Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Dateien mit Virus corrupted.exe infiziert (https://www.trojaner-board.de/131310-dateien-virus-corrupted-exe-infiziert.html)

Rike1984 20.02.2013 18:53
Dateien mit Virus corrupted.exe infiziert
 
Hallo an alle,

ich habe immer wieder mehrere Fehlermeldungen bezüglich Antivir, java etc. erhalten und neuerdings friert die start-/taskleiste nach dem systemstart immer ein. Daher habe ich meinen pc im abgesicherten modus mit mwav gescannt und dabei kam folgendes Ergebnis raus:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Header
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
find.bat Version 2008.03.07

Microsoft Windows [Version 6.1.7601]
Bootmodus: Normal

eScan Version: 11.0.86
Sprache: German
C:\Users\Rike\AppData\Local\Temp\MWAV.LOG



~~~~~~~~~~~
Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\CustomMarshalers.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.JScript.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.Transactions.Bridge.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.Transactions.Bridge.Dtc.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.Activities.Compiler.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.Compatibility.Data.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.Compatibility.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualC.Dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.Windows.ApplicationServer.Applications.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationCore.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Aero.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Classic.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Luna.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Royale.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationUI.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\ReachFramework.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\SMDiagnostics.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\sysglobl.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.Core.Presentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.DurableInstancing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.Presentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.configuration.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Configuration.Install.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Device.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.IdentityModel.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.IdentityModel.Selectors.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.IO.Log.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Management.Instrumentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Messaging.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Net.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Numerics.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Printing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.DurableInstancing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.Remoting.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.Serialization.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.Serialization.Formatters.Soap.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Activities.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Channels.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Discovery.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Routing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Speech.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Transactions.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Web.ApplicationServices.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Web.Services.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Windows.Input.Manipulations.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Windows.Presentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Xaml.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Xml.Linq.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationClient.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationClientsideProviders.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationProvider.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationTypes.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\WindowsBase.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\WindowsFormsIntegration.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\Accessibility.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\CustomMarshalers.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\ISymWrapper.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\Microsoft.CSharp.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\Microsoft.JScript.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\mscorlib.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\System.Dynamic.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\System.EnterpriseServices.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\System.EnterpriseServices.Wrapper.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\CustomMarshalers.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.JScript.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.Transactions.Bridge.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.Transactions.Bridge.Dtc.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.Activities.Compiler.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.Compatibility.Data.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.Compatibility.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualBasic.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.VisualC.Dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\Microsoft.Windows.ApplicationServer.Applications.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationCore.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Aero.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Classic.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Luna.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationFramework.Royale.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\PresentationUI.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\ReachFramework.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\SMDiagnostics.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\sysglobl.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.Core.Presentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.DurableInstancing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Activities.Presentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.configuration.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Configuration.Install.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Device.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.IdentityModel.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.IdentityModel.Selectors.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.IO.Log.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Management.Instrumentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Messaging.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Net.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Numerics.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Printing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.DurableInstancing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.Remoting.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.Serialization.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Runtime.Serialization.Formatters.Soap.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Activities.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Channels.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Discovery.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.ServiceModel.Routing.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Speech.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Transactions.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Web.ApplicationServices.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Web.Services.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Windows.Input.Manipulations.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Windows.Presentation.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Xaml.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\System.Xml.Linq.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationClient.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationClientsideProviders.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationProvider.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\UIAutomationTypes.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\WindowsBase.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework\v4.0.30319\GAC34035\WindowsFormsIntegration.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\Accessibility.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\CustomMarshalers.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\ISymWrapper.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\Microsoft.CSharp.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\Microsoft.JScript.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\mscorlib.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\System.Dynamic.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\System.EnterpriseServices.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Windows\Microsoft.NET\Framework64\v4.0.30319\GAC34660\System.EnterpriseServices.Wrapper.dll ist durch den Virus "Exe.Corrupted" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei Q:\AUTORUN.INF ist durch den Virus "Fujack" infiziert! Maßnahme ergriffen: No Action Taken.
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
Offending file found: C:\Users\Rike\AppData\Local\Akamai\Languages\trk.dll
~~~~~~~~~~~
~~~~ Spyware (Vorsicht: Oft Fehlalarm!)
~~~~~~~~~~~
eScan-Antiviren- und Antispyware-Werkzeugsatz.
Antiviren- und Antispywaredatenbanken werden heruntergeladen...
Indexed Spyware Databases Successfully Created...
eScan-Antiviren- und Antispyware-Werkzeugsatz.
Scannen Spyware: Aktiviert
***** Registrierungsdatenbank und Dateisystem werden auf Schnüffelprogramme (Spyware) und werbefinanzierte Software (Adware) geprüft *****
Indexed Spyware Databases Successfully Created...
System found infected with TopMoxie Spyware/Adware (trk.dll)! Action taken: Keine Maßnahme ergriffen.
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
~~~~~~~~~~~
Registry
~~~~~~~~~~~
Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c98e2dd3-573d-11df-8eff-806e6f6e6963} !!!


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Diverses
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~
laufende Prozesse - commandline
~~~~~~~~~~~~~~~~~~~~~~
System Idle Process -
System -
smss.exe - \SystemRoot\System32\smss.exe
csrss.exe - %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe - wininit.exe
csrss.exe - %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe - winlogon.exe
services.exe - C:\Windows\system32\services.exe
lsass.exe - C:\Windows\system32\lsass.exe
lsm.exe - C:\Windows\system32\lsm.exe
svchost.exe - C:\Windows\system32\svchost.exe -k DcomLaunch
svchost.exe - C:\Windows\system32\svchost.exe -k RPCSS
svchost.exe - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
svchost.exe - C:\Windows\system32\svchost.exe -k netsvcs
svchost.exe - C:\Windows\system32\svchost.exe -k LocalService
svchost.exe - C:\Windows\system32\svchost.exe -k NetworkService
svchost.exe - C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
svchost.exe - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
explorer.exe - C:\Windows\Explorer.EXE
ctfmon.exe - ctfmon.exe
AcDeskBandHlpr.exe - "C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe" -Embedding
HelpPane.exe - C:\Windows\helppane.exe -Embedding
mexe.com - "C:\Users\Rike\AppData\Local\Temp\mexe.com"
svchost.exe - C:\Windows\System32\svchost.exe -k secsvcs
firefox.exe - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
plugin-container.exe - "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1884.530d600.1656527399 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 1884 "\\.\pipe\gecko-crash-server-pipe.1884" plugin
FlashPlayerPlugin_11_6_602_168.exe - "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe" --proxy-stub-channel=Flash1932.72C1FFD0.17083 --host-broker-channel=Flash1932.72C1FFD0.10729 --host-pid=1932 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll"
FlashPlayerPlugin_11_6_602_168.exe - "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe" --channel=2000.002CF814.880791709 --proxy-stub-channel=Flash1932.72C1FFD0.17083 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll" --host-npapi-version=27 --type=renderer
cmd.exe - cmd /c ""C:\Users\Rike\Downloads\find.bat" "
conhost.exe - \??\C:\Windows\system32\conhost.exe "-1826105851-1127990695312332100876233483335608641713865400213708048-783093835
cscript.exe - cscript C:\escan\prclst.vbs //nologo
WmiPrvSE.exe - C:\Windows\system32\wbem\wmiprvse.exe
~~~~~~~~~~~~~~~~~~~~~~
Scanfehler
~~~~~~~~~~~~~~~~~~~~~~
C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll (3072), 09-Jan-2013 [H], Microsoft Corporation, Microsoft® Windows® Operating System [Added C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll to ZIP FILE]
~~~~~~~~~~~~~~~~~~~~~~
Hosts-Datei
~~~~~~~~~~~~~~~~~~~~~~
DataBasePath: %SystemRoot%\System32\drivers\etc
Zeilen die nicht dem Standard entsprechen:
C:\Windows\System32\drivers\etc\hosts:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zeit überschritten beim Scannen von !!!
Zeit überschritten beim Scannen von C:\MSOCache\All Users\{90120000-0015-0407-0000-0000000FF1CE}-C\AccLR.cab!!!
Zeit überschritten beim Scannen von C:\MSOCache\All Users\{90120000-006E-0407-0000-0000000FF1CE}-C\OfficeLR.cab!!!
