| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7 Taskleiste friert ein nach StartWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
08.03.2013, 14:12
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows 7 Taskleiste friert ein nach Start Die Logs bitte in CODE-Tags - und ja, alle Tools sollst du ausführen  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.03.2013, 16:30
| #2 |
 | Windows 7 Taskleiste friert ein nach Start Alright. Hier der Log von TDSS. Laut Programm wurde auch nichts gefunden.
__________________Code:
ATTFilter 16:11:50.0213 3984 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:11:50.0977 3984 ============================================================
16:11:50.0977 3984 Current date / time: 2013/03/08 16:11:50.0977
16:11:50.0977 3984 SystemInfo:
16:11:50.0977 3984
16:11:50.0977 3984 OS Version: 6.1.7601 ServicePack: 1.0
16:11:50.0977 3984 Product type: Workstation
16:11:50.0977 3984 ComputerName: KARL-PC
16:11:50.0977 3984 UserName: Karl
16:11:50.0977 3984 Windows directory: C:\Windows
16:11:50.0977 3984 System windows directory: C:\Windows
16:11:50.0977 3984 Running under WOW64
16:11:50.0977 3984 Processor architecture: Intel x64
16:11:50.0977 3984 Number of processors: 4
16:11:50.0977 3984 Page size: 0x1000
16:11:50.0977 3984 Boot type: Normal boot
16:11:50.0977 3984 ============================================================
16:11:51.0164 3984 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:11:51.0180 3984 ============================================================
16:11:51.0180 3984 \Device\Harddisk0\DR0:
16:11:51.0180 3984 MBR partitions:
16:11:51.0180 3984 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x224800
16:11:51.0180 3984 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x225000, BlocksNum 0x1C2DB000
16:11:51.0180 3984 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1C500000, BlocksNum 0x17F3000
16:11:51.0180 3984 ============================================================
16:11:51.0180 3984 C: <-> \Device\Harddisk0\DR0\Partition2
16:11:51.0180 3984 Q: <-> \Device\Harddisk0\DR0\Partition3
16:11:51.0180 3984 ============================================================
16:11:51.0180 3984 Initialize success
16:11:51.0180 3984 ============================================================
16:11:53.0426 4352 ============================================================
16:11:53.0426 4352 Scan started
16:11:53.0426 4352 Mode: Manual;
16:11:53.0426 4352 ============================================================
16:11:53.0551 4352 ================ Scan system memory ========================
16:11:53.0551 4352 System memory - ok
16:11:53.0551 4352 ================ Scan services =============================
16:11:53.0582 4352 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:11:53.0582 4352 1394ohci - ok
16:11:53.0582 4352 [ 1F305C858E7B5E537C9B783D46243A7A ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
16:11:53.0582 4352 5U877 - ok
16:11:53.0582 4352 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:11:53.0598 4352 ACPI - ok
16:11:53.0598 4352 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:11:53.0598 4352 AcpiPmi - ok
16:11:53.0598 4352 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:11:53.0598 4352 AdobeARMservice - ok
16:11:53.0614 4352 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:11:53.0614 4352 AdobeFlashPlayerUpdateSvc - ok
16:11:53.0614 4352 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:11:53.0629 4352 adp94xx - ok
16:11:53.0629 4352 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:11:53.0629 4352 adpahci - ok
16:11:53.0629 4352 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:11:53.0629 4352 adpu320 - ok
16:11:53.0645 4352 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:11:53.0645 4352 AeLookupSvc - ok
16:11:53.0645 4352 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:11:53.0645 4352 AFD - ok
16:11:53.0660 4352 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:11:53.0660 4352 agp440 - ok
16:11:53.0660 4352 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:11:53.0660 4352 ALG - ok
16:11:53.0660 4352 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:11:53.0660 4352 aliide - ok
16:11:53.0676 4352 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:11:53.0676 4352 amdide - ok
16:11:53.0676 4352 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:11:53.0676 4352 AmdK8 - ok
16:11:53.0676 4352 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:11:53.0676 4352 AmdPPM - ok
16:11:53.0692 4352 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:11:53.0692 4352 amdsata - ok
16:11:53.0692 4352 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:11:53.0692 4352 amdsbs - ok
16:11:53.0692 4352 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:11:53.0692 4352 amdxata - ok
16:11:53.0707 4352 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:11:53.0707 4352 AntiVirSchedulerService - ok
16:11:53.0707 4352 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:11:53.0707 4352 AntiVirService - ok
16:11:53.0707 4352 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:11:53.0707 4352 AppID - ok
16:11:53.0723 4352 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:11:53.0723 4352 AppIDSvc - ok
16:11:53.0723 4352 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:11:53.0723 4352 Appinfo - ok
16:11:53.0723 4352 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:11:53.0723 4352 AppMgmt - ok
16:11:53.0723 4352 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:11:53.0723 4352 arc - ok
16:11:53.0738 4352 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:11:53.0738 4352 arcsas - ok
16:11:53.0738 4352 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:11:53.0738 4352 AsyncMac - ok
16:11:53.0738 4352 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:11:53.0738 4352 atapi - ok
16:11:53.0754 4352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:11:53.0754 4352 AudioEndpointBuilder - ok
16:11:53.0770 4352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:11:53.0770 4352 AudioSrv - ok
16:11:53.0770 4352 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:11:53.0770 4352 avgntflt - ok
16:11:53.0770 4352 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:11:53.0785 4352 avipbb - ok
16:11:53.0785 4352 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:11:53.0785 4352 avkmgr - ok
16:11:53.0785 4352 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:11:53.0785 4352 AxInstSV - ok
16:11:53.0801 4352 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:11:53.0801 4352 b06bdrv - ok
16:11:53.0801 4352 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:11:53.0801 4352 b57nd60a - ok
16:11:53.0816 4352 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
16:11:53.0816 4352 bcbtums - ok
16:11:53.0816 4352 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:11:53.0816 4352 BDESVC - ok
16:11:53.0816 4352 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:11:53.0816 4352 Beep - ok
16:11:53.0832 4352 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:11:53.0832 4352 BFE - ok
16:11:53.0848 4352 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:11:53.0848 4352 BITS - ok
16:11:53.0848 4352 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:11:53.0848 4352 blbdrive - ok
16:11:53.0848 4352 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:11:53.0863 4352 bowser - ok
16:11:53.0863 4352 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:11:53.0863 4352 BrFiltLo - ok
16:11:53.0863 4352 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:11:53.0863 4352 BrFiltUp - ok
16:11:53.0863 4352 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:11:53.0863 4352 Browser - ok
16:11:53.0879 4352 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:11:53.0879 4352 Brserid - ok
16:11:53.0879 4352 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:11:53.0879 4352 BrSerWdm - ok
16:11:53.0879 4352 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:11:53.0879 4352 BrUsbMdm - ok
16:11:53.0894 4352 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:11:53.0894 4352 BrUsbSer - ok
16:11:53.0894 4352 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:11:53.0894 4352 BthEnum - ok
16:11:53.0894 4352 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:11:53.0894 4352 BTHMODEM - ok
16:11:53.0910 4352 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:11:53.0910 4352 BthPan - ok
16:11:53.0910 4352 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:11:53.0910 4352 BTHPORT - ok
16:11:53.0926 4352 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:11:53.0926 4352 bthserv - ok
16:11:53.0926 4352 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:11:53.0926 4352 BTHUSB - ok
16:11:53.0926 4352 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
16:11:53.0941 4352 btwampfl - ok
16:11:53.0941 4352 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:11:53.0941 4352 btwaudio - ok
16:11:53.0941 4352 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:11:53.0941 4352 btwavdt - ok
16:11:53.0957 4352 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
16:11:53.0972 4352 btwdins - ok
16:11:53.0972 4352 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:11:53.0972 4352 btwl2cap - ok
16:11:53.0988 4352 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:11:53.0988 4352 btwrchid - ok
16:11:53.0988 4352 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:11:53.0988 4352 cdfs - ok
16:11:53.0988 4352 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:11:53.0988 4352 cdrom - ok
16:11:53.0988 4352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:11:54.0004 4352 CertPropSvc - ok
16:11:54.0004 4352 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:11:54.0004 4352 circlass - ok
16:11:54.0004 4352 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:11:54.0004 4352 CLFS - ok
16:11:54.0019 4352 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:11:54.0019 4352 clr_optimization_v2.0.50727_32 - ok
16:11:54.0019 4352 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:11:54.0035 4352 clr_optimization_v2.0.50727_64 - ok
16:11:54.0035 4352 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:11:54.0035 4352 clr_optimization_v4.0.30319_32 - ok
16:11:54.0035 4352 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:11:54.0035 4352 clr_optimization_v4.0.30319_64 - ok
16:11:54.0050 4352 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:11:54.0050 4352 CmBatt - ok
16:11:54.0050 4352 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:11:54.0050 4352 cmdide - ok
16:11:54.0050 4352 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:11:54.0066 4352 CNG - ok
16:11:54.0066 4352 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:11:54.0066 4352 Compbatt - ok
16:11:54.0066 4352 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:11:54.0066 4352 CompositeBus - ok
16:11:54.0066 4352 COMSysApp - ok
16:11:54.0082 4352 [ EB726E02074FDC44EBE97E01A2660AA6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:11:54.0082 4352 cphs - ok
16:11:54.0082 4352 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:11:54.0097 4352 crcdisk - ok
16:11:54.0097 4352 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:11:54.0097 4352 CryptSvc - ok
16:11:54.0113 4352 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:11:54.0113 4352 CSC - ok
16:11:54.0113 4352 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:11:54.0113 4352 CscService - ok
16:11:54.0128 4352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:11:54.0128 4352 DcomLaunch - ok
16:11:54.0144 4352 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:11:54.0144 4352 defragsvc - ok
16:11:54.0144 4352 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:11:54.0144 4352 DfsC - ok
16:11:54.0144 4352 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:11:54.0160 4352 Dhcp - ok
16:11:54.0160 4352 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:11:54.0160 4352 discache - ok
16:11:54.0160 4352 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:11:54.0160 4352 Disk - ok
16:11:54.0160 4352 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:11:54.0160 4352 dmvsc - ok
16:11:54.0175 4352 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:11:54.0175 4352 Dnscache - ok
16:11:54.0175 4352 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:11:54.0175 4352 dot3svc - ok
16:11:54.0191 4352 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
16:11:54.0191 4352 DozeSvc - ok
16:11:54.0191 4352 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:11:54.0191 4352 DPS - ok
16:11:54.0191 4352 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:11:54.0191 4352 drmkaud - ok
16:11:54.0206 4352 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:11:54.0206 4352 DXGKrnl - ok
16:11:54.0206 4352 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
16:11:54.0206 4352 DzHDD64 - ok
16:11:54.0222 4352 [ 03F4C5C12FC1C69F838DA723475EF650 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:11:54.0222 4352 e1cexpress - ok
16:11:54.0222 4352 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:11:54.0222 4352 EapHost - ok
16:11:54.0253 4352 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:11:54.0269 4352 ebdrv - ok
16:11:54.0269 4352 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:11:54.0284 4352 EFS - ok
16:11:54.0284 4352 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:11:54.0300 4352 ehRecvr - ok
16:11:54.0300 4352 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:11:54.0300 4352 ehSched - ok
16:11:54.0316 4352 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:11:54.0316 4352 elxstor - ok
16:11:54.0316 4352 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:11:54.0316 4352 ErrDev - ok
16:11:54.0331 4352 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:11:54.0331 4352 EventSystem - ok
16:11:54.0347 4352 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:11:54.0347 4352 EvtEng - ok
16:11:54.0347 4352 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:11:54.0347 4352 exfat - ok
16:11:54.0347 4352 [ EB3A7D5663ACAC417DF986D4AEE12170 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
16:11:54.0347 4352 Fastboot - ok
16:11:54.0362 4352 [ 63511240AF70D10343A4AE05F8E2CA12 ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
16:11:54.0362 4352 FastbootService - ok
16:11:54.0362 4352 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:11:54.0362 4352 fastfat - ok
16:11:54.0378 4352 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:11:54.0378 4352 Fax - ok
16:11:54.0378 4352 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:11:54.0378 4352 fdc - ok
16:11:54.0394 4352 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:11:54.0394 4352 fdPHost - ok
16:11:54.0394 4352 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:11:54.0394 4352 FDResPub - ok
16:11:54.0394 4352 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:11:54.0394 4352 FileInfo - ok
16:11:54.0394 4352 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:11:54.0394 4352 Filetrace - ok
16:11:54.0409 4352 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:11:54.0409 4352 flpydisk - ok
16:11:54.0409 4352 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:11:54.0409 4352 FltMgr - ok
16:11:54.0425 4352 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
16:11:54.0425 4352 FontCache - ok
16:11:54.0425 4352 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:11:54.0440 4352 FontCache3.0.0.0 - ok
16:11:54.0440 4352 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:11:54.0440 4352 FsDepends - ok
16:11:54.0440 4352 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:11:54.0440 4352 Fs_Rec - ok
16:11:54.0440 4352 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:11:54.0456 4352 fvevol - ok
16:11:54.0456 4352 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:11:54.0456 4352 gagp30kx - ok
16:11:54.0456 4352 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:11:54.0472 4352 gpsvc - ok
16:11:54.0472 4352 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:11:54.0472 4352 gupdate - ok
16:11:54.0472 4352 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:11:54.0472 4352 gupdatem - ok
16:11:54.0487 4352 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:11:54.0487 4352 gusvc - ok
16:11:54.0487 4352 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:11:54.0487 4352 hcw85cir - ok
16:11:54.0487 4352 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:11:54.0487 4352 HdAudAddService - ok
16:11:54.0503 4352 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:11:54.0503 4352 HDAudBus - ok
16:11:54.0503 4352 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:11:54.0503 4352 HidBatt - ok
16:11:54.0503 4352 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:11:54.0503 4352 HidBth - ok
16:11:54.0518 4352 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:11:54.0518 4352 HidIr - ok
16:11:54.0518 4352 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:11:54.0518 4352 hidserv - ok
16:11:54.0518 4352 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:11:54.0518 4352 HidUsb - ok
16:11:54.0534 4352 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:11:54.0534 4352 hkmsvc - ok
16:11:54.0534 4352 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:11:54.0534 4352 HomeGroupListener - ok
16:11:54.0534 4352 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:11:54.0534 4352 HomeGroupProvider - ok
16:11:54.0550 4352 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:11:54.0550 4352 HpSAMD - ok
16:11:54.0550 4352 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:11:54.0565 4352 HTTP - ok
16:11:54.0565 4352 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:11:54.0565 4352 hwpolicy - ok
16:11:54.0565 4352 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
16:11:54.0581 4352 HyperW7Svc - ok
16:11:54.0581 4352 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:11:54.0581 4352 i8042prt - ok
16:11:54.0581 4352 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
16:11:54.0596 4352 iaStor - ok
16:11:54.0596 4352 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:11:54.0596 4352 iaStorV - ok
16:11:54.0596 4352 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
16:11:54.0596 4352 IBMPMDRV - ok
16:11:54.0612 4352 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
16:11:54.0612 4352 IBMPMSVC - ok
16:11:54.0612 4352 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:11:54.0643 4352 idsvc - ok
16:11:54.0690 4352 [ B9857625DF8B539ABCB90E15B5716568 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:11:54.0752 4352 igfx - ok
16:11:54.0752 4352 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:11:54.0752 4352 iirsp - ok
16:11:54.0768 4352 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:11:54.0768 4352 IKEEXT - ok
16:11:54.0784 4352 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:11:54.0784 4352 intaud_WaveExtensible - ok
