \Device\Harddisk0\DR0\Partition3 21:50:05.0414 6652 ============================================================ 21:50:05.0415 6652 Initialize success 21:50:05.0415 6652 ============================================================ 21:51:06.0881 5240 ============================================================ 21:51:06.0881 5240 Scan started 21:51:06.0881 5240 Mode: Manual; SigCheck; TDLFS; 21:51:06.0881 5240 ============================================================ 21:51:07.0265 5240 ================ Scan system memory ======================== 21:51:07.0265 5240 System memory - ok 21:51:07.0266 5240 ================ Scan services ============================= 21:51:07.0479 5240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:51:07.0550 5240 1394ohci - ok 21:51:07.0637 5240 [ 0FC813D822BFC06169CE4E0D00669021 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys 21:51:07.0721 5240 5U877 - ok 21:51:07.0757 5240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:51:07.0776 5240 ACPI - ok 21:51:07.0806 5240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:51:07.0840 5240 AcpiPmi - ok 21:51:07.0960 5240 [ DEECCADBD25F65D65293A09721B3A447 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 21:51:07.0984 5240 AcPrfMgrSvc - ok 21:51:08.0033 5240 [ A7753804C6C66C9C80F4E29659FD721C ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 21:51:08.0052 5240 AcSvc - ok 21:51:08.0157 5240 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:51:08.0172 5240 AdobeARMservice - ok 21:51:08.0300 5240 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:51:08.0312 5240 AdobeFlashPlayerUpdateSvc - ok 21:51:08.0355 5240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:51:08.0378 5240 adp94xx - ok 21:51:08.0420 5240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:51:08.0441 5240 adpahci - ok 21:51:08.0462 5240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:51:08.0480 5240 adpu320 - ok 21:51:08.0503 5240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:51:08.0574 5240 AeLookupSvc - ok 21:51:08.0671 5240 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 21:51:08.0725 5240 AFD - ok 21:51:08.0761 5240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:51:08.0780 5240 agp440 - ok 21:51:08.0809 5240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:51:08.0851 5240 ALG - ok 21:51:08.0907 5240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:51:08.0923 5240 aliide - ok 21:51:08.0939 5240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:51:08.0954 5240 amdide - ok 21:51:09.0006 5240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:51:09.0043 5240 AmdK8 - ok 21:51:09.0085 5240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:51:09.0121 5240 AmdPPM - ok 21:51:09.0148 5240 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:51:09.0165 5240 amdsata - ok 21:51:09.0192 5240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:51:09.0211 5240 amdsbs - ok 21:51:09.0232 5240 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:51:09.0247 5240 amdxata - ok 21:51:09.0330 5240 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 21:51:09.0350 5240 AntiVirSchedulerService - ok 21:51:09.0374 5240 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 21:51:09.0383 5240 AntiVirService - ok 21:51:09.0416 5240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:51:09.0460 5240 AppID - ok 21:51:09.0502 5240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:51:09.0590 5240 AppIDSvc - ok 21:51:09.0610 5240 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 21:51:09.0674 5240 Appinfo - ok 21:51:09.0784 5240 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:51:09.0805 5240 Apple Mobile Device - ok 21:51:09.0839 5240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 21:51:09.0856 5240 arc - ok 21:51:09.0866 5240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:51:09.0881 5240 arcsas - ok 21:51:09.0913 5240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:51:09.0998 5240 AsyncMac - ok 21:51:10.0038 5240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:51:10.0053 5240 atapi - ok 21:51:10.0100 5240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:51:10.0155 5240 AudioEndpointBuilder - ok 21:51:10.0167 5240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:51:10.0213 5240 AudioSrv - ok 21:51:10.0263 5240 [ F0FC8614A0200F0DFEF70FEA581CB84E ] AVerAF35 C:\Windows\system32\Drivers\AVerAF35.sys 21:51:10.0341 5240 AVerAF35 - ok 21:51:10.0415 5240 [ A33C07F7527FC4CBC664C3137EB7D744 ] AVerRemote C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe 21:51:10.0448 5240 AVerRemote ( UnsignedFile.Multi.Generic ) - warning 21:51:10.0449 5240 AVerRemote - detected UnsignedFile.Multi.Generic (1) 21:51:10.0499 5240 [ 9AEBB2D487D9BF4C0F354899D842EDD0 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 21:51:10.0537 5240 AVerScheduleService ( UnsignedFile.Multi.Generic ) - warning 21:51:10.0538 5240 AVerScheduleService - detected UnsignedFile.Multi.Generic (1) 21:51:10.0568 5240 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 21:51:10.0623 5240 avgntflt - ok 21:51:10.0675 5240 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 21:51:10.0696 5240 avipbb - ok 21:51:10.0710 5240 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 21:51:10.0728 5240 avkmgr - ok 21:51:10.0768 5240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:51:10.0869 5240 AxInstSV - ok 21:51:10.0908 5240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:51:10.0985 5240 b06bdrv - ok 21:51:11.0006 5240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:51:11.0048 5240 b57nd60a - ok 21:51:11.0110 5240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:51:11.0181 5240 BDESVC - ok 21:51:11.0212 5240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:51:11.0284 5240 Beep - ok 21:51:11.0335 5240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:51:11.0417 5240 BFE - ok 21:51:11.0459 5240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 21:51:11.0550 5240 BITS - ok 21:51:11.0594 5240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:51:11.0637 5240 blbdrive - ok 21:51:11.0700 5240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:51:11.0743 5240 bowser - ok 21:51:11.0787 5240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:51:11.0836 5240 BrFiltLo - ok 21:51:11.0865 5240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:51:11.0920 5240 BrFiltUp - ok 21:51:11.0987 5240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:51:12.0024 5240 Browser - ok 21:51:12.0070 