Zeit überschritten beim Scannen von C:\MSOCache\All Users\{91120000-0031-0000-0000-0000000FF1CE}-C\ProHrWW.cab!!!
Zeit überschritten beim Scannen von C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc1EC6.tmp!!!
Zeit überschritten beim Scannen von C:\Program Files (x86)\Common Files\Windows Live\.cache\wlcCB2A.tmp!!!
Zeit überschritten beim Scannen von C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcd\TVTRNRGR.iso!!!
Zeit überschritten beim Scannen von C:\SWTOOLS\APPS\DMFSD\Data1.cab!!!
Zeit überschritten beim Scannen von C:\SWTOOLS\APPS\DMFSD\DDR\Data1.cab!!!
Zeit überschritten beim Scannen von C:\SWTOOLS\APPS\dvdplay\Data1.cab!!!
Zeit überschritten beim Scannen von C:\SWTOOLS\APPS\LTT\Setup.exe!!!
Zeit überschritten beim Scannen von C:\SWTOOLS\DRIVERS\WLANINT_W7\Win7\S32\Install\Intel PROSet Wireless.msi!!!
Zeit überschritten beim Scannen von C:\SWTOOLS\DRIVERS\WLANINT_W7\Win7\S64\Install\Intel PROSet Wireless.msi!!!
Zeit überschritten beim Scannen von C:\SWTOOLS\WindowsLive\wlsetup-all.exe!!!
Zeit überschritten beim Scannen von C:\Users\Rike\Downloads\OOo_3.2.1_Win_x86_install-wJRE_de.exe!!!
Zeit überschritten beim Scannen von C:\Users\Rike\Downloads\OpenOffice.org 3.2 (de) Installation Files\openofficeorg1.cab!!!
Zeit überschritten beim Scannen von C:\Users\Rike\Downloads\This is England.rar!!!
Zeit überschritten beim Scannen von C:\Users\Rike\Downloads\zaSetup_92_058_000_de.exe!!!
Zeit überschritten beim Scannen von C:\Windows\Downloaded Installations\{715535A4-22E1-4C2A-9880-892A935BBC1C}\Rescue and Recovery.msi!!!
Zeit überschritten beim Scannen von C:\Windows\Installer\1af39.msp!!!
Zeit überschritten beim Scannen von C:\Windows\Installer\1f4e4.msi!!!
Zeit überschritten beim Scannen von C:\Windows\Installer\4152b.msi!!!
Zeit überschritten beim Scannen von C:\Windows\Installer\5d4ea4.msp!!!
Zeit überschritten beim Scannen von C:\Windows\Installer\_{CCAFF072-4DDB-4846-963D-15F02A8E9472}\Intel PROSet Wireless.msi!!!
Zeit überschritten beim Scannen von C:\Windows\SoftwareDistribution\Download\dc27c38d9b7eaf96642aee3cb3400730\windows6.1-kb976932-x64.cab!!!
Zahl der gescannten Objekte: 379762
Zahl der kritischen Objekte: 135
Zahl der desinfizierten Objekte: 0
Zahl der umbenannten Objekte: 0
Zahl der gelöschten Objekte: 0
Zeit verstrichen: 02:06:37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan-Optionen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Speicherüberprüfung: Aktiviert
Überprüfung der Registrierungsdatenbank: Aktiviert
Überprüfung des Startordners: Aktiviert
Überprüfung des Systemordners: Aktiviert
Überprüfung der Dienste: Aktiviert
Überprüfung der Laufwerke: Deaktiviert
Überprüfung aller Laufwerke:Aktiviert
Überprüfung der Ordner: Aktiviert

Batchstart: 17:48:28,17
Batchende: 17:48:44,73


Meine Frage ist nun, was zu tun ist? Mit welchem Programm kann ich arbeiten oder sollte ich den PC ganz neu bespielen lassen? Ich bin leider total unerfahren, was PC Reparaturen angeht, deswegen bitte ich um eure Geduld und Hilfe...

Ich danke euch schon mal sehr im Voraus!!!

Rike

markusg 20.02.2013 18:54
Hi
und die Fehlermeldungen sollen wir erraten, oder postest du die? das währe zumindest einfacher :-)

Rike1984 20.02.2013 19:29
Klar, entschuldigung:

- wenn der PC startet will er immer ein Java update machen, was aber schon installiert ist, wenn ich es erlaube
- in regelmässigen Abständen (ich kann leider nicht sagen wann), kommt die Meldung Q:/AUTORUN.INF wurde gestoppt
- Die Start-/Taskleiste ist mittlerweile eingefroren. Vorher war sie nur sehr langsam, mittlerweile reagiert sie kurz nach dem Start nicht mehr
- Der PC ist generell langsam, obwohl er noch nicht alt ist. Vor allem was Neustarten angeht

Ich hoffe, das ist genug information? An mehr kann ich mich leider nicht erinnern, die "mätzchen" waren für mich nicht so störend, auch wenn ich weiss, dass das schon längst ein hinweis auf viren hätte sein können, aber meine scanner haben nie Virus angezeigt.

Danke!

markusg 20.02.2013 19:30
Hi
was ist q: für ein laufwerk, evtl. externe Datenträger angeschlossen? cds im Laufwerk?

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Rike1984 20.02.2013 20:57
Hallo!


Q ist das Laufwerk von Lenovo für Rescue&Recovery...Ich hoffe, dass dir das was sagt.


Also, ich habe die Scans gemacht:

OTL.txt sagt:OTL Logfile:
Code:
OTL logfile created on: 20.02.2013 19:39:57 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Rike\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 60,41% Memory free
7,60 Gb Paging File | 6,06 Gb Available in Paging File | 79,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287,15 Gb Total Space | 171,29 Gb Free Space | 59,65% Space Free | Partition Type: NTFS
Drive Q: | 9,77 Gb Total Space | 2,39 Gb Free Space | 24,51% Space Free | Partition Type: NTFS
 
Computer Name: RIKE-THINK | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.20 19:37:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.10.09 10:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Rike\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.05.20 23:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.20 23:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010.04.20 12:23:32 | 000,074,088 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2010.04.20 12:23:28 | 000,062,312 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRRES.exe
PRC - [2010.04.20 12:23:18 | 000,050,536 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe
PRC - [2010.04.07 13:37:22 | 000,063,928 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2010.04.07 11:02:16 | 000,045,496 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\micmute.exe
PRC - [2010.03.01 10:31:32 | 000,402,792 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
PRC - [2010.03.01 10:29:12 | 000,259,432 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
PRC - [2010.03.01 10:29:10 | 000,124,264 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2010.03.01 10:17:52 | 000,344,064 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2010.02.10 14:40:56 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2009.12.21 17:49:44 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2009.11.24 05:51:20 | 000,176,056 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2009.11.11 09:33:12 | 000,078,272 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\tpnumlkd.exe
PRC - [2009.11.04 05:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.11.04 05:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.08.28 13:09:58 | 001,019,904 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2009.05.27 21:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2008.01.16 08:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010.05.04 14:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.05.27 21:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.11.18 06:04:24 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2009.10.09 11:12:52 | 000,047,656 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV - [2013.02.19 11:42:36 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.11 22:30:59 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.12 22:37:19 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010.12.10 17:36:54 | 000,153,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010.04.20 12:23:32 | 000,074,088 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV - [2010.04.20 12:23:18 | 000,050,536 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV - [2010.04.07 13:37:22 | 000,063,928 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2010.04.07 11:02:16 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.01 10:29:12 | 000,259,432 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2010.03.01 10:29:10 | 000,124,264 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2010.02.17 22:26:38 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.02.10 14:40:56 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.01.05 19:12:00 | 000,075,112 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2009.11.04 05:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.11.04 05:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.09.29 16:25:48 | 000,126,392 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2009.09.21 15:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009.09.21 15:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2009.08.28 13:09:58 | 001,019,904 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.16 08:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.07 14:23:02 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2010.12.07 14:23:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2010.12.07 14:23:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2010.12.07 14:22:58 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2010.11.29 04:23:18 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.04.22 23:17:40 | 000,318,000 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.02.08 13:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.01.15 11:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.01.15 05:23:00 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.15 05:23:00 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.01.15 05:23:00 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.01.07 19:51:38 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.01.06 13:33:14 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.05 19:12:00 | 000,013,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2009.11.30 07:56:00 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 06:04:04 | 000,032,880 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2009.10.09 11:11:38 | 000,136,744 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2009.10.09 11:10:00 | 000,023,592 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2009.09.29 16:25:50 | 000,012,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.09.17 04:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.09.15 11:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.07.02 03:16:02 | 000,040,512 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2009.06.18 09:21:58 | 000,161,024 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.07 06:33:00 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008.05.12 17:04:24 | 000,015,400 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F2F66A0E-E92A-498D-99E1-502DAAD9C27B}
IE:64bit: - HKLM\..\SearchScopes\{F2F66A0E-E92A-498D-99E1-502DAAD9C27B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{464901DD-5A6E-4388-AC76-80A0C192C626}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hiergehtslos.de
IE - HKCU\..\SearchScopes,DefaultScope = {F2F66A0E-E92A-498D-99E1-502DAAD9C27B}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.net/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.02.19 12:02:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.11 22:30:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.11 22:30:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.11 22:30:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.11 22:30:55 | 000,000,000 | ---D | M]
 
[2010.07.08 14:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Extensions
[2012.10.29 20:26:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rike\AppData\Roaming\mozilla\Firefox\Profiles\scz0zwuv.default\extensions
[2013.02.11 22:30:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.11 22:30:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.02.11 22:30:59 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.09 16:17:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Rike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Rike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Rike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Rike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Rike\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Google Mail = C:\Users\Rike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe ()
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Rike\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Rike\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - Startup: C:\Users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ABB155B-3EC1-4570-99D7-C421DB212537}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.06.10 17:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{c98e2dd3-573d-11df-8eff-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c98e2dd3-573d-11df-8eff-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 22:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\PROGRA~2\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE - (McAfee, Inc.)