16:11:54.0815 4352 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:11:54.0830 4352 IntcAzAudAddService - ok
16:11:54.0830 4352 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:11:54.0846 4352 Intel(R) Capability Licensing Service Interface - ok
16:11:54.0846 4352 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:11:54.0846 4352 intelide - ok
16:11:54.0846 4352 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:11:54.0846 4352 intelppm - ok
16:11:54.0846 4352 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:11:54.0846 4352 IPBusEnum - ok
16:11:54.0862 4352 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:11:54.0862 4352 IpFilterDriver - ok
16:11:54.0862 4352 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:11:54.0862 4352 iphlpsvc - ok
16:11:54.0877 4352 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:11:54.0877 4352 IPMIDRV - ok
16:11:54.0877 4352 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:11:54.0877 4352 IPNAT - ok
16:11:54.0877 4352 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:11:54.0877 4352 IRENUM - ok
16:11:54.0893 4352 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:11:54.0893 4352 isapnp - ok
16:11:54.0893 4352 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:11:54.0893 4352 iScsiPrt - ok
16:11:54.0893 4352 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:11:54.0893 4352 iusb3hcs - ok
16:11:54.0908 4352 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
16:11:54.0908 4352 iusb3hub - ok
16:11:54.0908 4352 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:11:54.0924 4352 iusb3xhc - ok
16:11:54.0924 4352 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
16:11:54.0924 4352 iwdbus - ok
16:11:54.0924 4352 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:11:54.0924 4352 jhi_service - ok
16:11:54.0940 4352 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:11:54.0940 4352 kbdclass - ok
16:11:54.0940 4352 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:11:54.0940 4352 kbdhid - ok
16:11:54.0940 4352 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:11:54.0940 4352 KeyIso - ok
16:11:54.0955 4352 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:11:54.0955 4352 KSecDD - ok
16:11:54.0955 4352 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:11:54.0955 4352 KSecPkg - ok
16:11:54.0955 4352 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:11:54.0955 4352 ksthunk - ok
16:11:54.0971 4352 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:11:54.0971 4352 KtmRm - ok
16:11:54.0971 4352 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:11:54.0971 4352 LanmanServer - ok
16:11:54.0986 4352 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:11:54.0986 4352 LanmanWorkstation - ok
16:11:54.0986 4352 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
16:11:54.0986 4352 LENOVO.CAMMUTE - ok
16:11:54.0986 4352 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
16:11:54.0986 4352 LENOVO.MICMUTE - ok
16:11:55.0002 4352 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
16:11:55.0002 4352 LENOVO.TPKNRSVC - ok
16:11:55.0002 4352 [ 79F99A4D59825839B7E563B4BCF52C5E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
16:11:55.0002 4352 LENOVO.TVTVCAM - ok
16:11:55.0002 4352 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
16:11:55.0002 4352 Lenovo.VIRTSCRLSVC - ok
16:11:55.0018 4352 [ 606DA892A53FA863B67F8D3F8FF016A0 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
16:11:55.0018 4352 LenovoRd - ok
16:11:55.0018 4352 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:11:55.0018 4352 lltdio - ok
16:11:55.0018 4352 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:11:55.0018 4352 lltdsvc - ok
16:11:55.0033 4352 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:11:55.0033 4352 lmhosts - ok
16:11:55.0033 4352 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:11:55.0033 4352 LMS - ok
16:11:55.0033 4352 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:11:55.0049 4352 LSI_FC - ok
16:11:55.0049 4352 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:11:55.0049 4352 LSI_SAS - ok
16:11:55.0049 4352 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:11:55.0049 4352 LSI_SAS2 - ok
16:11:55.0049 4352 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:11:55.0049 4352 LSI_SCSI - ok
16:11:55.0064 4352 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:11:55.0064 4352 luafv - ok
16:11:55.0064 4352 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:11:55.0064 4352 MBAMProtector - ok
16:11:55.0064 4352 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:11:55.0080 4352 MBAMScheduler - ok
16:11:55.0080 4352 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:11:55.0080 4352 MBAMService - ok
16:11:55.0096 4352 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:11:55.0096 4352 Mcx2Svc - ok
16:11:55.0096 4352 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:11:55.0096 4352 megasas - ok
16:11:55.0096 4352 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:11:55.0096 4352 MegaSR - ok
16:11:55.0111 4352 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:11:55.0111 4352 MEIx64 - ok
16:11:55.0111 4352 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:11:55.0111 4352 Microsoft Office Groove Audit Service - ok
16:11:55.0127 4352 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:11:55.0127 4352 MMCSS - ok
16:11:55.0127 4352 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:11:55.0127 4352 Modem - ok
16:11:55.0127 4352 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:11:55.0127 4352 monitor - ok
16:11:55.0142 4352 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:11:55.0142 4352 mouclass - ok
16:11:55.0142 4352 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:11:55.0142 4352 mouhid - ok
16:11:55.0142 4352 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:11:55.0142 4352 mountmgr - ok
16:11:55.0142 4352 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:11:55.0142 4352 MozillaMaintenance - ok
16:11:55.0158 4352 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:11:55.0158 4352 mpio - ok
16:11:55.0158 4352 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:11:55.0158 4352 mpsdrv - ok
16:11:55.0174 4352 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:11:55.0174 4352 MpsSvc - ok
16:11:55.0174 4352 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:11:55.0174 4352 MRxDAV - ok
16:11:55.0189 4352 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:11:55.0189 4352 mrxsmb - ok
16:11:55.0189 4352 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:11:55.0189 4352 mrxsmb10 - ok
16:11:55.0205 4352 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:11:55.0205 4352 mrxsmb20 - ok
16:11:55.0205 4352 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:11:55.0205 4352 msahci - ok
16:11:55.0205 4352 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:11:55.0205 4352 msdsm - ok
16:11:55.0220 4352 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:11:55.0220 4352 MSDTC - ok
16:11:55.0220 4352 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:11:55.0220 4352 Msfs - ok
16:11:55.0220 4352 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:11:55.0236 4352 mshidkmdf - ok
16:11:55.0236 4352 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:11:55.0236 4352 msisadrv - ok
16:11:55.0236 4352 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:11:55.0236 4352 MSiSCSI - ok
16:11:55.0236 4352 msiserver - ok
16:11:55.0252 4352 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:11:55.0252 4352 MSKSSRV - ok
16:11:55.0252 4352 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:11:55.0252 4352 MSPCLOCK - ok
16:11:55.0252 4352 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:11:55.0252 4352 MSPQM - ok
16:11:55.0267 4352 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:11:55.0267 4352 MsRPC - ok
16:11:55.0267 4352 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:11:55.0267 4352 mssmbios - ok
16:11:55.0283 4352 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:11:55.0283 4352 MSTEE - ok
16:11:55.0283 4352 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:11:55.0283 4352 MTConfig - ok
16:11:55.0283 4352 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:11:55.0283 4352 Mup - ok
16:11:55.0283 4352 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:11:55.0298 4352 MyWiFiDHCPDNS - ok
16:11:55.0298 4352 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:11:55.0314 4352 napagent - ok
16:11:55.0314 4352 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:11:55.0314 4352 NativeWifiP - ok
16:11:55.0330 4352 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:11:55.0330 4352 NDIS - ok
16:11:55.0330 4352 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:11:55.0330 4352 NdisCap - ok
16:11:55.0330 4352 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:11:55.0345 4352 NdisTapi - ok
16:11:55.0345 4352 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:11:55.0345 4352 Ndisuio - ok
16:11:55.0345 4352 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:55.0345 4352 NdisWan - ok
16:11:55.0345 4352 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:11:55.0361 4352 NDProxy - ok
16:11:55.0361 4352 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:11:55.0361 4352 NetBIOS - ok
16:11:55.0361 4352 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:11:55.0361 4352 NetBT - ok
16:11:55.0361 4352 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:11:55.0376 4352 Netlogon - ok
16:11:55.0376 4352 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:11:55.0376 4352 Netman - ok
16:11:55.0376 4352 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:11:55.0392 4352 netprofm - ok
16:11:55.0392 4352 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:11:55.0392 4352 NetTcpPortSharing - ok
16:11:55.0470 4352 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
16:11:55.0532 4352 NETwNs64 - ok
16:11:55.0548 4352 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:11:55.0548 4352 nfrd960 - ok
16:11:55.0548 4352 [ BC4B7FA7F7EBE5E9CC70885A2CB727D0 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
16:11:55.0548 4352 NitroDriverReadSpool2 - ok
16:11:55.0564 4352 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:11:55.0564 4352 NlaSvc - ok
16:11:55.0564 4352 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:11:55.0564 4352 Npfs - ok
16:11:55.0564 4352 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:11:55.0564 4352 nsi - ok
16:11:55.0579 4352 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:11:55.0579 4352 nsiproxy - ok
16:11:55.0595 4352 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:11:55.0595 4352 Ntfs - ok
16:11:55.0610 4352 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:11:55.0610 4352 Null - ok
16:11:55.0610 4352 [ 65E6BB06A644533118BE007E9601B2C2 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
16:11:55.0610 4352 nvkflt - ok
16:11:55.0704 4352 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:11:55.0782 4352 nvlddmkm - ok
16:11:55.0782 4352 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:11:55.0782 4352 nvpciflt - ok
16:11:55.0798 4352 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:11:55.0798 4352 nvraid - ok
16:11:55.0798 4352 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:11:55.0798 4352 nvstor - ok
16:11:55.0813 4352 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
16:11:55.0813 4352 nvsvc - ok
16:11:55.0829 4352 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:11:55.0829 4352 nvUpdatusService - ok
16:11:55.0829 4352 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:11:55.0829 4352 nv_agp - ok
16:11:55.0844 4352 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:11:55.0844 4352 odserv - ok
16:11:55.0860 4352 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:11:55.0860 4352 ohci1394 - ok
16:11:55.0860 4352 [ 2B8E4C792BED0E5882702720BC528AE5 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:11:55.0860 4352 ose - ok
16:11:55.0907 4352 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:11:55.0922 4352 osppsvc - ok
16:11:55.0938 4352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:11:55.0938 4352 p2pimsvc - ok
16:11:55.0938 4352 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:11:55.0938 4352 p2psvc - ok
16:11:55.0954 4352 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:11:55.0954 4352 Parport - ok
16:11:55.0954 4352 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:11:55.0954 4352 partmgr - ok
16:11:55.0954 4352 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:11:55.0954 4352 PcaSvc - ok
16:11:55.0969 4352 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:11:55.0969 4352 pci - ok
16:11:55.0969 4352 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:11:55.0969 4352 pciide - ok
16:11:55.0969 4352 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:11:55.0969 4352 pcmcia - ok
16:11:55.0985 4352 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:11:55.0985 4352 pcw - ok
16:11:55.0985 4352 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:11:55.0985 4352 PEAUTH - ok
16:11:56.0000 4352 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:11:56.0016 4352 PeerDistSvc - ok
16:11:56.0032 4352 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:11:56.0032 4352 PerfHost - ok
16:11:56.0032 4352 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
16:11:56.0032 4352 PHCORE - ok
16:11:56.0047 4352 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:11:56.0063 4352 pla - ok
16:11:56.0063 4352 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:11:56.0063 4352 PlugPlay - ok
16:11:56.0078 4352 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:11:56.0078 4352 PNRPAutoReg - ok
16:11:56.0078 4352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:11:56.0078 4352 PNRPsvc - ok
16:11:56.0094 4352 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:11:56.0094 4352 PolicyAgent - ok
16:11:56.0094 4352 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
16:11:56.0110 4352 Power - ok
16:11:56.0110 4352 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
16:11:56.0125 4352 Power Manager DBC Service - ok
16:11:56.0125 4352 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:11:56.0125 4352 PptpMiniport - ok
16:11:56.0141 4352 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:11:56.0141 4352 Processor - ok
16:11:56.0141 4352 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:11:56.0141 4352 ProfSvc - ok
16:11:56.0141 4352 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:11:56.0141 4352 ProtectedStorage - ok
16:11:56.0156 4352 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
16:11:56.0156 4352 psadd - ok
16:11:56.0156 4352 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:11:56.0156 4352 Psched - ok
16:11:56.0156 4352 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:11:56.0156 4352 PSI_SVC_2 - ok
16:11:56.0172 4352 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
16:11:56.0188 4352 PwmEWSvc - ok
16:11:56.0203 4352 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:11:56.0219 4352 ql2300 - ok
16:11:56.0219 4352 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:11:56.0219 4352 ql40xx - ok
16:11:56.0219 4352 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:11:56.0234 4352 QWAVE - ok
16:11:56.0234 4352 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:11:56.0234 4352 QWAVEdrv - ok
16:11:56.0234 4352 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:11:56.0234 4352 RasAcd - ok
16:11:56.0234 4352 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:11:56.0250 4352 RasAgileVpn - ok
16:11:56.0250 4352 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:11:56.0250 4352 RasAuto - ok
16:11:56.0250 4352 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:11:56.0250 4352 Rasl2tp - ok
16:11:56.0266 4352 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:11:56.0266 4352 RasMan - ok
16:11:56.0266 4352 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:11:56.0266 4352 RasPppoe - ok
16:11:56.0266 4352 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:11:56.0266 4352 RasSstp - ok
16:11:56.0281 4352 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:11:56.0281 4352 rdbss - ok
16:11:56.0281 4352 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:11:56.0281 4352 rdpbus - ok
16:11:56.0281 4352 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:11:56.0281 4352 RDPCDD - ok
16:11:56.0297 4352 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:11:56.0297 4352 RDPDR - ok
16:11:56.0297 4352 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:11:56.0297 4352 RDPENCDD - ok
16:11:56.0297 4352 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:11:56.0297 4352 RDPREFMP - ok
16:11:56.0312 4352 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:11:56.0312 4352 RdpVideoMiniport - ok
16:11:56.0312 4352 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:11:56.0312 4352 RDPWD - ok
16:11:56.0328 4352 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:11:56.0328 4352 rdyboost - ok
16:11:56.0328 4352 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:11:56.0328 4352 RegSrvc - ok
16:11:56.0328 4352 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:11:56.0328 4352 RemoteAccess - ok
16:11:56.0344 4352 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:11:56.0344 4352 RemoteRegistry - ok
16:11:56.0344 4352 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:11:56.0344 4352 RFCOMM - ok
16:11:56.0359 4352 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
16:11:56.0359 4352 risdxc - ok
16:11:56.0359 4352 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:11:56.0359 4352 RpcEptMapper - ok
16:11:56.0359 4352 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:11:56.0359 4352 RpcLocator - ok
16:11:56.0375 4352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:11:56.0375 4352 RpcSs - ok
16:11:56.0375 4352 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:11:56.0375 4352 rspndr - ok
16:11:56.0375 4352 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:11:56.0390 4352 s3cap - ok
16:11:56.0390 4352 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:11:56.0390 4352 SamSs - ok
16:11:56.0390 4352 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:11:56.0390 4352 sbp2port - ok
16:11:56.0390 4352 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:11:56.0406 4352 SCardSvr - ok
16:11:56.0406 4352 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:11:56.0406 4352 scfilter - ok
16:11:56.0406 4352 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:11:56.0422 4352 Schedule - ok
16:11:56.0422 4352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:11:56.0422 4352 SCPolicySvc - ok
16:11:56.0437 4352 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:11:56.0437 4352 SDRSVC - ok
16:11:56.0437 4352 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:11:56.0437 4352 secdrv - ok