5240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys 21:51:12.0155 5240 Brserid - ok 21:51:12.0175 5240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:51:12.0215 5240 BrSerWdm - ok 21:51:12.0238 5240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:51:12.0281 5240 BrUsbMdm - ok 21:51:12.0304 5240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys 21:51:12.0356 5240 BrUsbSer - ok 21:51:12.0434 5240 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 21:51:12.0448 5240 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning 21:51:12.0448 5240 BrYNSvc - detected UnsignedFile.Multi.Generic (1) 21:51:12.0507 5240 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 21:51:12.0551 5240 BthEnum - ok 21:51:12.0586 5240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:51:12.0638 5240 BTHMODEM - ok 21:51:12.0676 5240 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:51:12.0729 5240 BthPan - ok 21:51:12.0815 5240 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 21:51:12.0878 5240 BTHPORT - ok 21:51:12.0930 5240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:51:12.0986 5240 bthserv - ok 21:51:13.0031 5240 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 21:51:13.0073 5240 BTHUSB - ok 21:51:13.0118 5240 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys 21:51:13.0136 5240 btusbflt - ok 21:51:13.0154 5240 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 21:51:13.0168 5240 btwaudio - ok 21:51:13.0200 5240 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 21:51:13.0215 5240 btwavdt - ok 21:51:13.0308 5240 [ 1BA00F5A3012365CB5B1A5DBABC1943C ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 21:51:13.0343 5240 btwdins - ok 21:51:13.0365 5240 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 21:51:13.0373 5240 btwl2cap - ok 21:51:13.0384 5240 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 21:51:13.0394 5240 btwrchid - ok 21:51:13.0422 5240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:51:13.0488 5240 cdfs - ok 21:51:13.0540 5240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:51:13.0569 5240 cdrom - ok 21:51:13.0602 5240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:51:13.0702 5240 CertPropSvc - ok 21:51:13.0754 5240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 21:51:13.0809 5240 circlass - ok 21:51:13.0841 5240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:51:13.0864 5240 CLFS - ok 21:51:13.0933 5240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:51:13.0957 5240 clr_optimization_v2.0.50727_32 - ok 21:51:13.0996 5240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:51:14.0013 5240 clr_optimization_v2.0.50727_64 - ok 21:51:14.0067 5240 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:51:14.0083 5240 clr_optimization_v4.0.30319_32 - ok 21:51:14.0152 5240 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:51:14.0173 5240 clr_optimization_v4.0.30319_64 - ok 21:51:14.0213 5240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:51:14.0258 5240 CmBatt - ok 21:51:14.0289 5240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:51:14.0308 5240 cmdide - ok 21:51:14.0355 5240 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 21:51:14.0412 5240 CNG - ok 21:51:14.0454 5240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:51:14.0469 5240 Compbatt - ok 21:51:14.0505 5240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:51:14.0549 5240 CompositeBus - ok 21:51:14.0577 5240 COMSysApp - ok 21:51:14.0601 5240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:51:14.0616 5240 crcdisk - ok 21:51:14.0663 5240 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:51:14.0686 5240 CryptSvc - ok 21:51:14.0729 5240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:51:14.0830 5240 DcomLaunch - ok 21:51:14.0874 5240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:51:14.0945 5240 defragsvc - ok 21:51:14.0976 5240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:51:15.0044 5240 DfsC - ok 21:51:15.0086 5240 DgiVecp - ok 21:51:15.0119 5240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:51:15.0200 5240 Dhcp - ok 21:51:15.0225 5240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:51:15.0295 5240 discache - ok 21:51:15.0336 5240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 21:51:15.0364 5240 Disk - ok 21:51:15.0407 5240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:51:15.0473 5240 Dnscache - ok 21:51:15.0509 5240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:51:15.0591 5240 dot3svc - ok 21:51:15.0624 5240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:51:15.0710 5240 DPS - ok 21:51:15.0753 5240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:51:15.0807 5240 drmkaud - ok 21:51:15.0855 5240 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:51:15.0946 5240 DXGKrnl - ok 21:51:15.0981 5240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:51:16.0071 5240 EapHost - ok 21:51:16.0180 5240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:51:16.0328 5240 ebdrv - ok 21:51:16.0359 5240 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 21:51:16.0440 5240 EFS - ok 21:51:16.0508 5240 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:51:16.0600 5240 ehRecvr - ok 21:51:16.0627 5240 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 21:51:16.0651 5240 ehSched - ok 21:51:16.0697 5240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:51:16.0722 5240 elxstor - ok 21:51:16.0742 5240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:51:16.0790 5240 ErrDev - ok 21:51:16.0844 5240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:51:16.0900 5240 EventSystem - ok 21:51:16.0952 5240 [ CA2E486FE6212FFD5FD171AC1A0B17BE ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys 21:51:17.0007 5240 ewusbmbb - ok 21:51:17.0042 5240 ewusbnet - ok 21:51:17.0078 5240 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 21:51:17.0136 5240 ew_hwusbdev - ok 21:51:17.0164 5240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:51:17.0215 5240 exfat - ok 21:51:17.0239 5240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:51:17.0304 5240 fastfat - ok 21:51:17.0361 5240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 21:51:17.0457 5240 Fax - ok 21:51:17.0484 5240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 21:51:17.0522 5240 fdc - ok 21:51:17.0548 5240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:51:17.0600 5240 fdPHost - ok 21:51:17.0611 5240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:51:17.0683 5240 FDResPub - ok 21:51:17.0726 5240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:51:17.0741 