MsConfig:64bit - StartUpFolder: C:^Users^Rike^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Rike\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig:64bit - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\Rike\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.20 19:38:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL.exe
[2013.02.19 17:48:28 | 000,000,000 | ---D | C] -- C:\escan
[2013.02.19 14:54:31 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2013.02.19 14:54:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2013.02.19 14:54:31 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2013.02.19 14:54:31 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2013.02.19 14:54:31 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2013.02.19 14:54:31 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2013.02.19 14:42:49 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.02.19 14:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2013.02.19 14:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2013.02.19 12:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.02.19 12:03:17 | 000,000,000 | ---D | C] -- C:\Users\Rike\AppData\Local\Google
[2013.02.19 12:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.02.19 12:03:15 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.02.19 12:03:15 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.02.19 12:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.02.19 12:03:14 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.02.19 12:03:12 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.02.19 12:03:11 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.02.19 12:03:08 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.02.19 12:03:07 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.02.19 12:02:07 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.02.19 12:02:06 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2013.02.19 12:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.02.19 12:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.02.12 22:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.12 22:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.11 22:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.20 19:37:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rike\Desktop\OTL.exe
[2013.02.20 19:18:08 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.20 19:18:05 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.20 18:58:02 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.02.20 18:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.20 18:45:33 | 000,000,000 | ---- | M] () -- C:\Users\Rike\defogger_reenable
[2013.02.20 18:42:21 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.20 18:42:21 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.20 18:34:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.20 18:34:21 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.19 18:02:57 | 000,044,606 | ---- | M] () -- C:\Users\Rike\Documents\pinfect.zip
[2013.02.19 14:54:31 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2013.02.19 14:42:48 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2013.02.19 12:04:27 | 000,002,270 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.19 12:03:15 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.02.19 12:03:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.02.18 23:10:43 | 000,143,535 | ---- | M] () -- C:\Users\Rike\Desktop\CS_Job_23281.pdf
[2013.02.18 23:10:04 | 000,123,527 | ---- | M] () -- C:\Users\Rike\Desktop\CS_Job_23379.pdf
[2013.02.18 23:09:39 | 000,218,667 | ---- | M] () -- C:\Users\Rike\Desktop\CS_Job_23409.pdf
[2013.02.18 23:09:10 | 000,126,818 | ---- | M] () -- C:\Users\Rike\Desktop\CS_Job_23503.pdf
[2013.02.18 23:08:44 | 000,178,718 | ---- | M] () -- C:\Users\Rike\Desktop\CS_Job_23515.pdf
[2013.02.18 23:08:32 | 000,112,853 | ---- | M] () -- C:\Users\Rike\Desktop\CS_Job_23408.pdf
[2013.02.18 21:31:22 | 001,688,406 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.18 21:31:22 | 000,726,182 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.18 21:31:22 | 000,675,674 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.18 21:31:22 | 000,161,672 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.18 21:31:22 | 000,130,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.14 20:10:21 | 000,462,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.12 22:52:29 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.12 16:38:30 | 000,001,028 | ---- | M] () -- C:\Users\Rike\Desktop\Dropbox.lnk
[2013.02.10 20:21:46 | 000,008,229 | ---- | M] () -- C:\Users\Rike\Desktop\Namensschild.odt
[2013.01.27 13:48:52 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013.01.27 00:34:01 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.20 18:45:33 | 000,000,000 | ---- | C] () -- C:\Users\Rike\defogger_reenable
[2013.02.20 18:33:25 | 000,001,250 | ---- | C] () -- C:\Users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2013.02.19 18:02:57 | 000,044,606 | ---- | C] () -- C:\Users\Rike\Documents\pinfect.zip
[2013.02.19 14:43:08 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2013.02.19 12:04:27 | 000,002,270 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.19 12:03:23 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.19 12:03:21 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.19 12:03:15 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.02.19 12:03:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.02.18 23:10:43 | 000,143,535 | ---- | C] () -- C:\Users\Rike\Desktop\CS_Job_23281.pdf
[2013.02.18 23:10:04 | 000,123,527 | ---- | C] () -- C:\Users\Rike\Desktop\CS_Job_23379.pdf
[2013.02.18 23:09:39 | 000,218,667 | ---- | C] () -- C:\Users\Rike\Desktop\CS_Job_23409.pdf
[2013.02.18 23:09:10 | 000,126,818 | ---- | C] () -- C:\Users\Rike\Desktop\CS_Job_23503.pdf
[2013.02.18 23:08:44 | 000,178,718 | ---- | C] () -- C:\Users\Rike\Desktop\CS_Job_23515.pdf
[2013.02.18 23:08:32 | 000,112,853 | ---- | C] () -- C:\Users\Rike\Desktop\CS_Job_23408.pdf
[2013.02.05 13:22:38 | 000,008,229 | ---- | C] () -- C:\Users\Rike\Desktop\Namensschild.odt
[2013.01.26 23:04:12 | 000,000,528 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2011.12.04 17:57:02 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011.12.04 17:57:02 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.05.20 14:34:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\AIMP3
[2010.07.26 15:43:52 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Ashampoo
[2010.07.19 16:52:42 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\CheckPoint
[2013.02.20 18:29:30 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Dropbox
[2011.02.14 21:46:40 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\FILEminimizerPictures
[2011.01.16 20:18:20 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\GetRightToGo
[2010.07.08 22:34:16 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\InterVideo
[2010.07.08 13:52:39 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Lenovo
[2010.08.02 11:48:28 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\OpenOffice.org
[2011.05.15 16:23:59 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\PCDr
[2013.02.20 18:41:47 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Spotify
[2010.11.28 21:13:22 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Ulead Systems
[2011.05.14 02:02:19 | 000,000,000 | ---D | M] -- C:\Users\Rike\AppData\Roaming\Update
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.10.15 18:45:10 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.08.11 18:28:27 | 000,000,000 | ---D | M] -- C:\2c8ec550e9e8c492087ac1c4d3
[2011.02.09 23:40:08 | 000,000,000 | ---D | M] -- C:\48a9726ced1f2cfdba
[2009.07.24 18:28:56 | 000,000,000 | -HSD | M] -- C:\Boot
[2013.02.20 19:18:03 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.07.08 13:28:35 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.01.26 16:59:35 | 000,000,000 | ---D | M] -- C:\e9fc007fb019ec9b0efe
[2013.02.19 17:48:44 | 000,000,000 | ---D | M] -- C:\escan
[2010.05.04 06:43:50 | 000,000,000 | ---D | M] -- C:\Intel
[2010.08.12 12:13:27 | 000,000,000 | ---D | M] -- C:\kingston
[2010.05.04 16:02:24 | 000,000,000 | ---D | M] -- C:\mfg
[2010.05.04 07:24:55 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.08.11 19:37:31 | 000,000,000 | ---D | M] -- C:\Neuer Ordner
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.02.19 12:01:49 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.02.20 19:13:35 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.02.19 14:42:42 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.07.08 13:28:36 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.07.08 13:28:41 | 000,000,000 | RHSD | M] -- C:\RRbackups
[2012.04.20 10:06:34 | 000,000,000 | ---D | M] -- C:\swshare