16:11:56.0437 4352 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:11:56.0437 4352 seclogon - ok
16:11:56.0453 4352 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:11:56.0453 4352 SENS - ok
16:11:56.0453 4352 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:11:56.0453 4352 SensrSvc - ok
16:11:56.0453 4352 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:11:56.0453 4352 Serenum - ok
16:11:56.0468 4352 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:11:56.0468 4352 Serial - ok
16:11:56.0468 4352 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:11:56.0468 4352 sermouse - ok
16:11:56.0484 4352 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:11:56.0484 4352 SessionEnv - ok
16:11:56.0484 4352 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:11:56.0484 4352 sffdisk - ok
16:11:56.0484 4352 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:11:56.0484 4352 sffp_mmc - ok
16:11:56.0500 4352 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:11:56.0500 4352 sffp_sd - ok
16:11:56.0500 4352 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:11:56.0500 4352 sfloppy - ok
16:11:56.0500 4352 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:11:56.0500 4352 SharedAccess - ok
16:11:56.0515 4352 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:11:56.0515 4352 ShellHWDetection - ok
16:11:56.0515 4352 [ 7AC6FBFC13ABA3F15B05986412D10E10 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
16:11:56.0515 4352 Shockprf - ok
16:11:56.0531 4352 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:11:56.0531 4352 SiSRaid2 - ok
16:11:56.0531 4352 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:11:56.0531 4352 SiSRaid4 - ok
16:11:56.0531 4352 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:11:56.0531 4352 SkypeUpdate - ok
16:11:56.0531 4352 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:11:56.0531 4352 Smb - ok
16:11:56.0546 4352 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
16:11:56.0546 4352 smihlp - ok
16:11:56.0546 4352 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:11:56.0546 4352 SNMPTRAP - ok
16:11:56.0562 4352 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:11:56.0562 4352 spldr - ok
16:11:56.0562 4352 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:11:56.0562 4352 Spooler - ok
16:11:56.0593 4352 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:11:56.0609 4352 sppsvc - ok
16:11:56.0609 4352 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:11:56.0624 4352 sppuinotify - ok
16:11:56.0624 4352 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:11:56.0624 4352 srv - ok
16:11:56.0640 4352 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:11:56.0640 4352 srv2 - ok
16:11:56.0640 4352 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:11:56.0640 4352 srvnet - ok
16:11:56.0640 4352 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:11:56.0656 4352 SSDPSRV - ok
16:11:56.0656 4352 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:11:56.0656 4352 SstpSvc - ok
16:11:56.0656 4352 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:11:56.0656 4352 Stereo Service - ok
16:11:56.0671 4352 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:11:56.0671 4352 stexstor - ok
16:11:56.0671 4352 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:11:56.0671 4352 stisvc - ok
16:11:56.0687 4352 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:11:56.0687 4352 storflt - ok
16:11:56.0687 4352 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:11:56.0687 4352 StorSvc - ok
16:11:56.0687 4352 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:11:56.0687 4352 storvsc - ok
16:11:56.0702 4352 [ 5D8B9129DA2EB060BC9346FD9724632E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
16:11:56.0702 4352 SUService - ok
16:11:56.0702 4352 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:11:56.0702 4352 swenum - ok
16:11:56.0702 4352 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:11:56.0718 4352 swprv - ok
16:11:56.0718 4352 [ 883D2880144FD3ED9F1C04B5B5B9B562 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:11:56.0718 4352 SynTP - ok
16:11:56.0734 4352 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:11:56.0749 4352 SysMain - ok
16:11:56.0749 4352 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:11:56.0749 4352 TabletInputService - ok
16:11:56.0749 4352 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:11:56.0765 4352 TapiSrv - ok
16:11:56.0765 4352 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:11:56.0765 4352 TBS - ok
16:11:56.0780 4352 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:11:56.0796 4352 Tcpip - ok
16:11:56.0812 4352 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:11:56.0812 4352 TCPIP6 - ok
16:11:56.0827 4352 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:11:56.0827 4352 tcpipreg - ok
16:11:56.0827 4352 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:11:56.0827 4352 TDPIPE - ok
16:11:56.0827 4352 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:11:56.0827 4352 TDTCP - ok
16:11:56.0843 4352 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:11:56.0843 4352 tdx - ok
16:11:56.0843 4352 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:11:56.0843 4352 TermDD - ok
16:11:56.0843 4352 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:11:56.0858 4352 TermService - ok
16:11:56.0858 4352 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:11:56.0858 4352 Themes - ok
16:11:56.0858 4352 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:11:56.0874 4352 THREADORDER - ok
16:11:56.0874 4352 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
16:11:56.0874 4352 TPDIGIMN - ok
16:11:56.0874 4352 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
16:11:56.0874 4352 TPHDEXLGSVC - ok
16:11:56.0874 4352 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
16:11:56.0890 4352 TPHKLOAD - ok
16:11:56.0890 4352 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
16:11:56.0890 4352 TPHKSVC - ok
16:11:56.0890 4352 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
16:11:56.0890 4352 TPM - ok
16:11:56.0890 4352 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
16:11:56.0890 4352 TPPWRIF - ok
16:11:56.0905 4352 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:11:56.0905 4352 TrkWks - ok
16:11:56.0905 4352 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:11:56.0905 4352 TrustedInstaller - ok
16:11:56.0921 4352 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:11:56.0921 4352 tssecsrv - ok
16:11:56.0921 4352 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:11:56.0921 4352 TsUsbFlt - ok
16:11:56.0921 4352 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:11:56.0921 4352 TsUsbGD - ok
16:11:56.0921 4352 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:11:56.0936 4352 tunnel - ok
16:11:56.0936 4352 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
16:11:56.0936 4352 TVTI2C - ok
16:11:56.0936 4352 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
16:11:56.0936 4352 tvtvcamd - ok
16:11:56.0936 4352 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:11:56.0936 4352 uagp35 - ok
16:11:56.0952 4352 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:11:56.0952 4352 udfs - ok
16:11:56.0952 4352 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:11:56.0952 4352 UI0Detect - ok
16:11:56.0968 4352 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
16:11:56.0968 4352 UleadBurningHelper - ok
16:11:56.0968 4352 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:11:56.0968 4352 uliagpkx - ok
16:11:56.0968 4352 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:11:56.0968 4352 umbus - ok
16:11:56.0983 4352 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:11:56.0983 4352 UmPass - ok
16:11:56.0983 4352 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:11:56.0983 4352 UmRdpService - ok
16:11:56.0983 4352 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:11:56.0999 4352 UNS - ok
16:11:56.0999 4352 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:11:56.0999 4352 upnphost - ok
16:11:56.0999 4352 [ 6CC0985C3BB5931F73FF0846E06A9483 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:11:56.0999 4352 usbccgp - ok
16:11:57.0014 4352 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:11:57.0014 4352 usbcir - ok
16:11:57.0014 4352 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:11:57.0014 4352 usbehci - ok
16:11:57.0014 4352 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:11:57.0030 4352 usbhub - ok
16:11:57.0030 4352 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:11:57.0030 4352 usbohci - ok
16:11:57.0030 4352 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:11:57.0030 4352 usbprint - ok
16:11:57.0030 4352 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:11:57.0030 4352 usbscan - ok
16:11:57.0046 4352 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:11:57.0046 4352 USBSTOR - ok
16:11:57.0046 4352 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:11:57.0046 4352 usbuhci - ok
16:11:57.0046 4352 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:11:57.0046 4352 usbvideo - ok
16:11:57.0046 4352 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:11:57.0061 4352 UxSms - ok
16:11:57.0061 4352 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:11:57.0061 4352 VaultSvc - ok
16:11:57.0061 4352 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:11:57.0061 4352 vdrvroot - ok
16:11:57.0077 4352 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:11:57.0077 4352 vds - ok
16:11:57.0077 4352 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:11:57.0077 4352 vga - ok
16:11:57.0092 4352 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:11:57.0092 4352 VgaSave - ok
16:11:57.0092 4352 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:11:57.0092 4352 vhdmp - ok
16:11:57.0092 4352 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:11:57.0092 4352 viaide - ok
16:11:57.0108 4352 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
16:11:57.0108 4352 VIPAppService - ok
16:11:57.0108 4352 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:11:57.0108 4352 vmbus - ok
16:11:57.0108 4352 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:11:57.0108 4352 VMBusHID - ok
16:11:57.0124 4352 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:11:57.0124 4352 volmgr - ok
16:11:57.0124 4352 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:11:57.0124 4352 volmgrx - ok
16:11:57.0124 4352 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:11:57.0139 4352 volsnap - ok
16:11:57.0139 4352 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:11:57.0139 4352 vsmraid - ok
16:11:57.0155 4352 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:11:57.0170 4352 VSS - ok
16:11:57.0170 4352 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:11:57.0170 4352 vwifibus - ok
16:11:57.0170 4352 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:11:57.0170 4352 vwififlt - ok
16:11:57.0170 4352 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:11:57.0170 4352 vwifimp - ok
16:11:57.0186 4352 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:11:57.0186 4352 W32Time - ok
16:11:57.0186 4352 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:11:57.0186 4352 WacomPen - ok
16:11:57.0202 4352 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:11:57.0202 4352 WANARP - ok
16:11:57.0202 4352 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:11:57.0202 4352 Wanarpv6 - ok
16:11:57.0217 4352 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:11:57.0217 4352 wbengine - ok
16:11:57.0233 4352 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:11:57.0233 4352 WbioSrvc - ok
16:11:57.0233 4352 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:11:57.0248 4352 wcncsvc - ok
16:11:57.0248 4352 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:11:57.0248 4352 WcsPlugInService - ok
16:11:57.0248 4352 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:11:57.0248 4352 Wd - ok
16:11:57.0264 4352 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:11:57.0264 4352 Wdf01000 - ok
16:11:57.0264 4352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:11:57.0264 4352 WdiServiceHost - ok
16:11:57.0264 4352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:11:57.0280 4352 WdiSystemHost - ok
16:11:57.0280 4352 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:11:57.0280 4352 WebClient - ok
16:11:57.0280 4352 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:11:57.0295 4352 Wecsvc - ok
16:11:57.0295 4352 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:11:57.0295 4352 wercplsupport - ok
16:11:57.0295 4352 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:11:57.0295 4352 WerSvc - ok
16:11:57.0311 4352 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:11:57.0311 4352 WfpLwf - ok
16:11:57.0311 4352 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:11:57.0311 4352 WIMMount - ok
16:11:57.0311 4352 WinDefend - ok
16:11:57.0311 4352 WinHttpAutoProxySvc - ok
16:11:57.0326 4352 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:11:57.0326 4352 Winmgmt - ok
16:11:57.0342 4352 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:11:57.0358 4352 WinRM - ok
16:11:57.0358 4352 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
16:11:57.0358 4352 WinUsb - ok
16:11:57.0373 4352 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:11:57.0373 4352 Wlansvc - ok
16:11:57.0389 4352 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:11:57.0389 4352 wlcrasvc - ok
16:11:57.0404 4352 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:11:57.0420 4352 wlidsvc - ok
16:11:57.0420 4352 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:11:57.0420 4352 WmiAcpi - ok
16:11:57.0436 4352 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:11:57.0436 4352 wmiApSrv - ok
16:11:57.0436 4352 WMPNetworkSvc - ok
16:11:57.0436 4352 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:11:57.0451 4352 WPCSvc - ok
16:11:57.0451 4352 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:11:57.0451 4352 WPDBusEnum - ok
16:11:57.0451 4352 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:11:57.0451 4352 ws2ifsl - ok
16:11:57.0467 4352 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:11:57.0467 4352 wscsvc - ok
16:11:57.0467 4352 WSearch - ok
16:11:57.0482 4352 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:11:57.0498 4352 wuauserv - ok
16:11:57.0498 4352 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:11:57.0498 4352 WudfPf - ok
16:11:57.0514 4352 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:57.0514 4352 WUDFRd - ok
16:11:57.0514 4352 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:11:57.0514 4352 wudfsvc - ok
16:11:57.0529 4352 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:11:57.0529 4352 WwanSvc - ok
16:11:57.0545 4352 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:11:57.0560 4352 ZeroConfigService - ok
16:11:57.0576 4352 ================ Scan global ===============================
16:11:57.0576 4352 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:11:57.0576 4352 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:11:57.0576 4352 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:11:57.0592 4352 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:11:57.0592 4352 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:11:57.0592 4352 [Global] - ok
16:11:57.0592 4352 ================ Scan MBR ==================================
16:11:57.0592 4352 [ C325549D07816418609926B52AB3DE9C ] \Device\Harddisk0\DR0
16:11:57.0638 4352 \Device\Harddisk0\DR0 - ok
16:11:57.0638 4352 ================ Scan VBR ==================================
16:11:57.0638 4352 [ 0D68217E0CBDCC8805330F6D84618CC7 ] \Device\Harddisk0\DR0\Partition1
16:11:57.0638 4352 \Device\Harddisk0\DR0\Partition1 - ok
16:11:57.0638 4352 [ 396714E6EF2A4F3B63FB7A386838581C ] \Device\Harddisk0\DR0\Partition2
16:11:57.0638 4352 \Device\Harddisk0\DR0\Partition2 - ok
16:11:57.0638 4352 [ 0A6C061F61DF224F4DEF20B3BABAE1AA ] \Device\Harddisk0\DR0\Partition3
16:11:57.0638 4352 \Device\Harddisk0\DR0\Partition3 - ok
16:11:57.0638 4352 ============================================================
16:11:57.0638 4352 Scan finished
16:11:57.0638 4352 ============================================================
16:11:57.0654 5820 Detected object count: 0
16:11:57.0654 5820 Actual detected object count: 0
16:12:30.0929 6660 ============================================================
16:12:30.0929 6660 Scan started
16:12:30.0929 6660 Mode: Manual;
16:12:30.0929 6660 ============================================================
16:12:31.0038 6660 ================ Scan system memory ========================
16:12:31.0038 6660 System memory - ok
16:12:31.0038 6660 ================ Scan services =============================
16:12:31.0069 6660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:12:31.0069 6660 1394ohci - ok
16:12:31.0069 6660 [ 1F305C858E7B5E537C9B783D46243A7A ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
16:12:31.0069 6660 5U877 - ok
16:12:31.0085 6660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:12:31.0085 6660 ACPI - ok
16:12:31.0085 6660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:12:31.0085 6660 AcpiPmi - ok
16:12:31.0085 6660 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:12:31.0085 6660 AdobeARMservice - ok
16:12:31.0100 6660 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:12:31.0100 6660 AdobeFlashPlayerUpdateSvc - ok
16:12:31.0100 6660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:12:31.0116 6660 adp94xx - ok
16:12:31.0116 6660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:12:31.0116 6660 adpahci - ok
16:12:31.0116 6660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:12:31.0116 6660 adpu320 - ok
16:12:31.0132 6660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:12:31.0132 6660 AeLookupSvc - ok
16:12:31.0132 6660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:12:31.0132 6660 AFD - ok
16:12:31.0147 6660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:12:31.0147 6660 agp440 - ok
16:12:31.0147 6660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:12:31.0147 6660 ALG - ok
16:12:31.0147 6660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:12:31.0147 6660 aliide - ok
16:12:31.0147 6660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:12:31.0163 6660 amdide - ok
16:12:31.0163 6660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:12:31.0163 6660 AmdK8 - ok
16:12:31.0163 6660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:12:31.0163 6660 AmdPPM - ok
16:12:31.0163 6660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:12:31.0163 6660 amdsata - ok
16:12:31.0178 6660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:12:31.0178 6660 amdsbs - ok