5240 FileInfo - ok 21:51:17.0752 5240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:51:17.0820 5240 Filetrace - ok 21:51:17.0857 5240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:51:17.0896 5240 flpydisk - ok 21:51:17.0931 5240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:51:17.0956 5240 FltMgr - ok 21:51:18.0024 5240 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 21:51:18.0093 5240 FontCache - ok 21:51:18.0166 5240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:51:18.0186 5240 FontCache3.0.0.0 - ok 21:51:18.0219 5240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:51:18.0235 5240 FsDepends - ok 21:51:18.0269 5240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:51:18.0286 5240 Fs_Rec - ok 21:51:18.0321 5240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:51:18.0348 5240 fvevol - ok 21:51:18.0370 5240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:51:18.0383 5240 gagp30kx - ok 21:51:18.0427 5240 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:51:18.0445 5240 GEARAspiWDM - ok 21:51:18.0497 5240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:51:18.0581 5240 gpsvc - ok 21:51:18.0655 5240 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:51:18.0678 5240 gupdate - ok 21:51:18.0697 5240 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:51:18.0709 5240 gupdatem - ok 21:51:18.0736 5240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:51:18.0804 5240 hcw85cir - ok 21:51:18.0834 5240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:51:18.0861 5240 HdAudAddService - ok 21:51:18.0882 5240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:51:18.0930 5240 HDAudBus - ok 21:51:18.0967 5240 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 21:51:18.0990 5240 HECIx64 - ok 21:51:19.0011 5240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:51:19.0048 5240 HidBatt - ok 21:51:19.0079 5240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:51:19.0119 5240 HidBth - ok 21:51:19.0157 5240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 21:51:19.0179 5240 HidIr - ok 21:51:19.0200 5240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 21:51:19.0269 5240 hidserv - ok 21:51:19.0318 5240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:51:19.0342 5240 HidUsb - ok 21:51:19.0362 5240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:51:19.0449 5240 hkmsvc - ok 21:51:19.0484 5240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:51:19.0551 5240 HomeGroupListener - ok 21:51:19.0585 5240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:51:19.0625 5240 HomeGroupProvider - ok 21:51:19.0659 5240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:51:19.0676 5240 HpSAMD - ok 21:51:19.0724 5240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:51:19.0817 5240 HTTP - ok 21:51:19.0862 5240 [ 1642C62F1FD5E1FF44608283994A7BB8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys 21:51:19.0914 5240 huawei_enumerator - ok 21:51:19.0956 5240 [ 4B80AF36EE9F31361C1DCB2EE563719A ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 21:51:20.0031 5240 hwdatacard - ok 21:51:20.0051 5240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:51:20.0074 5240 hwpolicy - ok 21:51:20.0114 5240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:51:20.0138 5240 i8042prt - ok 21:51:20.0174 5240 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 21:51:20.0203 5240 iaStor - ok 21:51:20.0241 5240 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:51:20.0263 5240 iaStorV - ok 21:51:20.0287 5240 [ 3761FAB385F1C2F51B2FAD48CFABBE9D ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 21:51:20.0300 5240 IBMPMDRV - ok 21:51:20.0311 5240 [ FC22310F3862E2C7C8722EF4778D5CC3 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 21:51:20.0321 5240 IBMPMSVC - ok 21:51:20.0359 5240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:51:20.0414 5240 idsvc - ok 21:51:20.0662 5240 [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:51:21.0026 5240 igfx - ok 21:51:21.0065 5240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:51:21.0091 5240 iirsp - ok 21:51:21.0132 5240 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 21:51:21.0237 5240 IKEEXT - ok 21:51:21.0283 5240 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 21:51:21.0325 5240 Impcd - ok 21:51:21.0450 5240 [ 1C11E5D258BC374E7FBD598D75E49B75 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 21:51:21.0570 5240 IntcAzAudAddService - ok 21:51:21.0618 5240 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 21:51:21.0676 5240 IntcDAud - ok 21:51:21.0717 5240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:51:21.0739 5240 intelide - ok 21:51:21.0778 5240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:51:21.0827 5240 intelppm - ok 21:51:21.0872 5240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:51:21.0955 5240 IPBusEnum - ok 21:51:21.0985 5240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:51:22.0054 5240 IpFilterDriver - ok 21:51:22.0103 5240 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:51:22.0151 5240 iphlpsvc - ok 21:51:22.0158 5240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:51:22.0198 5240 IPMIDRV - ok 21:51:22.0237 5240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:51:22.0316 5240 IPNAT - ok 21:51:22.0394 5240 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:51:22.0461 5240 iPod Service - ok 21:51:22.0488 5240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:51:22.0543 5240 IRENUM - ok 21:51:22.0584 5240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:51:22.0601 5240 isapnp - ok 21:51:22.0622 5240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:51:22.0646 5240 iScsiPrt - ok 21:51:22.0683 5240 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe 21:51:22.0695 5240 IviRegMgr - ok 21:51:22.0713 5240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:51:22.0727 5240 kbdclass - ok 21:51:22.0748 5240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:51:22.0787 5240 kbdhid - ok 21:51:22.0808 5240 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 21:51:22.0823 5240 KeyIso - ok 21:51:22.0869 5240 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:51:22.0898 5240 KSecDD - ok 21:51:22.0917 5240 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:51:22.0933 5240 KSecPkg - ok 21:51:22.0954 5240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:51:23.0047 5240 ksthunk - ok 21:51:23.0088 5240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:51:23.0162 5240 KtmRm - ok 21:51:23.0205 