[2010.07.08 13:51:04 | 000,000,000 | ---D | M] -- C:\SWTOOLS
[2013.02.20 19:42:00 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.10.15 18:44:40 | 000,000,000 | R--D | M] -- C:\Users
[2013.02.19 14:54:31 | 000,000,000 | ---D | M] -- C:\Windows
[2012.04.20 10:11:30 | 000,000,000 | ---D | M] -- C:\_SMA
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.05.14 02:13:18 | 000,000,466 | ---- | C] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[2011.05.14 02:13:20 | 000,000,528 | ---- | C] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.04.20 09:54:23 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.26 23:04:12 | 000,000,528 | ---- | C] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2013.02.19 12:03:21 | 000,001,102 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.02.19 12:03:23 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2010.05.04 16:20:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.05.04 16:20:48 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010.05.04 16:22:11 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.05.04 16:22:11 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.05.04 16:22:11 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.05.04 16:20:48 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.05.04 16:22:11 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010.05.04 16:20:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2010.01.15 11:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.01.15 11:22:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=85977CD13FC16069CE0AF7943A811775 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_5d42c6448888c5bd\iaStor.sys
[2009.11.20 06:59:26 | 000,432,664 | ---- | M] (Intel Corporation) MD5=EDF5ECC965FAAA533D35E02F47B9132E -- C:\SWTOOLS\DRIVERS\IMSM\WIN32\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.05.04 16:23:32 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=9ED521C0B287D4A396E1456B3D1556C9 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16440_none_cbde32e1ee86914c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[2010.05.04 16:23:32 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=FEFF314FF78051201309E47D90554BE8 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20548_none_cc6fd1fd079cfbce\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.02.20 18:45:33 | 000,000,000 | ---- | M] () -- C:\Users\Rike\defogger_reenable
[2013.02.20 19:46:52 | 002,359,296 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT
[2013.02.20 19:46:52 | 000,505,344 | -HS- | M] () -- C:\Users\Rike\ntuser.dat.LOG1
[2010.07.08 13:28:45 | 000,000,000 | -HS- | M] () -- C:\Users\Rike\ntuser.dat.LOG2
[2010.07.08 13:53:52 | 000,065,536 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.08 13:53:51 | 000,524,288 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.08 13:53:52 | 000,524,288 | -HS- | M] () -- C:\Users\Rike\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.08 13:28:45 | 000,000,020 | -HS- | M] () -- C:\Users\Rike\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<          >

< End of report >
--- --- ---



Extra.txt sagt:OTL Logfile:
Code:
OTL Extras logfile created on: 20.02.2013 19:39:57 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Rike\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 60,41% Memory free
7,60 Gb Paging File | 6,06 Gb Available in Paging File | 79,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287,15 Gb Total Space | 171,29 Gb Free Space | 59,65% Space Free | Partition Type: NTFS
Drive Q: | 9,77 Gb Total Space | 2,39 Gb Free Space | 24,51% Space Free | Partition Type: NTFS
 
Computer Name: RIKE-THINK | User Name: Rike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E4C54CA-82C7-4694-8078-87B3D024CDC5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{28AEFA8B-BAD9-49C2-A189-08096CE7E804}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2D1A367B-3E9A-4CE1-83A4-123D52D0AC01}" = lport=2869 | protocol=6 | dir=in | app=system |
"{41971A5E-2993-4C44-84A3-FFFCAB60F89C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42F56447-5750-4C7A-BF17-3ECC7B47CADC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EB78F05-7162-449F-B579-B6A01EB1A014}" = lport=445 | protocol=6 | dir=in | app=system |
"{52744C46-74C6-49BC-BEA8-323629778FDA}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B755DEA-1E18-4779-BA26-DF3A70125893}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{70C37E61-D2B7-4B83-9219-381F57954C81}" = lport=139 | protocol=6 | dir=in | app=system |
"{84226D0B-7BA0-4A90-930C-88BF9BD9B29A}" = lport=138 | protocol=17 | dir=in | app=system |
"{8B824BFB-397C-4536-9253-90E20C3B0372}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8D4D34FC-F6F4-4832-8C66-03750CDC9F13}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A1E9457A-F1C1-4D60-9208-45FD031A367C}" = lport=137 | protocol=17 | dir=in | app=system |
"{A3A64528-FDD2-456B-8A11-70A3F330434F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9C77412-763E-4BF6-A3A8-786D247C91C2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4E5B185-210C-46EE-B912-1762A1B4DA4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B67D4E85-2974-41D0-B6E5-C3C62B17EF47}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C0067322-1FC0-48B0-8AEF-C8351B29CF44}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C03DA2B5-7E29-464E-A009-524A8D6DB735}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA580F65-C982-4A4A-8C6B-6F89BD9C4656}" = rport=137 | protocol=17 | dir=out | app=system |
"{CDFBCBD8-FBB6-4785-8EB6-581928B20BDE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D0713AC2-93C7-4F55-A6CD-4D9E006C9F48}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DA76CE53-9388-4F88-AE4E-D0C7968F6974}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EC049E20-5981-4C50-9DE3-C31496038E1F}" = rport=138 | protocol=17 | dir=out | app=system |
"{F0EE3DC8-B91E-4E48-951E-349521AB0282}" = rport=139 | protocol=6 | dir=out | app=system |
"{F46F96B2-9C41-406F-96B0-C617D0B223FE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BA440D6-3D32-48CF-ABC0-10BB94A9D724}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DEE4E0D-AF82-47AD-AA30-A02B3712C5D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1426DA60-764B-4BD6-8879-96B5E68270F2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{161BDC63-27AC-4C23-AE77-60C923586AC4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1E56B04C-7A44-4E2A-986D-7BA4D5A4595E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DD7C823-BD11-479C-9ABE-37DAB8E0258D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{325EA681-E061-45A8-A7F6-7D8565775FB4}" = protocol=17 | dir=in | app=c:\users\rike\appdata\roaming\dropbox\bin\dropbox.exe |
"{33429284-9F13-463F-AA58-143AF6DF56E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{39B963E8-A3D6-4D76-9BFD-DA339B478B38}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{3AF9C1A7-A126-4DD8-A80C-21D7E8CAAB71}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4181E866-C0EC-4649-98BB-1AC834EE3C09}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{45715BA7-8935-4094-9E21-65D6F0DA4A81}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{487481B7-0BB1-4C65-9379-CC593D996763}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{6E513F9C-27B3-4993-B2C6-2FE2D392AD6F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{72166839-F0E8-499B-B243-2F2B10AA1712}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7874634B-512A-4C97-8E9F-AF23849C3D1D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7EBDA746-C7EA-4FEB-8D72-6FA14D253757}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8654FF8E-0960-4969-94C8-15885B3FF003}" = protocol=6 | dir=in | app=c:\users\rike\appdata\roaming\dropbox\bin\dropbox.exe |
"{8B6AD8F2-1E06-4691-AEA9-E32E2D5ED093}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8CAF365B-990D-4016-8BEA-1F101CCF62AB}" = protocol=6 | dir=in | app=c:\users\rike\appdata\local\akamai\netsession_win.exe |
"{8D6AFF69-7164-4C96-8F19-9735EFF52CF8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{925CDAB5-CB74-4632-BC2E-DE12AE653304}" = protocol=6 | dir=out | app=system |
"{98209E18-6208-4A82-9688-A8D843E32C5E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A62679D3-D2FB-4024-B081-226EA5A9C64F}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{A6D741E7-B0C6-4555-8309-15577177339B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AC1D8B1E-16AB-41BA-9C59-B5D171CD7D59}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AC1F2979-5107-4F0E-86CE-B964D83F107E}" = protocol=17 | dir=in | app=c:\users\rike\appdata\local\akamai\netsession_win.exe |
"{B766138A-DF38-4E9F-A0F4-2CE4D698253A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C94D5E60-F010-479C-8881-25348B26F8CA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DDF009CE-468F-4177-855B-21C206D4ECC4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E77604C3-9037-456D-9E92-097E68D16542}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{250393F1-D73F-4046-80B4-60B5877B8477}C:\users\rike\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\rike\appdata\local\akamai\netsession_win.exe |