16:12:31.0178 6660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:12:31.0178 6660 amdxata - ok
16:12:31.0178 6660 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:12:31.0178 6660 AntiVirSchedulerService - ok
16:12:31.0194 6660 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:12:31.0194 6660 AntiVirService - ok
16:12:31.0194 6660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:12:31.0194 6660 AppID - ok
16:12:31.0194 6660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:12:31.0194 6660 AppIDSvc - ok
16:12:31.0210 6660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:12:31.0210 6660 Appinfo - ok
16:12:31.0210 6660 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:12:31.0210 6660 AppMgmt - ok
16:12:31.0210 6660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:12:31.0210 6660 arc - ok
16:12:31.0210 6660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:12:31.0225 6660 arcsas - ok
16:12:31.0225 6660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:12:31.0225 6660 AsyncMac - ok
16:12:31.0225 6660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:12:31.0225 6660 atapi - ok
16:12:31.0241 6660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:12:31.0241 6660 AudioEndpointBuilder - ok
16:12:31.0241 6660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:12:31.0241 6660 AudioSrv - ok
16:12:31.0256 6660 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:12:31.0256 6660 avgntflt - ok
16:12:31.0256 6660 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:12:31.0256 6660 avipbb - ok
16:12:31.0256 6660 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:12:31.0256 6660 avkmgr - ok
16:12:31.0272 6660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:12:31.0272 6660 AxInstSV - ok
16:12:31.0272 6660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:12:31.0272 6660 b06bdrv - ok
16:12:31.0288 6660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:12:31.0288 6660 b57nd60a - ok
16:12:31.0288 6660 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
16:12:31.0288 6660 bcbtums - ok
16:12:31.0288 6660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:12:31.0288 6660 BDESVC - ok
16:12:31.0303 6660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:12:31.0303 6660 Beep - ok
16:12:31.0303 6660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:12:31.0303 6660 BFE - ok
16:12:31.0319 6660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:12:31.0319 6660 BITS - ok
16:12:31.0319 6660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:12:31.0319 6660 blbdrive - ok
16:12:31.0334 6660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:12:31.0334 6660 bowser - ok
16:12:31.0334 6660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:12:31.0334 6660 BrFiltLo - ok
16:12:31.0334 6660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:12:31.0334 6660 BrFiltUp - ok
16:12:31.0350 6660 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:12:31.0350 6660 Browser - ok
16:12:31.0350 6660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:12:31.0350 6660 Brserid - ok
16:12:31.0350 6660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:12:31.0350 6660 BrSerWdm - ok
16:12:31.0366 6660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:12:31.0366 6660 BrUsbMdm - ok
16:12:31.0366 6660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:12:31.0366 6660 BrUsbSer - ok
16:12:31.0366 6660 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:12:31.0366 6660 BthEnum - ok
16:12:31.0366 6660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:12:31.0366 6660 BTHMODEM - ok
16:12:31.0381 6660 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:12:31.0381 6660 BthPan - ok
16:12:31.0381 6660 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:12:31.0381 6660 BTHPORT - ok
16:12:31.0397 6660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:12:31.0397 6660 bthserv - ok
16:12:31.0397 6660 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:12:31.0397 6660 BTHUSB - ok
16:12:31.0397 6660 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
16:12:31.0412 6660 btwampfl - ok
16:12:31.0412 6660 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:12:31.0412 6660 btwaudio - ok
16:12:31.0412 6660 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:12:31.0412 6660 btwavdt - ok
16:12:31.0428 6660 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
16:12:31.0428 6660 btwdins - ok
16:12:31.0428 6660 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:12:31.0444 6660 btwl2cap - ok
16:12:31.0444 6660 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:12:31.0444 6660 btwrchid - ok
16:12:31.0444 6660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:12:31.0444 6660 cdfs - ok
16:12:31.0444 6660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:12:31.0444 6660 cdrom - ok
16:12:31.0459 6660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:12:31.0459 6660 CertPropSvc - ok
16:12:31.0459 6660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:12:31.0459 6660 circlass - ok
16:12:31.0459 6660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:12:31.0475 6660 CLFS - ok
16:12:31.0475 6660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:12:31.0475 6660 clr_optimization_v2.0.50727_32 - ok
16:12:31.0475 6660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:12:31.0475 6660 clr_optimization_v2.0.50727_64 - ok
16:12:31.0490 6660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:12:31.0490 6660 clr_optimization_v4.0.30319_32 - ok
16:12:31.0490 6660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:12:31.0490 6660 clr_optimization_v4.0.30319_64 - ok
16:12:31.0490 6660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:12:31.0490 6660 CmBatt - ok
16:12:31.0506 6660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:12:31.0506 6660 cmdide - ok
16:12:31.0506 6660 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:12:31.0506 6660 CNG - ok
16:12:31.0506 6660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:12:31.0506 6660 Compbatt - ok
16:12:31.0522 6660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:12:31.0522 6660 CompositeBus - ok
16:12:31.0522 6660 COMSysApp - ok
16:12:31.0522 6660 [ EB726E02074FDC44EBE97E01A2660AA6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:12:31.0522 6660 cphs - ok
16:12:31.0537 6660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:12:31.0537 6660 crcdisk - ok
16:12:31.0537 6660 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:12:31.0537 6660 CryptSvc - ok
16:12:31.0553 6660 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:12:31.0553 6660 CSC - ok
16:12:31.0553 6660 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:12:31.0553 6660 CscService - ok
16:12:31.0568 6660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:12:31.0568 6660 DcomLaunch - ok
16:12:31.0584 6660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:12:31.0584 6660 defragsvc - ok
16:12:31.0584 6660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:12:31.0584 6660 DfsC - ok
16:12:31.0584 6660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:12:31.0584 6660 Dhcp - ok
16:12:31.0600 6660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:12:31.0600 6660 discache - ok
16:12:31.0600 6660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:12:31.0600 6660 Disk - ok
16:12:31.0600 6660 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:12:31.0600 6660 dmvsc - ok
16:12:31.0600 6660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:12:31.0615 6660 Dnscache - ok
16:12:31.0615 6660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:12:31.0615 6660 dot3svc - ok
16:12:31.0615 6660 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
16:12:31.0631 6660 DozeSvc - ok
16:12:31.0631 6660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:12:31.0631 6660 DPS - ok
16:12:31.0631 6660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:12:31.0631 6660 drmkaud - ok
16:12:31.0646 6660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:12:31.0646 6660 DXGKrnl - ok
16:12:31.0646 6660 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
16:12:31.0646 6660 DzHDD64 - ok
16:12:31.0662 6660 [ 03F4C5C12FC1C69F838DA723475EF650 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:12:31.0662 6660 e1cexpress - ok
16:12:31.0662 6660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:12:31.0662 6660 EapHost - ok
16:12:31.0693 6660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:12:31.0693 6660 ebdrv - ok
16:12:31.0709 6660 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:12:31.0709 6660 EFS - ok
16:12:31.0709 6660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:12:31.0709 6660 ehRecvr - ok
16:12:31.0724 6660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:12:31.0724 6660 ehSched - ok
16:12:31.0724 6660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:12:31.0724 6660 elxstor - ok
16:12:31.0740 6660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:12:31.0740 6660 ErrDev - ok
16:12:31.0740 6660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:12:31.0740 6660 EventSystem - ok
16:12:31.0756 6660 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:12:31.0756 6660 EvtEng - ok
16:12:31.0756 6660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:12:31.0756 6660 exfat - ok
16:12:31.0771 6660 [ EB3A7D5663ACAC417DF986D4AEE12170 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
16:12:31.0771 6660 Fastboot - ok
16:12:31.0771 6660 [ 63511240AF70D10343A4AE05F8E2CA12 ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
16:12:31.0771 6660 FastbootService - ok
16:12:31.0771 6660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:12:31.0771 6660 fastfat - ok
16:12:31.0787 6660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:12:31.0787 6660 Fax - ok
16:12:31.0787 6660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:12:31.0787 6660 fdc - ok
16:12:31.0787 6660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:12:31.0802 6660 fdPHost - ok
16:12:31.0802 6660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:12:31.0802 6660 FDResPub - ok
16:12:31.0802 6660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:12:31.0802 6660 FileInfo - ok
16:12:31.0802 6660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:12:31.0802 6660 Filetrace - ok
16:12:31.0818 6660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:12:31.0818 6660 flpydisk - ok
16:12:31.0818 6660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:12:31.0818 6660 FltMgr - ok
16:12:31.0834 6660 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
16:12:31.0834 6660 FontCache - ok
16:12:31.0834 6660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:12:31.0834 6660 FontCache3.0.0.0 - ok
16:12:31.0849 6660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:12:31.0849 6660 FsDepends - ok
16:12:31.0849 6660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:12:31.0849 6660 Fs_Rec - ok
16:12:31.0849 6660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:12:31.0849 6660 fvevol - ok
16:12:31.0865 6660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:12:31.0865 6660 gagp30kx - ok
16:12:31.0865 6660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:12:31.0865 6660 gpsvc - ok
16:12:31.0880 6660 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:31.0880 6660 gupdate - ok
16:12:31.0880 6660 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:31.0880 6660 gupdatem - ok
16:12:31.0880 6660 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:12:31.0880 6660 gusvc - ok
16:12:31.0896 6660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:12:31.0896 6660 hcw85cir - ok
16:12:31.0896 6660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:12:31.0896 6660 HdAudAddService - ok
16:12:31.0896 6660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:12:31.0912 6660 HDAudBus - ok
16:12:31.0912 6660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:12:31.0912 6660 HidBatt - ok
16:12:31.0912 6660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:12:31.0912 6660 HidBth - ok
16:12:31.0912 6660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:12:31.0912 6660 HidIr - ok
16:12:31.0927 6660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:12:31.0927 6660 hidserv - ok
16:12:31.0927 6660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:12:31.0927 6660 HidUsb - ok
16:12:31.0927 6660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:12:31.0927 6660 hkmsvc - ok
16:12:31.0943 6660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:12:31.0943 6660 HomeGroupListener - ok
16:12:31.0943 6660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:12:31.0943 6660 HomeGroupProvider - ok
16:12:31.0943 6660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:12:31.0943 6660 HpSAMD - ok
16:12:31.0958 6660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:12:31.0958 6660 HTTP - ok
16:12:31.0958 6660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:12:31.0958 6660 hwpolicy - ok
16:12:31.0974 6660 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
16:12:31.0974 6660 HyperW7Svc - ok
16:12:31.0974 6660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:12:31.0974 6660 i8042prt - ok
16:12:31.0990 6660 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
16:12:31.0990 6660 iaStor - ok
16:12:31.0990 6660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:12:31.0990 6660 iaStorV - ok
16:12:31.0990 6660 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
16:12:31.0990 6660 IBMPMDRV - ok
16:12:32.0005 6660 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
16:12:32.0005 6660 IBMPMSVC - ok
16:12:32.0005 6660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:12:32.0021 6660 idsvc - ok
16:12:32.0068 6660 [ B9857625DF8B539ABCB90E15B5716568 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:12:32.0099 6660 igfx - ok
16:12:32.0114 6660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:12:32.0114 6660 iirsp - ok
16:12:32.0114 6660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:12:32.0130 6660 IKEEXT - ok
16:12:32.0130 6660 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:12:32.0130 6660 intaud_WaveExtensible - ok
16:12:32.0161 6660 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:12:32.0177 6660 IntcAzAudAddService - ok
16:12:32.0192 6660 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:12:32.0192 6660 Intel(R) Capability Licensing Service Interface - ok
16:12:32.0192 6660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:12:32.0192 6660 intelide - ok
16:12:32.0192 6660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:12:32.0208 6660 intelppm - ok
16:12:32.0208 6660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:12:32.0208 6660 IPBusEnum - ok
16:12:32.0208 6660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:12:32.0208 6660 IpFilterDriver - ok
16:12:32.0224 6660 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:12:32.0224 6660 iphlpsvc - ok
16:12:32.0224 6660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:12:32.0224 6660 IPMIDRV - ok
16:12:32.0224 6660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:12:32.0224 6660 IPNAT - ok
16:12:32.0239 6660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:12:32.0239 6660 IRENUM - ok
16:12:32.0239 6660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:12:32.0239 6660 isapnp - ok
16:12:32.0239 6660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:12:32.0239 6660 iScsiPrt - ok
16:12:32.0255 6660 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:12:32.0255 6660 iusb3hcs - ok
16:12:32.0255 6660 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
16:12:32.0255 6660 iusb3hub - ok
16:12:32.0270 6660 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:12:32.0270 6660 iusb3xhc - ok
16:12:32.0270 6660 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
16:12:32.0270 6660 iwdbus - ok
16:12:32.0286 6660 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:12:32.0286 6660 jhi_service - ok
16:12:32.0286 6660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:12:32.0286 6660 kbdclass - ok
16:12:32.0286 6660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:12:32.0286 6660 kbdhid - ok
16:12:32.0286 6660 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:12:32.0286 6660 KeyIso - ok
16:12:32.0302 6660 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:12:32.0302 6660 KSecDD - ok
16:12:32.0302 6660 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:12:32.0302 6660 KSecPkg - ok
16:12:32.0302 6660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:12:32.0302 6660 ksthunk - ok
16:12:32.0317 6660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:12:32.0317 6660 KtmRm - ok
16:12:32.0317 6660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:12:32.0317 6660 LanmanServer - ok
16:12:32.0333 6660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:12:32.0333 6660 LanmanWorkstation - ok
16:12:32.0333 6660 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
16:12:32.0333 6660 LENOVO.CAMMUTE - ok
16:12:32.0333 6660 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
16:12:32.0348 6660 LENOVO.MICMUTE - ok
16:12:32.0348 6660 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
16:12:32.0348 6660 LENOVO.TPKNRSVC - ok
|
|
08.03.2013, 16:31
| #3 |
| | Windows 7 Taskleiste friert ein nach Start Weil zu lang, hier der zweite Teil des Logs:
__________________Code:
ATTFilter 16:12:32.0348 6660 [ 79F99A4D59825839B7E563B4BCF52C5E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
16:12:32.0348 6660 LENOVO.TVTVCAM - ok
16:12:32.0348 6660 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
16:12:32.0348 6660 Lenovo.VIRTSCRLSVC - ok
16:12:32.0364 6660 [ 606DA892A53FA863B67F8D3F8FF016A0 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
16:12:32.0364 6660 LenovoRd - ok
16:12:32.0364 6660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:12:32.0364 6660 lltdio - ok
16:12:32.0364 6660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:12:32.0364 6660 lltdsvc - ok
16:12:32.0380 6660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:12:32.0380 6660 lmhosts - ok
16:12:32.0380 6660 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:12:32.0380 6660 LMS - ok
16:12:32.0380 6660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:12:32.0380 6660 LSI_FC - ok
16:12:32.0395 6660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:12:32.0395 6660 LSI_SAS - ok
16:12:32.0395 6660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:12:32.0395 6660 LSI_SAS2 - ok
16:12:32.0395 6660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:12:32.0395 6660 LSI_SCSI - ok
16:12:32.0411 6660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:12:32.0411 6660 luafv - ok
16:12:32.0411 6660 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:12:32.0411 6660 MBAMProtector - ok
16:12:32.0411 6660 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:12:32.0411 6660 MBAMScheduler - ok
16:12:32.0426 6660 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:12:32.0426 6660 MBAMService - ok