5240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:51:23.0298 5240 LanmanServer - ok 21:51:23.0340 5240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:51:23.0448 5240 LanmanWorkstation - ok 21:51:23.0521 5240 [ 8B5EB24FCE3926128138B769D50CEE1B ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 21:51:23.0534 5240 LENOVO.CAMMUTE - ok 21:51:23.0569 5240 [ C88EB33793420A79F601FB5E33E2EDD9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 21:51:23.0581 5240 LENOVO.MICMUTE - ok 21:51:23.0593 5240 [ 5ACFF5823634BC2C4EBF559C3B33E18E ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys 21:51:23.0609 5240 lenovo.smi - ok 21:51:23.0623 5240 [ F1A055E1381528E947CDB959117B67D0 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 21:51:23.0636 5240 LENOVO.TPKNRSVC - ok 21:51:23.0650 5240 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 21:51:23.0660 5240 Lenovo.VIRTSCRLSVC - ok 21:51:23.0684 5240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:51:23.0758 5240 lltdio - ok 21:51:23.0804 5240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:51:23.0879 5240 lltdsvc - ok 21:51:23.0892 5240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:51:23.0970 5240 lmhosts - ok 21:51:24.0036 5240 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 21:51:24.0068 5240 LMS - ok 21:51:24.0099 5240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:51:24.0116 5240 LSI_FC - ok 21:51:24.0146 5240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:51:24.0164 5240 LSI_SAS - ok 21:51:24.0182 5240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:51:24.0198 5240 LSI_SAS2 - ok 21:51:24.0205 5240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:51:24.0221 5240 LSI_SCSI - ok 21:51:24.0248 5240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:51:24.0313 5240 luafv - ok 21:51:24.0377 5240 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:51:24.0391 5240 MBAMProtector - ok 21:51:24.0472 5240 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:51:24.0505 5240 MBAMScheduler - ok 21:51:24.0539 5240 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 21:51:24.0565 5240 MBAMService - ok 21:51:24.0622 5240 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:51:24.0674 5240 Mcx2Svc - ok 21:51:24.0715 5240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 21:51:24.0733 5240 megasas - ok 21:51:24.0757 5240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:51:24.0784 5240 MegaSR - ok 21:51:24.0802 5240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:51:24.0860 5240 MMCSS - ok 21:51:24.0879 5240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:51:24.0938 5240 Modem - ok 21:51:24.0973 5240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:51:25.0010 5240 monitor - ok 21:51:25.0062 5240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:51:25.0088 5240 mouclass - ok 21:51:25.0116 5240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:51:25.0157 5240 mouhid - ok 21:51:25.0184 5240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:51:25.0201 5240 mountmgr - ok 21:51:25.0228 5240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:51:25.0243 5240 mpio - ok 21:51:25.0267 5240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:51:25.0311 5240 mpsdrv - ok 21:51:25.0349 5240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:51:25.0433 5240 MpsSvc - ok 21:51:25.0456 5240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:51:25.0496 5240 MRxDAV - ok 21:51:25.0531 5240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:51:25.0567 5240 mrxsmb - ok 21:51:25.0601 5240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:51:25.0622 5240 mrxsmb10 - ok 21:51:25.0641 5240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:51:25.0659 5240 mrxsmb20 - ok 21:51:25.0681 5240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:51:25.0696 5240 msahci - ok 21:51:25.0712 5240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:51:25.0727 5240 msdsm - ok 21:51:25.0751 5240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:51:25.0793 5240 MSDTC - ok 21:51:25.0828 5240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:51:25.0916 5240 Msfs - ok 21:51:25.0941 5240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:51:26.0021 5240 mshidkmdf - ok 21:51:26.0044 5240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:51:26.0057 5240 msisadrv - ok 21:51:26.0095 5240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:51:26.0142 5240 MSiSCSI - ok 21:51:26.0146 5240 msiserver - ok 21:51:26.0179 5240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:51:26.0241 5240 MSKSSRV - ok 21:51:26.0268 5240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:51:26.0359 5240 MSPCLOCK - ok 21:51:26.0380 5240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:51:26.0469 5240 MSPQM - ok 21:51:26.0504 5240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:51:26.0530 5240 MsRPC - ok 21:51:26.0551 5240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:51:26.0564 5240 mssmbios - ok 21:51:26.0583 5240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:51:26.0670 5240 MSTEE - ok 21:51:26.0688 5240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:51:26.0703 5240 MTConfig - ok 21:51:26.0726 5240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:51:26.0740 5240 Mup - ok 21:51:26.0772 5240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:51:26.0852 5240 napagent - ok 21:51:26.0900 5240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:51:26.0966 5240 NativeWifiP - ok 21:51:27.0051 5240 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:51:27.0109 5240 NDIS - ok 21:51:27.0151 5240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:51:27.0208 5240 NdisCap - ok 21:51:27.0231 5240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:51:27.0270 5240 NdisTapi - ok 21:51:27.0293 5240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:51:27.0380 5240 Ndisuio - ok 21:51:27.0409 5240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:51:27.0468 5240 NdisWan - ok 21:51:27.0497 5240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:51:27.0562 5240 NDProxy - ok 21:51:27.0588 5240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:51:27.0647 5240 NetBIOS - ok 21:51:27.0677 5240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:51:27.0719 5240 NetBT - ok 21:51:27.0727 5240 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 21:51:27.0739 5240 Netlogon - ok 21:51:27.0780 5240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:51:27.0828 5240 Netman - ok 21:51:27.0842 