"TCP Query User{28218E29-BE51-4DE4-9C75-47E3BAED2589}C:\users\rike\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\rike\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{73FBBD5F-FF58-4D77-82F9-3EB2536E769A}C:\users\rike\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\rike\appdata\roaming\spotify\spotify.exe |
"TCP Query User{BE3DA6AE-4079-4F09-B3FB-26B3EB126107}C:\users\rike\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\rike\appdata\roaming\spotify\spotify.exe |
"UDP Query User{13231778-0BB4-44BA-94DA-F1D43A78C26D}C:\users\rike\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\rike\appdata\roaming\spotify\spotify.exe |
"UDP Query User{4B34AABC-D1DE-411E-883E-699E458609E0}C:\users\rike\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\rike\appdata\local\akamai\netsession_win.exe |
"UDP Query User{5C3EDE0C-41B3-49CA-B3B1-D1AF58B65B77}C:\users\rike\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\rike\appdata\roaming\spotify\spotify.exe |
"UDP Query User{C838A4AF-091C-4538-9EB5-AD3F6BACAC36}C:\users\rike\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\rike\appdata\roaming\dropbox\bin\dropbox.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}" = Microsoft SQL Server VSS Writer
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{3FD730D4-755F-439B-8082-B55E00924A44}" = Client Security - Password Manager
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C263ED32-78DB-40EB-8B12-2925C8213E28}" = HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"114EB224AD576F278686036AA9E1EFB7847E3935" = Windows-Treiberpaket - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4)
"1AE98C75AE2DD1284F66876FA76F46BFDF6B9D31" = Windows-Treiberpaket - Intel hdc  (06/04/2009 7.0.0.1013)
"3512AA88B7C41B232F5FF5219DFEEDB41AFC3AEA" = Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (12/10/2009 6.0.1.6000)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"573C3C32A1DB5625CA00E633E584E8A0E6383672" = Windows-Treiberpaket - Intel System  (10/28/2009 9.1.1.1022)
"7341A1B43E7FE58942EB1E820A17C18305DFBCE6" = Windows Driver Package - Broadcom Bluetooth  (01/19/2010 6.2.0.1417)
"85CE3A3657FAE5FD305B143E90E6FC89BA53001C" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (02/25/2010 6.2.0.9419)
"A7B0B8D913E4DC2FA0B31E392E1512A901CA66B9" = Windows-Treiberpaket - Intel USB  (08/20/2009 9.1.1.1020)
"D94DFF1289C7A7BEBA126E4CDADE0E85B99E60F1" = Windows-Treiberpaket - Intel System  (10/28/2009 9.1.1.1022)
"E7B58217635B8F723D4744A328A4B3237DB35FA9" = Windows-Treiberpaket - Intel System  (06/04/2009 1.0.0.0002)
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"W7DevOR" =  Registry Patch to arrange icons in Device and Printers folder of Windows 7
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8DA253-3C27-4B01-A63A-BA3533120833}" = Microsoft Research AutoCollage Touch 2009
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D289CAC-AD9F-45d9-9D36-524EB7B6C958}" = Lenovo Hard Drive Quick Test
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Hilfe
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}" = Integrated Camera TWAIN
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{B383F243-0ABC-4E56-AA30-923B8D85076E}" = Rescue and Recovery
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3CD17B4-08B0-492D-8A4C-81716D33E520}" = Integrated Camera Driver Installer Package Ver.1.0.1.2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C64A877E-DF8D-4017-AA82-000A77C6D809}" = Verizon Wireless Mobile Broadband Self Activation
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{D81486A1-2371-4059-AC70-1AB894AC96E6}" = AT&T Service Activation
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BD11FE-8C8E-4FB8-826E-D3FDBF1CF037}" = Mobile Broadband Connect
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP3" = AIMP3
"Akamai" = Akamai NetSession Interface Service
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"FILEminimizer Pictures_is1" = FILEminimizer Pictures
"Google Chrome" = Google Chrome
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Lenovo Welcome_is1" = Lenovo Welcome
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"VLC media player" = VLC media player 1.1.8
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03.11.2011 14:46:42 | Computer Name = Rike-THINK | Source = PC-Doctor | ID = 1
Description = (4136) Asapi: (19:46:42:6150)(4136) DEFECT.LOCALIZATION - Error --
 Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale:
language = de, customer = lenovo, variant = ltt
 
Error - 03.11.2011 14:46:42 | Computer Name = Rike-THINK | Source = PC-Doctor | ID = 1
Description = (4136) Asapi: (19:46:42:6160)(4136) DEFECT.LOCALIZATION - Error --
 Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale:
 language = en, customer = lenovo, variant = ltt
 
Error - 03.11.2011 14:46:42 | Computer Name = Rike-THINK | Source = PC-Doctor | ID = 1
Description = (4136) Asapi: (19:46:42:6160)(4136) DEFECT.LOCALIZATION - Error --
 Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale:
 language = de, customer = lenovo, variant = ltt
 
Error - 03.11.2011 15:49:20 | Computer Name = Rike-THINK | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 03.11.2011 15:49:40 | Computer Name = Rike-THINK | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Lenovo\Access Connections\AcCryptHlpr.dll". Fehler in Manifest- oder Richtliniendatei
 "C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll" in Zeile 0.  Ungültige
 XML-Syntax.
 
Error - 03.11.2011 15:51:54 | Computer Name = Rike-THINK | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 04.11.2011 18:32:30 | Computer Name = Rike-THINK | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Die Daten sind unzulässig.  .
 
Error - 04.11.2011 18:34:56 | Computer Name = Rike-THINK | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Die Daten sind unzulässig.  .
 
Error - 04.11.2011 18:34:57 | Computer Name = Rike-THINK | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Die Daten sind unzulässig.  .
 
Error - 04.11.2011 18:39:15 | Computer Name = Rike-THINK | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Die Daten sind unzulässig.  .
 
[ Lenovo-Message Center Plus/Admin Events ]
Error - 08.07.2010 09:24:32 | Computer Name = Rike-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 4
Description = The file C:\ProgramData\Lenovo\MessageCenterPlus\ServerRepository\temp\SeedDB.cab
 does not have a Lenovo Digital Signature. The file will be deleted
 
Error - 08.07.2010 09:24:32 | Computer Name = Rike-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 4
Description = The Msg SeedDB could not be decompressed
 
Error - 18.07.2012 16:33:56 | Computer Name = Rike-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt. ->
 Exception message: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
 
[ OSession Events ]
Error - 29.05.2012 16:50:26 | Computer Name = Rike-THINK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 19.02.2013 12:50:21 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:52:19 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:52:19 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:52:19 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:56:51 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:56:51 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:56:51 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:58:51 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:58:51 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 19.02.2013 12:58:51 | Computer Name = Rike-THINK | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
 
< End of report >
--- --- ---


Danke!

markusg 20.02.2013 21:02
Hi,
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found

:files
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

Rike1984 20.02.2013 22:12
Hi,

ebenso getan!

OTL sagt:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PWMTRV deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Friederike
->Temp folder emptied: 290745 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Public

User: Rike
->Temp folder emptied: 693639648 bytes
->Temporary Internet Files folder emptied: 149870104 bytes
->Java cache emptied: 1114744 bytes
->FireFox cache emptied: 69753654 bytes
->Google Chrome cache emptied: 13541719 bytes
->Flash cache emptied: 540 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 485917774 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 102427 bytes
RecycleBin emptied: 856855273 bytes

Total Files Cleaned = 2.166,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02202013_220256

Files\Folders moved on Reboot...