16:12:32.0426 6660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:12:32.0426 6660 Mcx2Svc - ok
16:12:32.0442 6660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:12:32.0442 6660 megasas - ok
16:12:32.0442 6660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:12:32.0442 6660 MegaSR - ok
16:12:32.0442 6660 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:12:32.0442 6660 MEIx64 - ok
16:12:32.0458 6660 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:12:32.0458 6660 Microsoft Office Groove Audit Service - ok
16:12:32.0458 6660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:12:32.0458 6660 MMCSS - ok
16:12:32.0458 6660 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:12:32.0458 6660 Modem - ok
16:12:32.0458 6660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:12:32.0473 6660 monitor - ok
16:12:32.0473 6660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:12:32.0473 6660 mouclass - ok
16:12:32.0473 6660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:12:32.0473 6660 mouhid - ok
16:12:32.0473 6660 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:12:32.0473 6660 mountmgr - ok
16:12:32.0489 6660 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:12:32.0489 6660 MozillaMaintenance - ok
16:12:32.0489 6660 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:12:32.0489 6660 mpio - ok
16:12:32.0489 6660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:12:32.0489 6660 mpsdrv - ok
16:12:32.0504 6660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:12:32.0504 6660 MpsSvc - ok
16:12:32.0504 6660 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:12:32.0504 6660 MRxDAV - ok
16:12:32.0520 6660 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:12:32.0520 6660 mrxsmb - ok
16:12:32.0520 6660 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:12:32.0520 6660 mrxsmb10 - ok
16:12:32.0536 6660 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:12:32.0536 6660 mrxsmb20 - ok
16:12:32.0536 6660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:12:32.0536 6660 msahci - ok
16:12:32.0536 6660 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:12:32.0536 6660 msdsm - ok
16:12:32.0536 6660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:12:32.0551 6660 MSDTC - ok
16:12:32.0551 6660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:12:32.0551 6660 Msfs - ok
16:12:32.0551 6660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:12:32.0551 6660 mshidkmdf - ok
16:12:32.0567 6660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:12:32.0567 6660 msisadrv - ok
16:12:32.0567 6660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:12:32.0567 6660 MSiSCSI - ok
16:12:32.0567 6660 msiserver - ok
16:12:32.0567 6660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:12:32.0567 6660 MSKSSRV - ok
16:12:32.0582 6660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:12:32.0582 6660 MSPCLOCK - ok
16:12:32.0582 6660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:12:32.0582 6660 MSPQM - ok
16:12:32.0582 6660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:12:32.0582 6660 MsRPC - ok
16:12:32.0598 6660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:12:32.0598 6660 mssmbios - ok
16:12:32.0598 6660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:12:32.0598 6660 MSTEE - ok
16:12:32.0598 6660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:12:32.0598 6660 MTConfig - ok
16:12:32.0614 6660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:12:32.0614 6660 Mup - ok
16:12:32.0614 6660 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:12:32.0614 6660 MyWiFiDHCPDNS - ok
16:12:32.0614 6660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:12:32.0629 6660 napagent - ok
16:12:32.0629 6660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:12:32.0629 6660 NativeWifiP - ok
16:12:32.0645 6660 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:12:32.0645 6660 NDIS - ok
16:12:32.0645 6660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:12:32.0645 6660 NdisCap - ok
16:12:32.0645 6660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:12:32.0660 6660 NdisTapi - ok
16:12:32.0660 6660 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:12:32.0660 6660 Ndisuio - ok
16:12:32.0660 6660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:12:32.0660 6660 NdisWan - ok
16:12:32.0660 6660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:12:32.0676 6660 NDProxy - ok
16:12:32.0676 6660 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:12:32.0676 6660 NetBIOS - ok
16:12:32.0676 6660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:12:32.0676 6660 NetBT - ok
16:12:32.0676 6660 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:12:32.0692 6660 Netlogon - ok
16:12:32.0692 6660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:12:32.0692 6660 Netman - ok
16:12:32.0707 6660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:12:32.0707 6660 netprofm - ok
16:12:32.0707 6660 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:12:32.0707 6660 NetTcpPortSharing - ok
16:12:32.0785 6660 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
16:12:32.0832 6660 NETwNs64 - ok
16:12:32.0832 6660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:12:32.0832 6660 nfrd960 - ok
16:12:32.0832 6660 [ BC4B7FA7F7EBE5E9CC70885A2CB727D0 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
16:12:32.0832 6660 NitroDriverReadSpool2 - ok
16:12:32.0848 6660 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:12:32.0848 6660 NlaSvc - ok
16:12:32.0848 6660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:12:32.0848 6660 Npfs - ok
16:12:32.0848 6660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:12:32.0848 6660 nsi - ok
16:12:32.0863 6660 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:12:32.0863 6660 nsiproxy - ok
16:12:32.0879 6660 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:12:32.0879 6660 Ntfs - ok
16:12:32.0879 6660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:12:32.0879 6660 Null - ok
16:12:32.0894 6660 [ 65E6BB06A644533118BE007E9601B2C2 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
16:12:32.0894 6660 nvkflt - ok
16:12:32.0972 6660 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:12:33.0019 6660 nvlddmkm - ok
16:12:33.0035 6660 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:12:33.0035 6660 nvpciflt - ok
16:12:33.0035 6660 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:12:33.0035 6660 nvraid - ok
16:12:33.0050 6660 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:12:33.0050 6660 nvstor - ok
16:12:33.0050 6660 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
16:12:33.0066 6660 nvsvc - ok
16:12:33.0066 6660 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:12:33.0082 6660 nvUpdatusService - ok
16:12:33.0082 6660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:12:33.0082 6660 nv_agp - ok
16:12:33.0082 6660 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:12:33.0082 6660 odserv - ok
16:12:33.0097 6660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:12:33.0097 6660 ohci1394 - ok
16:12:33.0097 6660 [ 2B8E4C792BED0E5882702720BC528AE5 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:12:33.0097 6660 ose - ok
16:12:33.0128 6660 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:12:33.0160 6660 osppsvc - ok
16:12:33.0160 6660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:12:33.0160 6660 p2pimsvc - ok
16:12:33.0175 6660 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:12:33.0175 6660 p2psvc - ok
16:12:33.0175 6660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:12:33.0175 6660 Parport - ok
16:12:33.0175 6660 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:12:33.0175 6660 partmgr - ok
16:12:33.0191 6660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:12:33.0191 6660 PcaSvc - ok
16:12:33.0191 6660 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:12:33.0191 6660 pci - ok
16:12:33.0191 6660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:12:33.0191 6660 pciide - ok
16:12:33.0206 6660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:12:33.0206 6660 pcmcia - ok
16:12:33.0206 6660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:12:33.0206 6660 pcw - ok
16:12:33.0222 6660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:12:33.0222 6660 PEAUTH - ok
16:12:33.0238 6660 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:12:33.0238 6660 PeerDistSvc - ok
16:12:33.0253 6660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:12:33.0253 6660 PerfHost - ok
16:12:33.0253 6660 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
16:12:33.0253 6660 PHCORE - ok
16:12:33.0269 6660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:12:33.0269 6660 pla - ok
16:12:33.0284 6660 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:12:33.0284 6660 PlugPlay - ok
16:12:33.0284 6660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:12:33.0284 6660 PNRPAutoReg - ok
16:12:33.0300 6660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:12:33.0300 6660 PNRPsvc - ok
16:12:33.0300 6660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:12:33.0300 6660 PolicyAgent - ok
16:12:33.0316 6660 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
16:12:33.0316 6660 Power - ok
16:12:33.0331 6660 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
16:12:33.0331 6660 Power Manager DBC Service - ok
16:12:33.0347 6660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:12:33.0347 6660 PptpMiniport - ok
16:12:33.0347 6660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:12:33.0347 6660 Processor - ok
16:12:33.0347 6660 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:12:33.0347 6660 ProfSvc - ok
16:12:33.0347 6660 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:12:33.0362 6660 ProtectedStorage - ok
16:12:33.0362 6660 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
16:12:33.0362 6660 psadd - ok
16:12:33.0362 6660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:12:33.0362 6660 Psched - ok
16:12:33.0362 6660 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:12:33.0362 6660 PSI_SVC_2 - ok
16:12:33.0378 6660 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
16:12:33.0394 6660 PwmEWSvc - ok
16:12:33.0409 6660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:12:33.0409 6660 ql2300 - ok
16:12:33.0409 6660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:12:33.0409 6660 ql40xx - ok
16:12:33.0425 6660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:12:33.0425 6660 QWAVE - ok
16:12:33.0425 6660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:12:33.0425 6660 QWAVEdrv - ok
16:12:33.0425 6660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:12:33.0425 6660 RasAcd - ok
16:12:33.0425 6660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:12:33.0440 6660 RasAgileVpn - ok
16:12:33.0440 6660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:12:33.0440 6660 RasAuto - ok
16:12:33.0440 6660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:12:33.0440 6660 Rasl2tp - ok
16:12:33.0456 6660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:12:33.0456 6660 RasMan - ok
16:12:33.0456 6660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:12:33.0456 6660 RasPppoe - ok
16:12:33.0456 6660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:12:33.0456 6660 RasSstp - ok
16:12:33.0472 6660 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:12:33.0472 6660 rdbss - ok
16:12:33.0472 6660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:12:33.0472 6660 rdpbus - ok
16:12:33.0472 6660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:12:33.0472 6660 RDPCDD - ok
16:12:33.0487 6660 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:12:33.0487 6660 RDPDR - ok
16:12:33.0487 6660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:12:33.0487 6660 RDPENCDD - ok
16:12:33.0487 6660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:12:33.0487 6660 RDPREFMP - ok
16:12:33.0503 6660 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:12:33.0503 6660 RdpVideoMiniport - ok
16:12:33.0503 6660 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:12:33.0503 6660 RDPWD - ok
16:12:33.0503 6660 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:12:33.0503 6660 rdyboost - ok
16:12:33.0518 6660 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:12:33.0518 6660 RegSrvc - ok
16:12:33.0518 6660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:12:33.0518 6660 RemoteAccess - ok
16:12:33.0518 6660 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:12:33.0518 6660 RemoteRegistry - ok
16:12:33.0534 6660 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:12:33.0534 6660 RFCOMM - ok
16:12:33.0534 6660 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
16:12:33.0534 6660 risdxc - ok
16:12:33.0534 6660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:12:33.0534 6660 RpcEptMapper - ok
16:12:33.0550 6660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:12:33.0550 6660 RpcLocator - ok
16:12:33.0550 6660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:12:33.0550 6660 RpcSs - ok
16:12:33.0565 6660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:12:33.0565 6660 rspndr - ok
16:12:33.0565 6660 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:12:33.0565 6660 s3cap - ok
16:12:33.0565 6660 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:12:33.0565 6660 SamSs - ok
16:12:33.0565 6660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:12:33.0565 6660 sbp2port - ok
16:12:33.0581 6660 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:12:33.0581 6660 SCardSvr - ok
16:12:33.0581 6660 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:12:33.0581 6660 scfilter - ok
16:12:33.0596 6660 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:12:33.0596 6660 Schedule - ok
16:12:33.0596 6660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:12:33.0596 6660 SCPolicySvc - ok
16:12:33.0612 6660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:12:33.0612 6660 SDRSVC - ok
16:12:33.0612 6660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:12:33.0612 6660 secdrv - ok
16:12:33.0612 6660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:12:33.0612 6660 seclogon - ok
16:12:33.0628 6660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:12:33.0628 6660 SENS - ok
16:12:33.0628 6660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:12:33.0628 6660 SensrSvc - ok
16:12:33.0628 6660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:12:33.0628 6660 Serenum - ok
16:12:33.0628 6660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:12:33.0628 6660 Serial - ok
16:12:33.0643 6660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:12:33.0643 6660 sermouse - ok
16:12:33.0643 6660 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:12:33.0643 6660 SessionEnv - ok
16:12:33.0659 6660 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:12:33.0659 6660 sffdisk - ok
16:12:33.0659 6660 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:12:33.0659 6660 sffp_mmc - ok
16:12:33.0659 6660 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:12:33.0659 6660 sffp_sd - ok
16:12:33.0659 6660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:12:33.0659 6660 sfloppy - ok
16:12:33.0674 6660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:12:33.0674 6660 SharedAccess - ok
16:12:33.0674 6660 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:12:33.0674 6660 ShellHWDetection - ok
16:12:33.0690 6660 [ 7AC6FBFC13ABA3F15B05986412D10E10 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
16:12:33.0690 6660 Shockprf - ok
16:12:33.0690 6660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:12:33.0690 6660 SiSRaid2 - ok
16:12:33.0690 6660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:12:33.0690 6660 SiSRaid4 - ok
16:12:33.0706 6660 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:12:33.0706 6660 SkypeUpdate - ok
16:12:33.0706 6660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:12:33.0706 6660 Smb - ok
16:12:33.0706 6660 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
16:12:33.0706 6660 smihlp - ok
16:12:33.0721 6660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:12:33.0721 6660 SNMPTRAP - ok
16:12:33.0721 6660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:12:33.0721 6660 spldr - ok
16:12:33.0721 6660 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:12:33.0737 6660 Spooler - ok
16:12:33.0752 6660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:12:33.0768 6660 sppsvc - ok
16:12:33.0784 6660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:12:33.0784 6660 sppuinotify - ok
16:12:33.0784 6660 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:12:33.0784 6660 srv - ok
16:12:33.0799 6660 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:12:33.0799 6660 srv2 - ok
16:12:33.0799 6660 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:12:33.0799 6660 srvnet - ok
16:12:33.0799 6660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:12:33.0815 6660 SSDPSRV - ok
16:12:33.0815 6660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:12:33.0815 6660 SstpSvc - ok
16:12:33.0815 6660 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:12:33.0815 6660 Stereo Service - ok
16:12:33.0830 6660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:12:33.0830 6660 stexstor - ok
16:12:33.0830 6660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:12:33.0830 6660 stisvc - ok
16:12:33.0846 6660 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:12:33.0846 6660 storflt - ok
16:12:33.0846 6660 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:12:33.0846 6660 StorSvc - ok
16:12:33.0846 6660 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:12:33.0846 6660 storvsc - ok
16:12:33.0846 6660 [ 5D8B9129DA2EB060BC9346FD9724632E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
16:12:33.0862 6660 SUService - ok
16:12:33.0862 6660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:12:33.0862 6660 swenum - ok
16:12:33.0862 6660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:12:33.0862 6660 swprv - ok
16:12:33.0877 6660 [ 883D2880144FD3ED9F1C04B5B5B9B562 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:12:33.0877 6660 SynTP - ok
16:12:33.0893 6660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:12:33.0893 6660 SysMain - ok
16:12:33.0908 6660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:12:33.0908 6660 TabletInputService - ok
16:12:33.0908 6660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:12:33.0908 6660 TapiSrv - ok
16:12:33.0908 6660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:12:33.0924 6660 TBS - ok
16:12:33.0924 6660 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:12:33.0940 6660 Tcpip - ok
16:12:33.0955 6660 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:12:33.0971 6660 TCPIP6 - ok