5240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:51:27.0909 5240 netprofm - ok 21:51:27.0947 5240 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:51:27.0958 5240 NetTcpPortSharing - ok 21:51:27.0993 5240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:51:28.0008 5240 nfrd960 - ok 21:51:28.0031 5240 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:51:28.0071 5240 NlaSvc - ok 21:51:28.0120 5240 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys 21:51:28.0198 5240 nmwcd - ok 21:51:28.0223 5240 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys 21:51:28.0248 5240 nmwcdc - ok 21:51:28.0270 5240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:51:28.0311 5240 Npfs - ok 21:51:28.0335 5240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:51:28.0414 5240 nsi - ok 21:51:28.0450 5240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:51:28.0544 5240 nsiproxy - ok 21:51:28.0617 5240 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:51:28.0695 5240 Ntfs - ok 21:51:28.0707 5240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:51:28.0777 5240 Null - ok 21:51:28.0821 5240 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:51:28.0838 5240 nvraid - ok 21:51:28.0844 5240 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:51:28.0861 5240 nvstor - ok 21:51:28.0922 5240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:51:28.0945 5240 nv_agp - ok 21:51:28.0952 5240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:51:28.0986 5240 ohci1394 - ok 21:51:29.0032 5240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:51:29.0107 5240 p2pimsvc - ok 21:51:29.0126 5240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:51:29.0151 5240 p2psvc - ok 21:51:29.0260 5240 [ F9AAE0A3C086DB9E83F38BDA4C7C61E2 ] PACSPTISVR-Sound_Organizer C:\Program Files (x86)\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe 21:51:29.0284 5240 PACSPTISVR-Sound_Organizer - ok 21:51:29.0314 5240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 21:51:29.0330 5240 Parport - ok 21:51:29.0361 5240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:51:29.0375 5240 partmgr - ok 21:51:29.0400 5240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:51:29.0447 5240 PcaSvc - ok 21:51:29.0491 5240 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 21:51:29.0549 5240 pccsmcfd - ok 21:51:29.0571 5240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:51:29.0592 5240 pci - ok 21:51:29.0613 5240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:51:29.0629 5240 pciide - ok 21:51:29.0652 5240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:51:29.0670 5240 pcmcia - ok 21:51:29.0682 5240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:51:29.0695 5240 pcw - ok 21:51:29.0719 5240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:51:29.0771 5240 PEAUTH - ok 21:51:29.0864 5240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:51:29.0917 5240 PerfHost - ok 21:51:30.0006 5240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:51:30.0141 5240 pla - ok 21:51:30.0210 5240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:51:30.0297 5240 PlugPlay - ok 21:51:30.0312 5240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:51:30.0349 5240 PNRPAutoReg - ok 21:51:30.0376 5240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:51:30.0399 5240 PNRPsvc - ok 21:51:30.0448 5240 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys 21:51:30.0459 5240 Point64 - ok 21:51:30.0505 5240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:51:30.0599 5240 PolicyAgent - ok 21:51:30.0632 5240 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll 21:51:30.0704 5240 Power - ok 21:51:30.0751 5240 [ BAC02775CF629E5FE80BEA952F4448EF ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 21:51:30.0764 5240 Power Manager DBC Service - ok 21:51:30.0802 5240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:51:30.0879 5240 PptpMiniport - ok 21:51:30.0905 5240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 21:51:30.0954 5240 Processor - ok 21:51:31.0001 5240 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:51:31.0084 5240 ProfSvc - ok 21:51:31.0094 5240 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:51:31.0110 5240 ProtectedStorage - ok 21:51:31.0146 5240 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 21:51:31.0169 5240 psadd - ok 21:51:31.0193 5240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:51:31.0242 5240 Psched - ok 21:51:31.0283 5240 [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 21:51:31.0297 5240 PxHlpa64 - ok 21:51:31.0365 5240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:51:31.0456 5240 ql2300 - ok 21:51:31.0498 5240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:51:31.0513 5240 ql40xx - ok 21:51:31.0545 5240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:51:31.0570 5240 QWAVE - ok 21:51:31.0583 5240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:51:31.0632 5240 QWAVEdrv - ok 21:51:31.0660 5240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:51:31.0725 5240 RasAcd - ok 21:51:31.0759 5240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:51:31.0822 5240 RasAgileVpn - ok 21:51:31.0854 5240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:51:31.0924 5240 RasAuto - ok 21:51:31.0959 5240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:51:32.0035 5240 Rasl2tp - ok 21:51:32.0078 5240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:51:32.0132 5240 RasMan - ok 21:51:32.0151 5240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:51:32.0231 5240 RasPppoe - ok 21:51:32.0265 5240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:51:32.0335 5240 RasSstp - ok 21:51:32.0367 5240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:51:32.0455 5240 rdbss - ok 21:51:32.0496 5240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 21:51:32.0557 5240 rdpbus - ok 21:51:32.0577 5240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:51:32.0645 5240 RDPCDD - ok 21:51:32.0688 5240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:51:32.0759 5240 RDPENCDD - ok 21:51:32.0781 5240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:51:32.0819 5240 RDPREFMP - ok 21:51:32.0857 5240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:51:32.0925 5240 RDPWD - ok 21:51:32.0949 5240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:51:32.0977 5240 rdyboost - ok 21:51:33.0010 5240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:51:33.0081 5240 RemoteAccess - ok 21:51:33.0121 5240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:51:33.0201 5240 RemoteRegistry - ok 21:51:33.0253 5240 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:51:33.0311 5240 RFCOMM - ok 21:51:33.0338 5240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:51:33.0431 5240 RpcEptMapper - ok 21:51:33.0457 5240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:51:33.0496 5240 RpcLocator - ok 21:51:33.0536 5240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:51:33.0588 5240 RpcSs - ok 21:51:33.0615 5240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:51:33.0656 5240 rspndr - ok 21:51:33.0687 5240 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 21:51:33.0703 5240 RSUSBSTOR - ok 21:51:33.0750 5240 [ 24452CCCC3808B5AB0341A384BB72200 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 21:51:33.0768 5240 RtkAudioService - ok 21:51:33.0795 5240 [ 5B04929EF24F87E239B880FAAE410E3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:51:33.0820 5240 RTL8167 - ok 21:51:33.0863 5240 [ 7C44C9A974DE5508910BFDE4ABC2E16C ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys 21:51:33.0944 5240 RTL8192Ce - ok 21:51:33.0955 5240 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 21:51:33.0969 5240 SamSs - ok 21:51:33.0989 5240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:51:34.0004 5240 sbp2port - ok 21:51:34.0035 5240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:51:34.0108 5240 SCardSvr - ok 21:51:34.0133 5240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:51:34.0226 5240 scfilter - ok 21:51:34.0281 5240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:51:34.0360 5240 Schedule - ok 21:51:34.0379 5240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:51:34.0417 5240 SCPolicySvc - ok 21:51:34.0433 5240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:51:34.0501 5240 SDRSVC - ok 21:51:34.0543 5240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:51:34.0614 5240 secdrv - ok 21:51:34.0650 5240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:51:34.0718 5240 seclogon - ok 21:51:34.0741 5240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 21:51:34.0811 5240 SENS - ok 21:51:34.0856 5240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:51:34.0925 5240 SensrSvc - ok 21:51:34.0948 5240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys 21:51:34.0987 5240 Serenum - ok 21:51:35.0031 5240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 21:51:35.0075 5240 Serial - ok 21:51:35.0124 5240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:51:35.0163 5240 sermouse - ok 21:51:35.0257 5240 [ E90CE237E99C5D26CB3872318A7799D0 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 21:51:35.0304 5240 ServiceLayer - ok 21:51:35.0340 5240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:51:35.0407 5240 SessionEnv - ok 21:51:35.0442 5240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:51:35.0460 5240 sffdisk - ok 21:51:35.0464 5240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:51:35.0520 5240 sffp_mmc - ok 21:51:35.0550 5240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:51:35.0594 5240 sffp_sd - ok 21:51:35.0639 5240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:51:35.0677 5240 sfloppy - ok 21:51:35.0736 5240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:51:35.0816 5240 SharedAccess - ok 21:51:35.0862 5240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:51:35.0929 5240 ShellHWDetection - ok 21:51:35.0955 5240 [ 380B52126E62C6C2D3C8BA805AADFDC7 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 21:51:35.0967 5240 Shockprf - ok 21:51:36.0008 5240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:51:36.0022 5240 SiSRaid2 - ok 21:51:36.0041 5240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:51:36.0055 5240 SiSRaid4 - ok 21:51:36.0078 5240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:51:36.0147 5240 Smb - ok 21:51:36.0197 5240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:51:36.0226 5240 SNMPTRAP - ok 21:51:36.0238 5240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:51:36.0256 5240 spldr - ok 21:51:36.0304 5240 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:51:36.0398 5240 Spooler - ok 21:51:36.0498 5240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:51:36.0650 5240 sppsvc - ok 21:51:36.0699 5240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:51:36.0761 5240 sppuinotify - ok 21:51:36.0797 5240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:51:36.0842 5240 srv - ok 21:51:36.0872 5240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:51:36.0928 5240 srv2 - ok 21:51:36.0957 5240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:51:36.0974 5240 srvnet - ok 21:51:37.0011 5240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:51:37.0062 5240 SSDPSRV - ok 21:51:37.0087 5240 SSPORT - ok 21:51:37.0105 5240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:51:37.0149 5240 SstpSvc - ok 21:51:37.0190 5240 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys 21:51:37.0204 5240 ss_bus - ok 21:51:37.0228 5240 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys 21:51:37.0239 5240 ss_mdfl - ok 21:51:37.0258 5240 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys 21:51:37.0273 5240 ss_mdm - ok 21:51:37.0311 5240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:51:37.0324 5240 stexstor - ok 21:51:37.0358 5240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:51:37.0405 5240 stisvc - ok 21:51:37.0475 5240 [ 7F7958C5B40F9441D1E8D704310D46FF ] SUService c:\Program Files (x86)\Lenovo\System Update\SUService.exe 21:51:37.0506 5240 SUService ( UnsignedFile.Multi.Generic ) - warning 21:51:37.0506 5240 SUService - detected UnsignedFile.Multi.Generic (1) 21:51:37.0544 5240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:51:37.0565 5240 swenum - ok 21:51:37.0597 5240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:51:37.0670 5240 swprv - ok 21:51:37.0744 5240 [ 06D602A637E171E151853F1D8ECD34F1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 21:51:37.0810 5240 SynTP - ok 21:51:37.0862 5240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:51:37.0974 5240 SysMain - ok 21:51:38.0004 5240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:51:38.0027 5240 TabletInputService - ok 21:51:38.0046 5240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:51:38.0094 5240 TapiSrv - ok 21:51:38.0103 5240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:51:38.0144 5240 TBS - ok 21:51:38.0219 5240 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:51:38.0311 5240 Tcpip - ok 21:51:38.0360 5240 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:51:38.0426 