C:\Users\Rike\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

markusg 20.02.2013 22:16
Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Rike1984 20.02.2013 23:02
Hi,

irgendwie habe ich grad Probleme auf den Thread zu antworten. Das ist jetzt eine Testnachricht.

Hi, die Logdatei ist zu lang, kann ich sie in zwei teilen posten?

markusg 21.02.2013 15:39
klar kannst du :-)
oder anhängen.

Rike1984 21.02.2013 18:48
Ok, dann poste ich den Report getrennt (anhängen geht leider auch nicht, die Datei ist zu gross...)

Schon mal ein Riesendanke für deine Hilfe!


Report:

22:19:36.0756 5924 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:19:38.0758 5924 ============================================================
22:19:38.0758 5924 Current date / time: 2013/02/20 22:19:38.0758
22:19:38.0758 5924 SystemInfo:
22:19:38.0758 5924
22:19:38.0758 5924 OS Version: 6.1.7601 ServicePack: 1.0
22:19:38.0758 5924 Product type: Workstation
22:19:38.0759 5924 ComputerName: RIKE-THINK
22:19:38.0759 5924 UserName: Rike
22:19:38.0759 5924 Windows directory: C:\Windows
22:19:38.0759 5924 System windows directory: C:\Windows
22:19:38.0759 5924 Running under WOW64
22:19:38.0759 5924 Processor architecture: Intel x64
22:19:38.0759 5924 Number of processors: 4
22:19:38.0759 5924 Page size: 0x1000
22:19:38.0759 5924 Boot type: Normal boot
22:19:38.0759 5924 ============================================================
22:19:40.0403 5924 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:19:40.0428 5924 ============================================================
22:19:40.0428 5924 \Device\Harddisk0\DR0:
22:19:40.0439 5924 MBR partitions:
22:19:40.0439 5924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
22:19:40.0439 5924 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x23E4D7F8
22:19:40.0439 5924 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
22:19:40.0439 5924 ============================================================
22:19:40.0482 5924 C: <-> \Device\Harddisk0\DR0\Partition2
22:19:40.0584 5924 Q: <-> \Device\Harddisk0\DR0\Partition3
22:19:40.0584 5924 ============================================================
22:19:40.0584 5924 Initialize success
22:19:40.0584 5924 ============================================================
22:19:44.0183 0408 ============================================================
22:19:44.0183 0408 Scan started
22:19:44.0183 0408 Mode: Manual;
22:19:44.0183 0408 ============================================================
22:19:45.0328 0408 ================ Scan system memory ========================
22:19:45.0328 0408 System memory - ok
22:19:45.0329 0408 ================ Scan services =============================
22:19:45.0925 0408 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:19:45.0939 0408 1394ohci - ok
22:19:46.0017 0408 [ 7D497701BDA1267AD5F86350925D2F10 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
22:19:46.0023 0408 5U877 - ok
22:19:46.0129 0408 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:19:46.0151 0408 ACPI - ok
22:19:46.0229 0408 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:19:46.0230 0408 AcpiPmi - ok
22:19:46.0377 0408 [ CF2D68C16C7BE8D037DDD1BFA6E9C965 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
22:19:46.0387 0408 AcPrfMgrSvc - ok
22:19:46.0452 0408 [ B5060FE4AA0A074779C7B11AE7DB9D48 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
22:19:46.0454 0408 AcSvc - ok
22:19:46.0611 0408 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:19:46.0612 0408 AdobeARMservice - ok
22:19:47.0411 0408 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:19:47.0414 0408 AdobeFlashPlayerUpdateSvc - ok
22:19:47.0529 0408 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:19:47.0542 0408 adp94xx - ok
22:19:47.0635 0408 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:19:47.0648 0408 adpahci - ok
22:19:47.0717 0408 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:19:47.0720 0408 adpu320 - ok
22:19:47.0775 0408 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:19:47.0776 0408 AeLookupSvc - ok
22:19:47.0830 0408 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:19:47.0835 0408 AFD - ok
22:19:47.0875 0408 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:19:47.0876 0408 agp440 - ok
22:19:48.0146 0408 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
22:19:48.0147 0408 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
22:19:48.0154 0408 Akamai ( HiddenFile.Multi.Generic ) - warning
22:19:48.0154 0408 Akamai - detected HiddenFile.Multi.Generic (1)
22:19:48.0195 0408 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:19:48.0197 0408 ALG - ok
22:19:48.0264 0408 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:19:48.0274 0408 aliide - ok
22:19:48.0298 0408 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:19:48.0299 0408 amdide - ok
22:19:48.0337 0408 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:19:48.0338 0408 AmdK8 - ok
22:19:48.0343 0408 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:19:48.0344 0408 AmdPPM - ok
22:19:48.0374 0408 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:19:48.0376 0408 amdsata - ok
22:19:48.0389 0408 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:19:48.0392 0408 amdsbs - ok
22:19:48.0416 0408 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:19:48.0416 0408 amdxata - ok
22:19:48.0435 0408 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
22:19:48.0436 0408 Andbus - ok
22:19:48.0457 0408 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
22:19:48.0459 0408 AndDiag - ok
22:19:48.0483 0408 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
22:19:48.0485 0408 AndGps - ok
22:19:48.0508 0408 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
22:19:48.0510 0408 ANDModem - ok
22:19:48.0571 0408 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:19:48.0573 0408 AppID - ok
22:19:48.0591 0408 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:19:48.0592 0408 AppIDSvc - ok
22:19:48.0635 0408 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:19:48.0642 0408 Appinfo - ok
22:19:48.0672 0408 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:19:48.0674 0408 arc - ok
22:19:48.0683 0408 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:19:48.0685 0408 arcsas - ok
22:19:48.0732 0408 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:19:48.0733 0408 aswFsBlk - ok
22:19:48.0802 0408 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:19:48.0803 0408 aswMonFlt - ok
22:19:48.0845 0408 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:19:48.0846 0408 aswRdr - ok
22:19:48.0931 0408 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:19:48.0937 0408 aswSnx - ok
22:19:48.0986 0408 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:19:48.0989 0408 aswSP - ok
22:19:49.0034 0408 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:19:49.0035 0408 aswTdi - ok
22:19:49.0053 0408 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:19:49.0054 0408 AsyncMac - ok
22:19:49.0098 0408 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:19:49.0099 0408 atapi - ok
22:19:49.0171 0408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:19:49.0182 0408 AudioEndpointBuilder - ok
22:19:49.0193 0408 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:19:49.0198 0408 AudioSrv - ok
22:19:49.0322 0408 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:19:49.0323 0408 avast! Antivirus - ok
22:19:49.0372 0408 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:19:49.0374 0408 AxInstSV - ok
22:19:49.0417 0408 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:19:49.0423 0408 b06bdrv - ok
22:19:49.0458 0408 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:19:49.0462 0408 b57nd60a - ok
22:19:49.0572 0408 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:19:49.0574 0408 BBSvc - ok
22:19:49.0627 0408 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:19:49.0629 0408 BBUpdate - ok
22:19:49.0679 0408 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
22:19:49.0681 0408 BcmSqlStartupSvc - ok
22:19:49.0725 0408 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:19:49.0727 0408 BDESVC - ok
22:19:49.0754 0408 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:19:49.0757 0408 Beep - ok
22:19:49.0830 0408 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:19:49.0837 0408 BFE - ok
22:19:49.0867 0408 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:19:49.0878 0408 BITS - ok
22:19:49.0913 0408 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:19:49.0914 0408 blbdrive - ok
22:19:49.0939 0408 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:19:49.0940 0408 bowser - ok
22:19:49.0967 0408 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:19:49.0969 0408 BrFiltLo - ok
22:19:49.0994 0408 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:19:49.0996 0408 BrFiltUp - ok
22:19:50.0038 0408 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:19:50.0040 0408 Browser - ok
22:19:50.0081 0408 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:19:50.0085 0408 Brserid - ok
22:19:50.0108 0408 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:19:50.0109 0408 BrSerWdm - ok
22:19:50.0139 0408 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:19:50.0140 0408 BrUsbMdm - ok
22:19:50.0145 0408 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:19:50.0146 0408 BrUsbSer - ok
22:19:50.0199 0408 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:19:50.0201 0408 BthEnum - ok
22:19:50.0218 0408 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:19:50.0220 0408 BTHMODEM - ok
22:19:50.0239 0408 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:19:50.0241 0408 BthPan - ok