16:12:33.0971 6660 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:12:33.0971 6660 tcpipreg - ok
16:12:33.0971 6660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:12:33.0971 6660 TDPIPE - ok
16:12:33.0986 6660 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:12:33.0986 6660 TDTCP - ok
16:12:33.0986 6660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:12:33.0986 6660 tdx - ok
16:12:33.0986 6660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:12:33.0986 6660 TermDD - ok
16:12:34.0002 6660 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:12:34.0002 6660 TermService - ok
16:12:34.0002 6660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:12:34.0002 6660 Themes - ok
16:12:34.0018 6660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:12:34.0018 6660 THREADORDER - ok
16:12:34.0018 6660 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
16:12:34.0018 6660 TPDIGIMN - ok
16:12:34.0018 6660 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
16:12:34.0018 6660 TPHDEXLGSVC - ok
16:12:34.0033 6660 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
16:12:34.0033 6660 TPHKLOAD - ok
16:12:34.0033 6660 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
16:12:34.0033 6660 TPHKSVC - ok
16:12:34.0033 6660 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
16:12:34.0033 6660 TPM - ok
16:12:34.0033 6660 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
16:12:34.0033 6660 TPPWRIF - ok
16:12:34.0049 6660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:12:34.0049 6660 TrkWks - ok
16:12:34.0049 6660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:12:34.0049 6660 TrustedInstaller - ok
16:12:34.0064 6660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:12:34.0064 6660 tssecsrv - ok
16:12:34.0064 6660 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:12:34.0064 6660 TsUsbFlt - ok
16:12:34.0064 6660 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:12:34.0064 6660 TsUsbGD - ok
16:12:34.0064 6660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:12:34.0064 6660 tunnel - ok
16:12:34.0080 6660 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
16:12:34.0080 6660 TVTI2C - ok
16:12:34.0080 6660 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
16:12:34.0080 6660 tvtvcamd - ok
16:12:34.0080 6660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:12:34.0080 6660 uagp35 - ok
16:12:34.0096 6660 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:12:34.0096 6660 udfs - ok
16:12:34.0096 6660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:12:34.0096 6660 UI0Detect - ok
16:12:34.0111 6660 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
16:12:34.0111 6660 UleadBurningHelper - ok
16:12:34.0111 6660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:12:34.0111 6660 uliagpkx - ok
16:12:34.0111 6660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:12:34.0111 6660 umbus - ok
16:12:34.0111 6660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:12:34.0111 6660 UmPass - ok
16:12:34.0127 6660 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:12:34.0127 6660 UmRdpService - ok
16:12:34.0127 6660 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:12:34.0127 6660 UNS - ok
16:12:34.0142 6660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:12:34.0142 6660 upnphost - ok
16:12:34.0142 6660 [ 6CC0985C3BB5931F73FF0846E06A9483 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:12:34.0142 6660 usbccgp - ok
16:12:34.0142 6660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:12:34.0142 6660 usbcir - ok
16:12:34.0158 6660 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:12:34.0158 6660 usbehci - ok
16:12:34.0158 6660 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:12:34.0158 6660 usbhub - ok
16:12:34.0158 6660 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:12:34.0158 6660 usbohci - ok
16:12:34.0174 6660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:12:34.0174 6660 usbprint - ok
16:12:34.0174 6660 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:12:34.0174 6660 usbscan - ok
16:12:34.0174 6660 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:12:34.0174 6660 USBSTOR - ok
16:12:34.0174 6660 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:12:34.0174 6660 usbuhci - ok
16:12:34.0189 6660 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:12:34.0189 6660 usbvideo - ok
16:12:34.0189 6660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:12:34.0189 6660 UxSms - ok
16:12:34.0189 6660 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:12:34.0189 6660 VaultSvc - ok
16:12:34.0205 6660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:12:34.0205 6660 vdrvroot - ok
16:12:34.0205 6660 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:12:34.0205 6660 vds - ok
16:12:34.0220 6660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:12:34.0220 6660 vga - ok
16:12:34.0220 6660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:12:34.0220 6660 VgaSave - ok
16:12:34.0220 6660 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:12:34.0220 6660 vhdmp - ok
16:12:34.0220 6660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:12:34.0220 6660 viaide - ok
16:12:34.0236 6660 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
16:12:34.0236 6660 VIPAppService - ok
16:12:34.0236 6660 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:12:34.0236 6660 vmbus - ok
16:12:34.0236 6660 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:12:34.0236 6660 VMBusHID - ok
16:12:34.0252 6660 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:12:34.0252 6660 volmgr - ok
16:12:34.0252 6660 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:12:34.0252 6660 volmgrx - ok
16:12:34.0252 6660 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:12:34.0267 6660 volsnap - ok
16:12:34.0267 6660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:12:34.0267 6660 vsmraid - ok
16:12:34.0283 6660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:12:34.0283 6660 VSS - ok
16:12:34.0283 6660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:12:34.0283 6660 vwifibus - ok
16:12:34.0298 6660 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:12:34.0298 6660 vwififlt - ok
16:12:34.0298 6660 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:12:34.0298 6660 vwifimp - ok
16:12:34.0298 6660 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:12:34.0298 6660 W32Time - ok
16:12:34.0314 6660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:12:34.0314 6660 WacomPen - ok
16:12:34.0314 6660 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:12:34.0314 6660 WANARP - ok
16:12:34.0314 6660 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:12:34.0314 6660 Wanarpv6 - ok
16:12:34.0330 6660 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:12:34.0345 6660 wbengine - ok
16:12:34.0345 6660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:12:34.0345 6660 WbioSrvc - ok
16:12:34.0361 6660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:12:34.0361 6660 wcncsvc - ok
16:12:34.0361 6660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:12:34.0361 6660 WcsPlugInService - ok
16:12:34.0361 6660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:12:34.0361 6660 Wd - ok
16:12:34.0376 6660 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:12:34.0376 6660 Wdf01000 - ok
16:12:34.0376 6660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:12:34.0392 6660 WdiServiceHost - ok
16:12:34.0392 6660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:12:34.0392 6660 WdiSystemHost - ok
16:12:34.0392 6660 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:12:34.0392 6660 WebClient - ok
16:12:34.0408 6660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:12:34.0408 6660 Wecsvc - ok
16:12:34.0408 6660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:12:34.0408 6660 wercplsupport - ok
16:12:34.0408 6660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:12:34.0408 6660 WerSvc - ok
16:12:34.0423 6660 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:12:34.0423 6660 WfpLwf - ok
16:12:34.0423 6660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:12:34.0423 6660 WIMMount - ok
16:12:34.0423 6660 WinDefend - ok
16:12:34.0439 6660 WinHttpAutoProxySvc - ok
16:12:34.0439 6660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:12:34.0439 6660 Winmgmt - ok
16:12:34.0454 6660 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:12:34.0470 6660 WinRM - ok
16:12:34.0470 6660 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
16:12:34.0470 6660 WinUsb - ok
16:12:34.0486 6660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:12:34.0486 6660 Wlansvc - ok
16:12:34.0486 6660 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:12:34.0486 6660 wlcrasvc - ok
16:12:34.0501 6660 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:12:34.0517 6660 wlidsvc - ok
16:12:34.0517 6660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:12:34.0517 6660 WmiAcpi - ok
16:12:34.0532 6660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:12:34.0532 6660 wmiApSrv - ok
16:12:34.0532 6660 WMPNetworkSvc - ok
16:12:34.0532 6660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:12:34.0532 6660 WPCSvc - ok
16:12:34.0548 6660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:12:34.0548 6660 WPDBusEnum - ok
16:12:34.0548 6660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:12:34.0548 6660 ws2ifsl - ok
16:12:34.0548 6660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:12:34.0548 6660 wscsvc - ok
16:12:34.0564 6660 WSearch - ok
16:12:34.0579 6660 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:12:34.0595 6660 wuauserv - ok
16:12:34.0595 6660 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:12:34.0595 6660 WudfPf - ok
16:12:34.0595 6660 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:12:34.0595 6660 WUDFRd - ok
16:12:34.0610 6660 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:12:34.0610 6660 wudfsvc - ok
16:12:34.0610 6660 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:12:34.0610 6660 WwanSvc - ok
16:12:34.0642 6660 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:12:34.0642 6660 ZeroConfigService - ok
16:12:34.0657 6660 ================ Scan global ===============================
16:12:34.0657 6660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:12:34.0657 6660 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:12:34.0673 6660 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:12:34.0673 6660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:12:34.0673 6660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:12:34.0673 6660 [Global] - ok
16:12:34.0673 6660 ================ Scan MBR ==================================
16:12:34.0673 6660 [ C325549D07816418609926B52AB3DE9C ] \Device\Harddisk0\DR0
16:12:34.0720 6660 \Device\Harddisk0\DR0 - ok
16:12:34.0720 6660 ================ Scan VBR ==================================
16:12:34.0720 6660 [ 0D68217E0CBDCC8805330F6D84618CC7 ] \Device\Harddisk0\DR0\Partition1
16:12:34.0720 6660 \Device\Harddisk0\DR0\Partition1 - ok
16:12:34.0720 6660 [ 396714E6EF2A4F3B63FB7A386838581C ] \Device\Harddisk0\DR0\Partition2
16:12:34.0720 6660 \Device\Harddisk0\DR0\Partition2 - ok
16:12:34.0720 6660 [ 0A6C061F61DF224F4DEF20B3BABAE1AA ] \Device\Harddisk0\DR0\Partition3
16:12:34.0720 6660 \Device\Harddisk0\DR0\Partition3 - ok
16:12:34.0720 6660 ============================================================
16:12:34.0720 6660 Scan finished
16:12:34.0720 6660 ============================================================
16:12:34.0735 1356 Detected object count: 0
16:12:34.0735 1356 Actual detected object count: 0
16:12:58.0978 6968 Deinitialize success
|
|
08.03.2013, 17:07
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach StartZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.03.2013, 19:31
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Ich vermisse das Log von aswMBR
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.03.2013, 19:58
| #6 |
| | Windows 7 Taskleiste friert ein nach Start Hm, ich dachte, wenn das aswMBR abstürzt gibts kein Log? Wenn ich neustarte und speichere kommt sowas bei raus: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-08 19:50:45
-----------------------------
19:50:45.653 OS Version: Windows x64 6.1.7601 Service Pack 1
19:50:45.653 Number of processors: 4 586 0x3A09
19:50:45.653 ComputerName: KARL-PC UserName: Karl
19:50:45.887 Initialize success
19:50:49.631 The log file has been saved successfully to "C:\Users\Karl\Downloads\Desktop\aswMBR.txt"
|
|
08.03.2013, 20:33
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start bitte aswmbr nochmal ausführen, anleitung genau umsetzen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.03.2013, 16:02
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Was diese Schlösser bei den Ordnersymbolen bedeutet und was die hiberfil ist hättest du selbst leicht über eine Suchmaschine rausfinden können - diese Verzeichnisse werden normalerweise ausgeblendet und wenn ein Schloss zu sehen ist hat der gerade angemeldete Benutzer für diese Ordner eingeschränkten oder keinen Zugriff. hiberfil ist das hibernation file siehe Ruhezustand Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.03.2013, 21:49
| #9 |
| | Windows 7 Taskleiste friert ein nach Start Hallo, Ich hoffe, ich habe diesmal alles richtig gemacht. Nach dem Neustart habe ich das Log-file auf C gefunden: Code:
ATTFilter ComboFix 13-03-10.02 - kard2g 10.03.2013 20:22:51.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.7915.5343 [GMT 1:00]
ausgeführt von:: C:\Users\kard2g\Downloads\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
---- Vorheriger Suchlauf -------
C:\ProgramData\Roaming
Q:\Autorun.inf
((((((((((((((((((((((( Dateien erstellt von 2013-02-10 bis 2013-03-10 ))))))))))))))))))))))))))))))
2013-03-10 19:47:12 . 2013-03-10 19:47:12 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2013-03-10 19:47:11 . 2013-03-10 19:47:11 -------- d-----w- C:\Users\kard2g\AppData\Local\temp
2013-03-10 19:47:11 . 2013-03-10 19:47:11 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-03-08 11:44:22 . 2013-02-08 00:28:29 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{90F61D01-8542-4956-93EB-EC5E1D792204}\mpengine.dll
2013-03-06 22:43:51 . 2013-03-06 22:43:51 -------- d-----w- C:\Users\kard2g\AppData\Roaming\Malwarebytes
2013-03-06 22:43:44 . 2013-03-06 22:43:44 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-06 22:43:43 . 2013-03-06 22:43:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-06 22:43:43 . 2012-12-14 15:49:28 24176 ----a-w- C:\Windows\system32\drivers\mbam.sys
2013-03-06 22:20:09 . 2013-03-06 22:22:04 -------- d-----w- C:\Users\kard2g\AppData\Local\ElevatedDiagnostics
2013-03-06 22:20:00 . 2013-03-06 22:20:00 -------- d-----w- C:\Users\kard2g\AppData\Local\Diagnostics
2013-02-25 10:08:19 . 2013-02-25 10:08:19 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2013-02-25 10:08:17 . 2013-02-25 10:08:14 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-02-25 10:08:17 . 2013-02-25 10:08:14 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-02-25 10:07:21 . 2013-02-25 10:07:21 -------- d-----w- C:\Users\kard2g\AppData\Local\Programs
2013-02-24 23:31:00 . 2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-02-24 23:31:00 . 2013-01-13 19:24:30 221184 ----a-w- C:\Windows\system32\UIAnimation.dll
2013-02-24 23:31:00 . 2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-02-24 23:31:00 . 2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\system32\msmpeg2vdec.dll
2013-02-19 22:12:53 . 2013-02-19 22:12:56 -------- d--h--w- C:\Windows\AxInstSV
2013-02-13 17:24:20 . 2008-05-07 18:59:34 99840 ----a-w- C:\Windows\system32\Spool\prtprocs\x64\HPZPPLHN.DLL
2013-02-13 07:33:34 . 2013-01-09 01:10:05 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 07:33:34 . 2013-01-08 22:01:00 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 07:30:30 . 2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\system32\ntoskrnl.exe
2013-02-13 07:30:30 . 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 07:30:30 . 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 07:30:22 . 2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\system32\win32k.sys
2013-02-13 07:30:20 . 2013-01-04 05:46:09 215040 ----a-w- C:\Windows\system32\winsrv.dll
2013-02-13 07:30:20 . 2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 07:30:20 . 2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 07:30:20 . 2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 07:30:20 . 2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 07:30:20 . 2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 07:30:18 . 2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 07:30:18 . 2013-01-03 06:00:42 288088 ----a-w- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-11 09:29:05 . 2013-02-11 09:29:05 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2013-02-11 09:29:04 . 2013-02-11 09:29:05 -------- d-----r- C:\Program Files (x86)\Skype
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-02-24 22:00:37 . 2012-12-27 20:53:24 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-24 22:00:37 . 2012-12-27 20:53:24 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-13 07:34:53 . 2012-12-29 11:06:40 70004024 ----a-w- C:\Windows\system32\MRT.exe
2013-01-17 00:28:58 . 2010-11-21 03:27:21 273840 ------w- C:\Windows\system32\MpSigStub.exe
2013-01-04 04:43:21 . 2013-02-13 07:30:20 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-27 19:50:39 . 2011-03-28 16:36:46 19696 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-12-16 17:11:22 . 2012-12-28 11:37:03 46080 ----a-w- C:\Windows\system32\atmlib.dll
2012-12-16 14:45:03 . 2012-12-28 11:37:03 367616 ----a-w- C:\Windows\system32\atmfd.dll
2012-12-16 14:13:28 . 2012-12-28 11:37:03 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 . 2012-12-28 11:37:03 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-11 05:22:08 . 2012-12-11 05:22:08 72048 ----a-w- C:\Windows\system32\ibmpmctl.exe
2012-12-11 05:22:08 . 2012-12-11 05:22:08 60272 ----a-w- C:\Windows\system32\ibmpmsvc.exe
2012-12-11 05:22:08 . 2012-12-11 05:22:08 42824 ----a-w- C:\Windows\system32\drivers\ibmpmdrv.sys
2012-12-11 05:22:08 . 2012-12-11 05:22:08 39792 ----a-w- C:\Windows\system32\tpinspm.dll
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
|
|
10.03.2013, 22:11
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Log ist leider unvollständig
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.03.2013, 23:03
| #11 |
| | Windows 7 Taskleiste friert ein nach Start hm. Habs nochmal laufen lassen, hier das Ergebnis: Code:
ATTFilter ComboFix 13-03-10.02 - kard2g 10.03.2013 22:19:33.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.7915.5160 [GMT 1:00]
ausgeführt von:: c:\users\kard2g\Downloads\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-10 bis 2013-03-10 ))))))))))))))))))))))))))))))
.