5240 TCPIP6 - ok 21:51:38.0466 5240 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:51:38.0492 5240 tcpipreg - ok 21:51:38.0531 5240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:51:38.0590 5240 TDPIPE - ok 21:51:38.0651 5240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:51:38.0678 5240 TDTCP - ok 21:51:38.0694 5240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:51:38.0743 5240 tdx - ok 21:51:38.0836 5240 [ 01A402D34732CA3DA91786ADCC765069 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe 21:51:38.0934 5240 TeamViewer6 - ok 21:51:38.0943 5240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:51:38.0956 5240 TermDD - ok 21:51:38.0988 5240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:51:39.0079 5240 TermService - ok 21:51:39.0146 5240 [ 42A267904416DBEB1DA0295D9042BF0D ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe 21:51:39.0172 5240 TGCM_ImportWiFiSvc - ok 21:51:39.0197 5240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:51:39.0255 5240 Themes - ok 21:51:39.0295 5240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:51:39.0350 5240 THREADORDER - ok 21:51:39.0363 5240 [ 5523C729F1ED31B63C88490AF3D220FA ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys 21:51:39.0375 5240 TPDIGIMN - ok 21:51:39.0402 5240 [ ECB098A3404ACB8A05F0673DC086BB43 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe 21:51:39.0415 5240 TPHDEXLGSVC - ok 21:51:39.0461 5240 [ 2CF225E19490F499528B926263FE4554 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 21:51:39.0479 5240 TPHKSVC - ok 21:51:39.0505 5240 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys 21:51:39.0545 5240 TPM - ok 21:51:39.0593 5240 [ 2C067E01D6BBCCC88B233B868E210907 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys 21:51:39.0614 5240 TPPWRIF - ok 21:51:39.0638 5240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:51:39.0714 5240 TrkWks - ok 21:51:39.0758 5240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:51:39.0826 5240 TrustedInstaller - ok 21:51:39.0846 5240 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:51:39.0931 5240 tssecsrv - ok 21:51:39.0967 5240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:51:40.0007 5240 TsUsbFlt - ok 21:51:40.0023 5240 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:51:40.0043 5240 TsUsbGD - ok 21:51:40.0086 5240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:51:40.0171 5240 tunnel - ok 21:51:40.0199 5240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:51:40.0212 5240 uagp35 - ok 21:51:40.0239 5240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:51:40.0304 5240 udfs - ok 21:51:40.0340 5240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:51:40.0376 5240 UI0Detect - ok 21:51:40.0448 5240 [ 4AD47E4A6AEBB8D2D54414BCDAC0AA38 ] ui11drdr C:\Windows\system32\DRIVERS\ui11drdr.sys 21:51:40.0481 5240 ui11drdr - ok 21:51:40.0539 5240 [ FDB805B2749DACE784BD05125979B478 ] uigxrdr C:\Windows\system32\DRIVERS\uigxrdr.sys 21:51:40.0559 5240 uigxrdr - ok 21:51:40.0642 5240 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 21:51:40.0669 5240 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning 21:51:40.0669 5240 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1) 21:51:40.0715 5240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:51:40.0736 5240 uliagpkx - ok 21:51:40.0752 5240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:51:40.0792 5240 umbus - ok 21:51:40.0817 5240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 21:51:40.0862 5240 UmPass - ok 21:51:40.0998 5240 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 21:51:41.0096 5240 UNS - ok 21:51:41.0135 5240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:51:41.0212 5240 upnphost - ok 21:51:41.0257 5240 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 21:51:41.0326 5240 upperdev - ok 21:51:41.0366 5240 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:51:41.0440 5240 usbccgp - ok 21:51:41.0456 5240 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:51:41.0481 5240 usbcir - ok 21:51:41.0501 5240 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:51:41.0552 5240 usbehci - ok 21:51:41.0595 5240 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:51:41.0637 5240 usbhub - ok 21:51:41.0680 5240 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:51:41.0718 5240 usbohci - ok 21:51:41.0762 5240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:51:41.0823 5240 usbprint - ok 21:51:41.0862 5240 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:51:41.0895 5240 usbscan - ok 21:51:41.0913 5240 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys 21:51:41.0927 5240 usbser - ok 21:51:41.0946 5240 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:51:42.0011 5240 USBSTOR - ok 21:51:42.0033 5240 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:51:42.0072 5240 usbuhci - ok 21:51:42.0127 5240 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:51:42.0156 5240 usbvideo - ok 21:51:42.0179 5240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:51:42.0243 5240 UxSms - ok 21:51:42.0265 5240 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 21:51:42.0277 5240 VaultSvc - ok 21:51:42.0305 5240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:51:42.0318 5240 vdrvroot - ok 21:51:42.0337 5240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:51:42.0430 5240 vds - ok 21:51:42.0457 5240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:51:42.0475 5240 vga - ok 21:51:42.0490 5240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:51:42.0577 5240 VgaSave - ok 21:51:42.0606 5240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:51:42.0637 5240 vhdmp - ok 21:51:42.0654 5240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:51:42.0669 5240 viaide - ok 21:51:42.0686 5240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:51:42.0699 5240 volmgr - ok 21:51:42.0713 5240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:51:42.0732 5240 volmgrx - ok 21:51:42.0754 5240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:51:42.0773 5240 volsnap - ok 21:51:42.0784 5240 vpnva - ok 21:51:42.0807 5240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:51:42.0823 5240 vsmraid - ok 21:51:42.0878 5240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:51:42.0985 5240 VSS - ok 21:51:43.0026 5240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:51:43.0075 5240 vwifibus - ok 21:51:43.0106 5240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:51:43.0166 5240 vwififlt - ok 21:51:43.0195 5240 