22:19:50.0278 0408 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:19:50.0284 0408 BTHPORT - ok
22:19:50.0315 0408 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:19:50.0317 0408 bthserv - ok
22:19:50.0368 0408 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:19:50.0370 0408 BTHUSB - ok
22:19:50.0418 0408 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
22:19:50.0420 0408 btusbflt - ok
22:19:50.0447 0408 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:19:50.0449 0408 btwaudio - ok
22:19:50.0455 0408 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:19:50.0458 0408 btwavdt - ok
22:19:50.0518 0408 [ 1BA00F5A3012365CB5B1A5DBABC1943C ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
22:19:50.0523 0408 btwdins - ok
22:19:50.0553 0408 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:19:50.0554 0408 btwl2cap - ok
22:19:50.0586 0408 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:19:50.0587 0408 btwrchid - ok
22:19:50.0622 0408 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:19:50.0624 0408 cdfs - ok
22:19:50.0677 0408 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:19:50.0679 0408 cdrom - ok
22:19:50.0731 0408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:19:50.0733 0408 CertPropSvc - ok
22:19:50.0757 0408 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:19:50.0758 0408 circlass - ok
22:19:50.0788 0408 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:19:50.0792 0408 CLFS - ok
22:19:50.0848 0408 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:19:50.0850 0408 clr_optimization_v2.0.50727_32 - ok
22:19:50.0903 0408 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:19:50.0905 0408 clr_optimization_v2.0.50727_64 - ok
22:19:51.0023 0408 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:19:51.0026 0408 clr_optimization_v4.0.30319_32 - ok
22:19:51.0064 0408 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:19:51.0066 0408 clr_optimization_v4.0.30319_64 - ok
22:19:51.0096 0408 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:19:51.0097 0408 CmBatt - ok
22:19:51.0112 0408 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:19:51.0113 0408 cmdide - ok
22:19:51.0182 0408 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:19:51.0186 0408 CNG - ok
22:19:51.0222 0408 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:19:51.0223 0408 Compbatt - ok
22:19:51.0260 0408 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:19:51.0261 0408 CompositeBus - ok
22:19:51.0277 0408 COMSysApp - ok
22:19:51.0312 0408 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:19:51.0314 0408 crcdisk - ok
22:19:51.0369 0408 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:19:51.0371 0408 CryptSvc - ok
22:19:51.0434 0408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:19:51.0441 0408 DcomLaunch - ok
22:19:51.0482 0408 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:19:51.0487 0408 defragsvc - ok
22:19:51.0554 0408 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:19:51.0556 0408 DfsC - ok
22:19:51.0613 0408 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:19:51.0617 0408 Dhcp - ok
22:19:51.0671 0408 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:19:51.0672 0408 discache - ok
22:19:51.0691 0408 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:19:51.0693 0408 Disk - ok
22:19:51.0726 0408 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:19:51.0729 0408 Dnscache - ok
22:19:51.0787 0408 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:19:51.0791 0408 dot3svc - ok
22:19:51.0842 0408 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:19:51.0845 0408 DPS - ok
22:19:51.0875 0408 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:19:51.0876 0408 drmkaud - ok
22:19:51.0937 0408 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:19:51.0942 0408 DXGKrnl - ok
22:19:51.0970 0408 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:19:51.0973 0408 EapHost - ok
22:19:52.0057 0408 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:19:52.0126 0408 ebdrv - ok
22:19:52.0150 0408 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:19:52.0153 0408 EFS - ok
22:19:52.0213 0408 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:19:52.0221 0408 ehRecvr - ok
22:19:52.0262 0408 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:19:52.0264 0408 ehSched - ok
22:19:52.0306 0408 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:19:52.0311 0408 elxstor - ok
22:19:52.0349 0408 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:19:52.0350 0408 ErrDev - ok
22:19:52.0414 0408 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:19:52.0419 0408 EventSystem - ok
22:19:52.0508 0408 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:19:52.0522 0408 EvtEng - ok
22:19:52.0548 0408 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:19:52.0551 0408 exfat - ok
22:19:52.0583 0408 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:19:52.0586 0408 fastfat - ok
22:19:52.0649 0408 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:19:52.0658 0408 Fax - ok
22:19:52.0681 0408 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:19:52.0682 0408 fdc - ok
22:19:52.0706 0408 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:19:52.0709 0408 fdPHost - ok
22:19:52.0750 0408 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:19:52.0753 0408 FDResPub - ok
22:19:52.0782 0408 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:19:52.0783 0408 FileInfo - ok
22:19:52.0787 0408 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:19:52.0789 0408 Filetrace - ok
22:19:52.0808 0408 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:19:52.0809 0408 flpydisk - ok
22:19:52.0858 0408 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:19:52.0861 0408 FltMgr - ok
22:19:52.0917 0408 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:19:52.0929 0408 FontCache - ok
22:19:53.0037 0408 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:19:53.0038 0408 FontCache3.0.0.0 - ok
22:19:53.0066 0408 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:19:53.0068 0408 FsDepends - ok
22:19:53.0094 0408 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:19:53.0095 0408 Fs_Rec - ok
22:19:53.0141 0408 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:19:53.0143 0408 fvevol - ok
22:19:53.0190 0408 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:19:53.0191 0408 gagp30kx - ok
22:19:53.0247 0408 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:19:53.0256 0408 gpsvc - ok
22:19:53.0318 0408 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:19:53.0320 0408 gupdate - ok
22:19:53.0334 0408 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:19:53.0335 0408 gupdatem - ok
22:19:53.0388 0408 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:19:53.0389 0408 hcw85cir - ok
22:19:53.0456 0408 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:19:53.0460 0408 HdAudAddService - ok
22:19:53.0510 0408 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:19:53.0512 0408 HDAudBus - ok
22:19:53.0568 0408 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:19:53.0569 0408 HECIx64 - ok
22:19:53.0609 0408 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:19:53.0610 0408 HidBatt - ok
22:19:53.0625 0408 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:19:53.0627 0408 HidBth - ok
22:19:53.0645 0408 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:19:53.0646 0408 HidIr - ok
22:19:53.0678 0408 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:19:53.0680 0408 hidserv - ok
22:19:53.0735 0408 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:19:53.0737 0408 HidUsb - ok
22:19:53.0775 0408 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:19:53.0779 0408 hkmsvc - ok
22:19:53.0829 0408 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:19:53.0834 0408 HomeGroupListener - ok
22:19:53.0881 0408 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:19:53.0887 0408 HomeGroupProvider - ok
22:19:53.0920 0408 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:19:53.0922 0408 HpSAMD - ok
22:19:53.0988 0408 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:19:53.0996 0408 HTTP - ok
22:19:54.0030 0408 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:19:54.0031 0408 hwpolicy - ok
22:19:54.0076 0408 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:19:54.0078 0408 i8042prt - ok
22:19:54.0146 0408 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:19:54.0149 0408 iaStor - ok
22:19:54.0182 0408 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:19:54.0187 0408 iaStorV - ok
22:19:54.0233 0408 [ 3761FAB385F1C2F51B2FAD48CFABBE9D ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
22:19:54.0234 0408 IBMPMDRV - ok
22:19:54.0247 0408 [ FC22310F3862E2C7C8722EF4778D5CC3 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
22:19:54.0250 0408 IBMPMSVC - ok
22:19:54.0312 0408 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:19:54.0321 0408 idsvc - ok
22:19:56.0098 0408 [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:19:56.0565 0408 igfx - ok
22:19:56.0633 0408 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:19:56.0667 0408 iirsp - ok
22:19:56.0878 0408 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:19:56.0901 0408 IKEEXT - ok
22:19:57.0036 0408 [ C48567D80AD357613CD0EEADE18780AE ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
22:19:57.0064 0408 Impcd - ok
22:19:57.0532 0408 [ 53019327813FF5AB2964B33B2C61307C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:19:57.0544 0408 IntcAzAudAddService - ok
22:19:57.0700 0408 [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:19:57.0742 0408 IntcDAud - ok