.
2013-03-10 21:59 . 2013-03-10 21:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-10 21:59 . 2013-03-10 21:59 -------- d-----w- c:\users\kard2g\AppData\Local\temp
2013-03-10 21:59 . 2013-03-10 21:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-08 11:44 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90F61D01-8542-4956-93EB-EC5E1D792204}\mpengine.dll
2013-03-06 22:43 . 2013-03-06 22:43 -------- d-----w- c:\users\kard2g\AppData\Roaming\Malwarebytes
2013-03-06 22:43 . 2013-03-06 22:43 -------- d-----w- c:\programdata\Malwarebytes
2013-03-06 22:43 . 2013-03-06 22:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-06 22:43 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-06 22:20 . 2013-03-06 22:22 -------- d-----w- c:\users\kard2g\AppData\Local\ElevatedDiagnostics
2013-03-06 22:20 . 2013-03-06 22:20 -------- d-----w- c:\users\kard2g\AppData\Local\Diagnostics
2013-02-25 10:08 . 2013-02-25 10:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-02-25 10:08 . 2013-02-25 10:08 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-02-25 10:08 . 2013-02-25 10:08 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-25 10:07 . 2013-02-25 10:07 -------- d-----w- c:\users\kard2g\AppData\Local\Programs
2013-02-24 23:31 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-02-24 23:31 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-24 23:31 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-02-24 23:31 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-02-19 22:12 . 2013-02-19 22:12 -------- d--h--w- c:\windows\AxInstSV
2013-02-13 17:24 . 2008-05-07 18:59 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPLHN.DLL
2013-02-13 07:33 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 07:33 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 07:30 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 07:30 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 07:30 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 07:30 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 07:30 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 07:30 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 07:30 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 07:30 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 07:30 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 07:30 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 07:30 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 07:30 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-11 09:29 . 2013-02-11 09:29 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-02-11 09:29 . 2013-02-11 09:29 -------- d-----r- c:\program files (x86)\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-24 22:00 . 2012-12-27 20:53 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-24 22:00 . 2012-12-27 20:53 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-13 07:34 . 2012-12-29 11:06 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 07:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-27 19:50 . 2011-03-28 16:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-12-16 17:11 . 2012-12-28 11:37 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-28 11:37 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-28 11:37 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-28 11:37 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-11 05:22 . 2012-12-11 05:22 72048 ----a-w- c:\windows\system32\ibmpmctl.exe
2012-12-11 05:22 . 2012-12-11 05:22 60272 ----a-w- c:\windows\system32\ibmpmsvc.exe
2012-12-11 05:22 . 2012-12-11 05:22 42824 ----a-w- c:\windows\system32\drivers\ibmpmdrv.sys
2012-12-11 05:22 . 2012-12-11 05:22 39792 ----a-w- c:\windows\system32\tpinspm.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-04-19 291608]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-02-28 133400]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-06-01 506712]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-15 5941344]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-13 4351712]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-02-12 385248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkPad\Bluetooth Software\BtwProximityCP.dll c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [2012-05-29 144992]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-04-19 35256]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-05-15 1665120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [2012-05-15 29512]
S0 Fastboot;Fastboot;c:\windows\System32\DRIVERS\Fastboot.sys [2012-01-17 70416]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-04-19 19224]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-12-28 25416]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-10-08 284008]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [2012-03-26 33344]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-12 86752]
S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2012-01-17 169776]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2012-06-01 58224]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-06-01 61296]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [2012-06-01 179568]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-05-23 216072]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-12-29 144960]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-04-18 84080]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-02-26 2669840]
S3 5U877;5U877;c:\windows\system32\DRIVERS\5U877.sys [2012-02-16 216064]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-04-01 163368]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-04-01 594472]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
S3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2012-05-15 320576]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-04-19 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-04-19 789272]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-04-19 25528]
S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2009-05-11 118016]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-05-15 1662560]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2011-05-29 40248]
S3 tvtvcamd;ThinkVantage Virtual Camera;c:\windows\system32\DRIVERS\tvtvcamd.sys [2011-12-07 27432]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 65400327
*NewlyCreated* - 77398584
*Deregistered* - 65400327
*Deregistered* - 77398584
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-07 08:02 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-27 22:00]
.
2013-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-20 09:31]
.
2013-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-20 09:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-02-01 10:56 2324576 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-02-01 10:56 2324576 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-02-01 10:56 2324576 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-13 12452968]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-03-09 1158248]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TpShocks"="TpShocks.exe" [2012-02-24 382528]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-03 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-03 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-03 441152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\kard2g\AppData\Roaming\Mozilla\Firefox\Profiles\kq8bs4j3.default\
FF - prefs.js: browser.startup.homepage - hxxps://dub002.mail.live.com/default.aspx?n=1555247403&fid=93615b1a2d7b4d53a7e1a6c0629270c7#n=1192869769&fid=1
FF - ExtSQL: 2013-02-25 11:08; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-10 23:00:39
ComboFix-quarantined-files.txt 2013-03-10 22:00
.
Vor Suchlauf: 14 Verzeichnis(se), 166.682.902.528 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 166.625.792.000 Bytes frei
.
- - End Of File - - E81B16C055A28745D110CDC019761CD0
|
|
11.03.2013, 09:38
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.03.2013, 10:09
| #13 |
| | Windows 7 Taskleiste friert ein nach Start Hallo, Hier das Junkware Log: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Professional x64
Ran by kard2g on 11.03.2013 at 9:45:02,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\partner"
~~~ FireFox
Emptied folder: C:\Users\kard2g\AppData\Roaming\mozilla\firefox\profiles\kq8bs4j3.default\minidumps [122 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.03.2013 at 9:55:04,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.114 - Datei am 11/03/2013 um 09:57:18 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : kard2g - kard2g-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\kard2g\Downloads\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\kard2g\AppData\Roaming\Mozilla\Firefox\Profiles\kq8bs4j3.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v25.0.1364.152
Datei : C:\Users\kard2g\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [880 octets] - [11/03/2013 09:57:18]
########## EOF - C:\AdwCleaner[S1].txt - [939 octets] ##########
Code:
ATTFilter OTL logfile created on: 11.03.2013 10:02:10 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kard2g\Downloads\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,73 Gb Total Physical Memory | 5,49 Gb Available Physical Memory | 71,08% Memory free
15,46 Gb Paging File | 13,09 Gb Available in Paging File | 84,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 225,43 Gb Total Space | 154,96 Gb Free Space | 68,74% Space Free | Partition Type: NTFS
Drive Q: | 11,97 Gb Total Space | 0,42 Gb Free Space | 3,54% Space Free | Partition Type: NTFS
Computer Name: kard2g-PC | User Name: kard2g | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\kard2g\Downloads\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
PRC - C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe (Lenovo)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Lenovo)
PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo.)
SRV:64bit: - (TPHDEXLGSVC) -- C:\Windows\SysNative\TPHDEXLG64.exe (Lenovo.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SUService) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (LENOVO.TVTVCAM) -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited)
SRV - (LENOVO.TPKNRSVC) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)
SRV - (LENOVO.CAMMUTE) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
SRV - (HyperW7Svc) -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe (Lenovo Group Limited)
SRV - (NitroDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe (Nitro PDF Software)
SRV - (PwmEWSvc) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE (Lenovo Group Limited)
SRV - (Power Manager DBC Service) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo)
SRV - (DozeSvc) -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE (Lenovo.)
SRV - (VIPAppService) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Symantec Corporation)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (FastbootService) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Lenovo)
SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV - (Lenovo.VIRTSCRLSVC) -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe (Lenovo Group Limited)
SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
SRV - (LENOVO.MICMUTE) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (UleadBurningHelper) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (DzHDD64) -- C:\Windows\SysNative\drivers\DZHDD64.SYS (Lenovo.)
DRV:64bit: - (TPPWRIF) -- C:\Windows\SysNative\drivers\TPPWR64V.SYS (Lenovo Group Limited)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:64bit: - (5U877) -- C:\Windows\SysNative\drivers\5U877.sys (Ricoh co.,Ltd.)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (Shockprf) -- C:\Windows\SysNative\drivers\ApsX64.sys (Lenovo.)
DRV:64bit: - (TPDIGIMN) -- C:\Windows\SysNative\drivers\ApsHM64.sys (Lenovo.)
DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo Information Product(ShenZhen China) Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tvtvcamd) -- C:\Windows\SysNative\drivers\tvtvcamd.sys (ThinkVantage Communications Utility)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (TVTI2C) -- C:\Windows\SysNative\drivers\tvti2c.sys (Lenovo Information Product(ShenZhen China) Inc.)