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 21:51:43.0245 5240 vwifimp - ok 21:51:43.0289 5240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:51:43.0350 5240 W32Time - ok 21:51:43.0379 5240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:51:43.0413 5240 WacomPen - ok 21:51:43.0450 5240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:51:43.0511 5240 WANARP - ok 21:51:43.0515 5240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:51:43.0553 5240 Wanarpv6 - ok 21:51:43.0588 5240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:51:43.0656 5240 wbengine - ok 21:51:43.0677 5240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:51:43.0703 5240 WbioSrvc - ok 21:51:43.0712 5240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:51:43.0757 5240 wcncsvc - ok 21:51:43.0784 5240 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:51:43.0837 5240 WcsPlugInService - ok 21:51:43.0863 5240 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 21:51:43.0877 5240 Wd - ok 21:51:43.0936 5240 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:51:43.0994 5240 Wdf01000 - ok 21:51:44.0013 5240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:51:44.0135 5240 WdiServiceHost - ok 21:51:44.0140 5240 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:51:44.0162 5240 WdiSystemHost - ok 21:51:44.0186 5240 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 21:51:44.0226 5240 WebClient - ok 21:51:44.0233 5240 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:51:44.0291 5240 Wecsvc - ok 21:51:44.0316 5240 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:51:44.0384 5240 wercplsupport - ok 21:51:44.0417 5240 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:51:44.0460 5240 WerSvc - ok 21:51:44.0481 5240 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:51:44.0521 5240 WfpLwf - ok 21:51:44.0534 5240 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:51:44.0545 5240 WIMMount - ok 21:51:44.0572 5240 WinDefend - ok 21:51:44.0577 5240 WinHttpAutoProxySvc - ok 21:51:44.0632 5240 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:51:44.0690 5240 Winmgmt - ok 21:51:44.0776 5240 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:51:44.0890 5240 WinRM - ok 21:51:44.0935 5240 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:51:44.0991 5240 WinUsb - ok 21:51:45.0035 5240 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:51:45.0112 5240 Wlansvc - ok 21:51:45.0160 5240 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:51:45.0180 5240 wlcrasvc - ok 21:51:45.0298 5240 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:51:45.0404 5240 wlidsvc - ok 21:51:45.0426 5240 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:51:45.0466 5240 WmiAcpi - ok 21:51:45.0517 5240 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:51:45.0572 5240 wmiApSrv - ok 21:51:45.0621 5240 WMPNetworkSvc - ok 21:51:45.0650 5240 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:51:45.0688 5240 WPCSvc - ok 21:51:45.0700 5240 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:51:45.0720 5240 WPDBusEnum - ok 21:51:45.0750 5240 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:51:45.0797 5240 ws2ifsl - ok 21:51:45.0814 5240 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 21:51:45.0861 5240 wscsvc - ok 21:51:45.0865 5240 WSearch - ok 21:51:45.0963 5240 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:51:46.0089 5240 wuauserv - ok 21:51:46.0131 5240 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:51:46.0173 5240 WudfPf - ok 21:51:46.0211 5240 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:51:46.0248 5240 WUDFRd - ok 21:51:46.0277 5240 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:51:46.0293 5240 wudfsvc - ok 21:51:46.0312 5240 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 21:51:46.0366 5240 WwanSvc - ok 21:51:46.0437 5240 ================ Scan global =============================== 21:51:46.0461 5240 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:51:46.0511 5240 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 21:51:46.0525 5240 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 21:51:46.0549 5240 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:51:46.0576 5240 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:51:46.0582 5240 [Global] - ok 21:51:46.0583 5240 ================ Scan MBR ================================== 21:51:46.0592 5240 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 21:51:47.0048 5240 \Device\Harddisk0\DR0 - ok 21:51:47.0057 5240 [ 4A1D07BE4D842114083B748678A24ECB ] \Device\Harddisk1\DR1 21:51:47.0413 5240 \Device\Harddisk1\DR1 - ok 21:51:47.0414 5240 ================ Scan VBR ================================== 21:51:47.0419 5240 [ CE7FD86531D8EF0FA8B5D389AC85D060 ] \Device\Harddisk0\DR0\Partition1 21:51:47.0423 5240 \Device\Harddisk0\DR0\Partition1 - ok 21:51:47.0464 5240 [ A23683951A6CD649EA8F3D2766253889 ] \Device\Harddisk0\DR0\Partition2 21:51:47.0467 5240 \Device\Harddisk0\DR0\Partition2 - ok 21:51:47.0501 5240 [ 84312315140665B42B0AA8E3B264B3F1 ] \Device\Harddisk0\DR0\Partition3 21:51:47.0505 5240 \Device\Harddisk0\DR0\Partition3 - ok 21:51:47.0512 5240 [ 3448AACC324CAF8B179522411149A8C7 ] \Device\Harddisk1\DR1\Partition1 21:51:47.0515 5240 \Device\Harddisk1\DR1\Partition1 - ok 21:51:47.0516 5240 ============================================================ 21:51:47.0516 5240 Scan finished 21:51:47.0516 5240 ============================================================ 21:51:47.0535 4256 Detected object count: 5 21:51:47.0536 4256 Actual detected object count: 5 21:52:45.0936 4256 AVerRemote ( UnsignedFile.Multi.Generic ) - skipped by user 21:52:45.0936 4256 AVerRemote ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:52:45.0938 4256 AVerScheduleService ( UnsignedFile.Multi.Generic ) - skipped by user 21:52:45.0938 4256 AVerScheduleService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:52:45.0941 4256 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:52:45.0941 4256 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:52:45.0944 4256 SUService ( UnsignedFile.Multi.Generic ) - skipped by user 21:52:45.0944 4256 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:52:45.0946 4256 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user 21:52:45.0946 4256 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
| Themen zu Trojaner tracking999/findgala |
| firefox, funktionier, funktioniert, funktioniert nicht, gmer, hinweis, konnte, laptop, scans, schritt, start, tracking, troja, trojaner, weile |
Linear-Darstellung