DRV:64bit: - (risdxc) -- C:\Windows\SysNative\drivers\risdxc64.sys (REDC)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (LenovoRd) -- C:\Windows\SysNative\drivers\LenovoRd.sys (Lenovo)
DRV - (PHCORE) -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys (Lenovo Group Limited)
DRV - (smihlp) -- C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys (Authentec Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
IE - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE516
IE - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "https://dub002.mail.live.com/default.aspx?n=1555247403&fid=93615b1a2d7b4d53a7e1a6c0629270c7#n=1192869769&fid=1"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP1X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.09.20 10:37:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 12:46:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 12:46:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.12.27 20:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kard2g\AppData\Roaming\mozilla\Extensions
[2013.03.08 12:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.08 12:46:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.03.08 12:46:22 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
CHR - Extension: Norton Identity Protection = C:\Users\kard2g\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\
O1 HOSTS File: ([2013.03.10 19:05:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3652158966-3723022097-2705349980-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C889D25-49BA-4A68-9B96-92759D32A44B}: DhcpNameServer = 172.168.111.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F17E90BC-D2C9-4BC8-93B5-4EFF9B7FA132}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.11 10:00:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\kard2g\Downloads\Desktop\OTL(1).exe
[2013.03.11 09:45:01 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.03.11 09:44:54 | 000,000,000 | ---D | C] -- C:\JRT
[2013.03.11 09:43:59 | 000,547,791 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\kard2g\Downloads\Desktop\JRT.exe
[2013.03.11 08:47:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.10 23:00:40 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.10 23:00:40 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\temp
[2013.03.10 18:48:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.10 18:48:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.10 18:48:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.10 18:48:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.10 18:48:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.10 18:46:18 | 005,037,356 | R--- | C] (Swearware) -- C:\Users\kard2g\Downloads\Desktop\ComboFix.exe
[2013.03.08 16:11:40 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\kard2g\Downloads\Desktop\tdsskiller.exe
[2013.03.08 13:36:39 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.03.08 13:30:08 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\kard2g\Downloads\Desktop\aswMBR.exe
[2013.03.08 12:46:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.07 18:45:56 | 000,000,000 | ---D | C] -- C:\Users\kard2g\Downloads\Desktop\mbar
[2013.03.06 23:43:51 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Roaming\Malwarebytes
[2013.03.06 23:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.06 23:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.06 23:43:43 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.06 23:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.06 23:20:09 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\ElevatedDiagnostics
[2013.03.06 23:20:00 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\Diagnostics
[2013.03.06 23:03:46 | 000,000,000 | ---D | C] -- C:\Users\kard2g\Downloads\Desktop\Neuer Ordner
[2013.03.03 22:47:10 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\{85C5C93D-5D0D-4471-BCF1-0497919BF460}
[2013.03.03 22:47:10 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\{291E1D14-EABD-494B-8A65-90A3B533ABFC}
[2013.02.25 11:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.02.25 11:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.02.25 11:08:17 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.02.25 11:08:17 | 000,473,072 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.25 11:08:17 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2013.02.25 11:08:17 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2013.02.25 11:08:17 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2013.02.25 11:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
[2013.02.25 11:07:21 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\Programs
[2013.02.25 00:31:00 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.25 00:31:00 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.25 00:31:00 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.25 00:31:00 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.25 00:30:58 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.25 00:30:58 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.25 00:30:57 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.25 00:30:57 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.25 00:30:57 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.25 00:30:57 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.25 00:30:57 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.25 00:30:57 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.25 00:30:57 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.25 00:30:57 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.25 00:30:57 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.25 00:30:57 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.25 00:30:57 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.25 00:30:57 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.25 00:30:57 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.25 00:30:57 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.25 00:30:57 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.25 00:30:57 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.25 00:30:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.25 00:30:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.25 00:30:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.25 00:30:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.25 00:30:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.25 00:30:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.25 00:30:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.25 00:30:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.25 00:30:57 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.25 00:30:57 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.25 00:30:56 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.25 00:30:56 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.19 23:12:53 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2013.02.13 08:32:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 08:32:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 08:32:36 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 08:32:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 08:32:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 08:32:36 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 08:32:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 08:32:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 08:32:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 08:32:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 08:32:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 08:32:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 08:32:35 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 08:32:35 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 08:32:35 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 08:30:30 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 08:30:30 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 08:30:30 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 08:30:20 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 08:30:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 08:30:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 08:30:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 08:30:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 08:30:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 08:30:18 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.11 10:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.11 10:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.11 10:29:04 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
========== Files - Modified Within 30 Days ==========
[2013.03.11 10:02:24 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.11 10:02:24 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.11 10:02:24 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.11 10:02:24 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.11 10:02:24 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.11 10:01:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.11 10:00:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kard2g\Downloads\Desktop\OTL(1).exe
[2013.03.11 10:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.11 09:58:59 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.11 09:58:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.11 09:58:04 | 1929,723,903 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.11 09:56:35 | 000,597,667 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\adwcleaner.exe
[2013.03.11 09:50:09 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.11 09:50:09 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.11 09:44:04 | 000,547,791 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\kard2g\Downloads\Desktop\JRT.exe
[2013.03.10 19:05:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.03.10 18:47:06 | 005,037,356 | R--- | M] (Swearware) -- C:\Users\kard2g\Downloads\Desktop\ComboFix.exe
[2013.03.09 18:04:08 | 000,007,598 | ---- | M] () -- C:\Users\kard2g\AppData\Local\Resmon.ResmonCfg
[2013.03.09 14:15:34 | 000,263,040 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\aswMBR_Absturz.PNG
[2013.03.08 16:23:31 | 000,122,240 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\Systemdateien_strange.PNG
[2013.03.08 16:20:35 | 000,014,003 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\SnippingTool.exe - Verknüpfung.lnk
[2013.03.08 16:11:44 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\kard2g\Downloads\Desktop\tdsskiller.exe
[2013.03.08 13:36:37 | 692,116,707 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.03.08 13:31:29 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\kard2g\Downloads\Desktop\aswMBR.exe
[2013.03.07 18:43:06 | 000,001,509 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\firefox.exe - Verknüpfung.lnk
[2013.03.07 09:12:04 | 000,000,000 | ---- | M] () -- C:\Users\kard2g\defogger_reenable
[2013.03.06 23:43:44 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.26 17:15:42 | 000,363,754 | ---- | M] () -- C:\Users\kard2g\Documents\Desalination plant.xmind
[2013.02.25 11:08:14 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.02.25 11:08:14 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.25 11:08:14 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2013.02.25 11:08:14 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2013.02.25 11:08:14 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2013.02.24 23:00:37 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.24 23:00:37 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.13 18:08:55 | 000,464,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013.03.11 09:56:32 | 000,597,667 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\adwcleaner.exe
[2013.03.10 18:48:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.10 18:48:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.10 18:48:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.10 18:48:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.10 18:48:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.09 18:04:08 | 000,007,598 | ---- | C] () -- C:\Users\kard2g\AppData\Local\Resmon.ResmonCfg
[2013.03.09 14:15:34 | 000,263,040 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\aswMBR_Absturz.PNG
[2013.03.08 16:23:31 | 000,122,240 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\Systemdateien_strange.PNG
[2013.03.08 16:20:35 | 000,014,003 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\SnippingTool.exe - Verknüpfung.lnk
[2013.03.08 13:36:37 | 692,116,707 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.03.07 18:43:06 | 000,001,509 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\firefox.exe - Verknüpfung.lnk
[2013.03.07 09:12:04 | 000,000,000 | ---- | C] () -- C:\Users\kard2g\defogger_reenable
[2013.03.06 23:43:44 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.25 22:39:49 | 000,363,754 | ---- | C] () -- C:\Users\kard2g\Documents\Desalination plant.xmind
[2013.01.09 15:46:14 | 000,000,805 | ---- | C] () -- C:\Users\kard2g\AppData\Local\recently-used.xbel
[2012.12.27 19:34:25 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2012.09.20 10:20:34 | 000,756,084 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.09.20 10:20:33 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.09.03 12:52:50 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.09.03 12:52:40 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.09.03 12:52:32 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 11.03.2013 10:02:10 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kard2g\Downloads\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,73 Gb Total Physical Memory | 5,49 Gb Available Physical Memory | 71,08% Memory free
15,46 Gb Paging File | 13,09 Gb Available in Paging File | 84,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 225,43 Gb Total Space | 154,96 Gb Free Space | 68,74% Space Free | Partition Type: NTFS
Drive Q: | 11,97 Gb Total Space | 0,42 Gb Free Space | 3,54% Space Free | Partition Type: NTFS
Computer Name: kard2g-PC | User Name: kard2g | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3652158966-3723022097-2705349980-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15320B06-6DB4-439B-9DBF-D6A9834DAE7E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1F3E4926-DD8B-42B1-8A52-919FAD1CE1F9}" = lport=138 | protocol=17 | dir=in | app=system |
"{2E3A5B77-12F4-4499-903D-EFD5191A8095}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{338C671A-85DA-4B40-93F9-39FB93A34ADC}" = rport=137 | protocol=17 | dir=out | app=system |
"{3F065942-E44F-4DDC-BB0A-A8F370ED9FB4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{481875E5-CF9D-4063-A6EB-F679C2A05205}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4B4F2DAC-BCA4-4059-A10E-4FC859E8EB74}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C953D40-EEB0-4009-A93E-983FA4D1507C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D4F9ED6-EE14-44A6-B601-0DBBB70F845D}" = lport=139 | protocol=6 | dir=in | app=system |
"{657519FF-DDA1-452F-BA2F-E7ED1121B8C3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{673DCDC4-3724-43F0-BFA0-98EBF84FA85D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76C33453-9D42-4E08-A7AD-A91019B19592}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{77F06321-07AC-4226-88B2-07A698C003F6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7FF02ABC-F4DC-4A28-AD8E-75940A0C7841}" = lport=445 | protocol=6 | dir=in | app=system |
"{8B9ED1FB-DFD0-4123-AA52-4A5E09B9B7D1}" = rport=139 | protocol=6 | dir=out | app=system |
"{8D9D326C-FA02-44FC-837A-8DDC49243198}" = rport=10243 | protocol=6 | dir=out | app=system |
"{91490B35-9D67-4405-9B38-1697AB2A370C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{96DAEBC6-0EBF-46D3-B108-2351B321336A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB31F4FC-88DC-4A70-961F-B12B77EF23E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDCF3D60-A7E1-4683-83D7-52EDD6BBF19F}" = rport=445 | protocol=6 | dir=out | app=system |
"{D081980D-8273-4A3F-A6DC-A7C2B6E16DF0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{E61BE5D0-0AF5-43F6-9424-A499BFA8C37A}" = rport=138 | protocol=17 | dir=out | app=system |
"{EB02E0D9-93D0-4AF5-AC54-B2B2D7D984ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{EF5FE835-2086-490F-9F2C-8A840D968191}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B91F46-B627-41BF-A916-8F8CC5CC833A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{0E71A867-506C-4113-9C47-3358F19C9876}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1257E659-B8F1-47AA-A951-DF08980F2AFD}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{168E3BEF-E04E-4466-8CD9-9EF2CB87E7BF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1DBFA70D-2737-409F-9382-30D7C803CC48}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1F835300-F167-4F24-9FBB-7EF7B05835B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20D8ABB4-B6CA-43A5-93E6-45461D1D5176}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2D7DF4E3-F3A2-44BA-9342-A3D08E5BABAC}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{395E8847-52B9-4B35-929A-150182D1F110}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3FBACBFD-ABAB-4DED-A424-1C28BBD61C97}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{45D66AF2-4D11-4946-8DEE-3D28C2FE3ACC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4F91EE19-A2DC-49E9-9138-C4FB5A9E45C5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{52531661-36DA-4622-9777-2A4AD50580BD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{573AEDC9-B362-41AA-A66B-086398FF94DC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A175EC1-0033-414F-9D38-D2714D7C82A8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5C099F10-15C9-4536-B4B8-208D343E895C}" = protocol=6 | dir=out | app=system |
"{674D28AF-B974-4183-8173-47F67C829815}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C2F6765-15DE-451F-8A6D-6D4AF2D9643C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{704464AA-A1BC-45E1-BEE5-C64D2B289BB6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{94EC1AAB-AD75-48D8-B799-570BABF5DF38}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9BE292D6-2BBC-4AFC-81DA-906DA72D313B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AF63D274-FE40-4F83-A5EA-6C0FE373A480}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{B680C102-13EB-4195-AC57-D9177516DC84}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B9EFF577-6DEB-4B1B-BF48-184CE307A951}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C25E6C29-E8EA-4B98-8A8C-0DAC3B0F6BF4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C621C780-1E74-404C-A3B2-E77A0CBEC4F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C8ACE2E3-6663-42B7-8145-A77D7E04A871}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{CC814505-179F-4A60-AA00-0658B231060E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DFB3AE70-5C29-4AF6-A1B5-342ADE49A0BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EC5CABC7-827E-4719-8DE5-22486D0D3D3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FDE5F24D-41A2-4633-92D5-F9F690131430}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0369F866-2CE0-4EB9-B426-88FA122C6E82}" = Lenovo Patch Utility 64 bit
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{36710189-55DF-4D75-8B6A-523CC61B7047}" = Nitro Pro 7
"{3849486C-FF09-4F5D-B491-3E179D58EE15}" = Message Center Plus
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{479016BF-5B8D-445F-BE15-A187F25D81C8}" = ThinkVantage Fingerprint Software
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot Shield
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{728985C5-A04B-457C-9D62-15360F3EAF85}" = Intel(R) WiDi
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013
"{90150000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2013
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BF601122-9F0A-41A9-BA06-3158D9FB4B80}" = Lenovo SimpleTap
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DD00F699-6861-4DCF-A19F-8CF61E5E28ED}" = Lenovo Solution Center
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Intel® PROSet/Wireless WiFi-Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"09839A9B5EDA69DA2DCC34637B5140AAF8A53B44" = Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020)
"64B3C27E4CF7B6AD920184EFFF6C488C55EF2892" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/06/2012 16.1.1.0)
"97EE1802A0385A37DE6323FA39EC76BEB2D73E41" = Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011)
"9B84710FFAE6C50914FCE568B59E426F1386E7F6" = Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1)
"9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8" = Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011)
"D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35" = Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011)
"DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
"E3535F123E7F666D573665142F90D3E5004DC326" = Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20)
"EC2A0F2B229770EC589265FCF2B4839A0C221993" = Windows-Treiberpaket - Intel (e1cexpress) Net (01/11/2012 11.15.16.0)
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MiKTeX 2.9" = MiKTeX 2.9
"OnScreenDisplay" = Anzeige am Bildschirm
"Power Management Driver" = Lenovo Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5C39B297-EB2C-408C-8437-9F9EF31B6192}" = EBSILONProfessional 10.00
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6E6E7725-C7BC-4C39-8B3F-14B67331A120}" = Lenovo Patch Utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0054-0407-0000-0000000FF1CE}" = Microsoft Visio MUI (German) 2013
"{90150000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-00E1-0407-0000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{91150000-0051-0000-0000-0000000FF1CE}" = Microsoft Visio Professional 2013
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78800AF-1779-4AE8-8EBE-16E1BE727C71}" = Integrated Camera Driver Installer Package Ver.1.2.1.16
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Energie-Manager
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"EBSILONProfessional Update 10.01.01_pfu1" = EBSILONProfessional Update 10.01.01
"EBSILONProfessional Update 10.03_pfu1" = EBSILONProfessional Update 10.03
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fastboot" = RapidBoot HDD Accelerator
"Google Chrome" = Google Chrome
"Inkscape" = Inkscape 0.48.4
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Intel AppUp(SM) center 33057" = Intel AppUp(SM) center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office15.VISPROR" = Microsoft Visio Professional 2013
"SugarSync" = SugarSync Manager
"SumatraPDF" = SumatraPDF
"TeXnicCenter_is1" = TeXnicCenter Version 1 Beta 7.01 (Greengrass)
"WinLiveSuite" = Windows Live Essentials
"XMind_is1" = XMind 2012 (v3.3.1)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.03.2013 04:58:10 | Computer Name = kard2g-PC | Source = WinMgmt | ID = 10
Description =
[ Lenovo-Message Center Plus/Admin Events ]
Error - 09.03.2013 13:11:14 | Computer Name = kard2g-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 09.03.2013 13:11:14 | Computer Name = kard2g-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 09.03.2013 13:11:14 | Computer Name = kard2g-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 10.03.2013 17:46:18 | Computer Name = kard2g-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Ein an das System angeschlossenes Gerät funktioniert nicht
-> Exception message: Ein an das System angeschlossenes Gerät funktioniert nicht
Error - 10.03.2013 17:46:19 | Computer Name = kard2g-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angeforderte Name ist gültig, es wurden jedoch keine
Daten des angeforderten Typs gefunden -> Exception message: Der angeforderte Name
ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden
Error - 10.03.2013 17:46:20 | Computer Name = kard2g-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angeforderte Name ist gültig, es wurden jedoch keine
Daten des angeforderten Typs gefunden -> Exception message: Der angeforderte Name
ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden
Error - 10.03.2013 17:46:20 | Computer Name = kard2g-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angeforderte Name ist gültig, es wurden jedoch keine
Daten des angeforderten Typs gefunden -> Exception message: Der angeforderte Name
ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden
[ System Events ]
Error - 11.03.2013 04:58:18 | Computer Name = kard2g-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{F17E90BC-D2C9-4BC8-93B5-4EFF9B7FA132} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 11.03.2013 04:58:18 | Computer Name = kard2g-PC | Source = NetBT | ID = 4321
Description = Der Name "kard2g-PC :20" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.123 registriert werden. Der Computer mit IP-Adresse 192.168.2.130
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 11.03.2013 04:58:18 | Computer Name = kard2g-PC | Source = NetBT | ID = 4321
Description = Der Name "kard2g-PC :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.123 registriert werden. Der Computer mit IP-Adresse 192.168.2.130
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 11.03.2013 04:58:39 | Computer Name = kard2g-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst nvsvc erreicht.
Error - 11.03.2013 05:00:19 | Computer Name = kard2g-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 11.03.2013 05:00:19 | Computer Name = kard2g-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
< End of report >
|
|
11.03.2013, 10:50
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.03.2013, 11:56
| #15 |
| | Windows 7 Taskleiste friert ein nach Start Hallo, Malwarebytes hat nichts gefunden, eset anscheinend auch nicht. Meine Taskleiste ist aber immer noch festgefroren. Hier das Log: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.03.11.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 kard2g :: kard2g-PC [Administrator] Schutz: Aktiviert 11.03.2013 10:54:24 mbam-log-2013-03-11 (10-54-24).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 234173 Laufzeit: 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ff2db5c8caaef54e876cf034ffe4b5aa
# engine=13353
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-11 10:13:06
# local_time=2013-03-11 11:13:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 8736 228420076 1520 0
# compatibility_mode=5893 16776573 100 94 257324 114626636 0 0
# scanned=227710
# found=0
# cleaned=0
# scan_time=786
|
|
| Themen zu Windows 7 Taskleiste friert ein nach Start |
| adobe reader xi, antivir, autorun, avira, bho, desktop, dringend, error, fehler, festplatte, firefox, flash player, install.exe, internet, lenovo, logfile, maximal, mozilla, nvidia update, nvpciflt.sys, office 2007, plug-in, popup, prozess, pwmtr64v.dll, realtek, registry, security, senden, svchost.exe, symantec, usb, windows |
Hybrid-Darstellung