22:19:57.0790 0408 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:19:57.0804 0408 intelide - ok
22:19:57.0920 0408 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:19:57.0921 0408 intelppm - ok
22:19:57.0986 0408 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:19:58.0000 0408 IPBusEnum - ok
22:19:58.0048 0408 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:19:58.0086 0408 IpFilterDriver - ok
22:19:58.0247 0408 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:19:58.0299 0408 iphlpsvc - ok
22:19:58.0375 0408 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:19:58.0397 0408 IPMIDRV - ok
22:19:58.0484 0408 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:19:58.0499 0408 IPNAT - ok
22:19:58.0584 0408 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:19:58.0589 0408 IRENUM - ok
22:19:58.0681 0408 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:19:58.0700 0408 isapnp - ok
22:19:58.0777 0408 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:19:58.0788 0408 iScsiPrt - ok
22:19:58.0892 0408 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
22:19:58.0894 0408 IviRegMgr - ok
22:19:59.0033 0408 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:19:59.0035 0408 kbdclass - ok
22:19:59.0121 0408 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:19:59.0143 0408 kbdhid - ok
22:19:59.0173 0408 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:19:59.0175 0408 KeyIso - ok
22:19:59.0241 0408 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:19:59.0247 0408 KSecDD - ok
22:19:59.0317 0408 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:19:59.0320 0408 KSecPkg - ok
22:19:59.0408 0408 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:19:59.0420 0408 ksthunk - ok
22:19:59.0522 0408 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:19:59.0536 0408 KtmRm - ok
22:19:59.0675 0408 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:19:59.0694 0408 LanmanServer - ok
22:19:59.0744 0408 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:19:59.0760 0408 LanmanWorkstation - ok
22:19:59.0952 0408 [ 70481DABD9ADAB51A6933C5893B82925 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
22:19:59.0953 0408 LENOVO.CAMMUTE - ok
22:20:00.0105 0408 [ C88EB33793420A79F601FB5E33E2EDD9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
22:20:00.0106 0408 LENOVO.MICMUTE - ok
22:20:00.0127 0408 [ 5ACFF5823634BC2C4EBF559C3B33E18E ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
22:20:00.0128 0408 lenovo.smi - ok
22:20:00.0243 0408 [ D0DAF6A22037F6DEE706A095C647AA41 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
22:20:00.0244 0408 LENOVO.TPKNRSVC - ok
22:20:00.0341 0408 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:20:00.0353 0408 lltdio - ok
22:20:00.0451 0408 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:20:00.0475 0408 lltdsvc - ok
22:20:00.0512 0408 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:20:00.0528 0408 lmhosts - ok
22:20:00.0737 0408 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:20:00.0745 0408 LMS - ok
22:20:00.0812 0408 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:20:00.0829 0408 LSI_FC - ok
22:20:00.0865 0408 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:20:00.0885 0408 LSI_SAS - ok
22:20:00.0938 0408 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:20:00.0983 0408 LSI_SAS2 - ok
22:20:01.0082 0408 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:20:01.0095 0408 LSI_SCSI - ok
22:20:01.0200 0408 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:20:01.0222 0408 luafv - ok
22:20:01.0525 0408 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
22:20:01.0538 0408 McComponentHostService - ok
22:20:01.0598 0408 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:20:01.0609 0408 Mcx2Svc - ok
22:20:01.0668 0408 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:20:01.0681 0408 megasas - ok
22:20:01.0733 0408 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:20:01.0806 0408 MegaSR - ok
22:20:01.0872 0408 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:20:01.0887 0408 MMCSS - ok
22:20:01.0943 0408 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:20:01.0962 0408 Modem - ok
22:20:02.0044 0408 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:20:02.0045 0408 monitor - ok
22:20:02.0097 0408 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:20:02.0098 0408 mouclass - ok
22:20:02.0153 0408 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:20:02.0163 0408 mouhid - ok
22:20:02.0238 0408 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:20:02.0253 0408 mountmgr - ok
22:20:02.0405 0408 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:20:02.0419 0408 MozillaMaintenance - ok
22:20:02.0482 0408 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:20:02.0485 0408 mpio - ok
22:20:02.0523 0408 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:20:02.0550 0408 mpsdrv - ok
22:20:02.0706 0408 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:20:02.0728 0408 MpsSvc - ok
22:20:02.0792 0408 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:20:02.0803 0408 MRxDAV - ok
22:20:02.0882 0408 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:20:02.0888 0408 mrxsmb - ok
22:20:03.0065 0408 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:20:03.0259 0408 mrxsmb10 - ok
22:20:03.0483 0408 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:20:03.0488 0408 mrxsmb20 - ok
22:20:03.0525 0408 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:20:03.0526 0408 msahci - ok
22:20:03.0617 0408 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:20:03.0653 0408 msdsm - ok
22:20:03.0713 0408 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:20:03.0756 0408 MSDTC - ok
22:20:03.0851 0408 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:20:03.0868 0408 Msfs - ok
22:20:03.0911 0408 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:20:03.0917 0408 mshidkmdf - ok
22:20:03.0968 0408 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:20:03.0969 0408 msisadrv - ok
22:20:04.0055 0408 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:20:04.0064 0408 MSiSCSI - ok
22:20:04.0068 0408 msiserver - ok
22:20:04.0140 0408 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:20:04.0141 0408 MSKSSRV - ok
22:20:04.0197 0408 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:20:04.0219 0408 MSPCLOCK - ok
22:20:04.0268 0408 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:20:04.0277 0408 MSPQM - ok
22:20:04.0635 0408 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:20:04.0641 0408 MsRPC - ok
22:20:04.0697 0408 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:20:04.0698 0408 mssmbios - ok
22:20:04.0848 0408 MSSQL$MSSMLBIZ - ok
22:20:04.0918 0408 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
22:20:04.0921 0408 MSSQLServerADHelper - ok
22:20:04.0959 0408 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:20:04.0962 0408 MSTEE - ok
22:20:04.0998 0408 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:20:05.0000 0408 MTConfig - ok
22:20:05.0041 0408 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:20:05.0042 0408 Mup - ok
22:20:05.0137 0408 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:20:05.0155 0408 napagent - ok
22:20:05.0194 0408 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:20:05.0198 0408 NativeWifiP - ok
22:20:05.0292 0408 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:20:05.0302 0408 NDIS - ok
22:20:05.0336 0408 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:20:05.0338 0408 NdisCap - ok
22:20:05.0369 0408 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:20:05.0370 0408 NdisTapi - ok
22:20:05.0410 0408 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:20:05.0412 0408 Ndisuio - ok
22:20:05.0485 0408 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:20:05.0487 0408 NdisWan - ok
22:20:05.0547 0408 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:20:05.0566 0408 NDProxy - ok
22:20:05.0657 0408 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:20:05.0671 0408 NetBIOS - ok
22:20:05.0705 0408 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:20:05.0726 0408 NetBT - ok
22:20:05.0752 0408 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:20:05.0755 0408 Netlogon - ok
22:20:05.0810 0408 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:20:05.0817 0408 Netman - ok
22:20:05.0839 0408 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:20:05.0847 0408 netprofm - ok
22:20:05.0870 0408 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:20:05.0873 0408 NetTcpPortSharing - ok
22:20:06.0307 0408 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
22:20:06.0568 0408 NETw5s64 - ok
22:20:06.0744 0408 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
22:20:07.0047 0408 netw5v64 - ok
22:20:07.0099 0408 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:20:07.0101 0408 nfrd960 - ok
22:20:07.0154 0408 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:20:07.0161 0408 NlaSvc - ok
22:20:07.0184 0408 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:20:07.0186 0408 Npfs - ok
22:20:07.0205 0408 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:20:07.0208 0408 nsi - ok
22:20:07.0225 0408 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:20:07.0226 0408 nsiproxy - ok
22:20:07.0297 0408 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:20:07.0315 0408 Ntfs - ok
22:20:07.0325 0408 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:20:07.0326 0408 Null - ok
22:20:07.0379 0408 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:20:07.0382 0408 nvraid - ok
22:20:07.0401 0408 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:20:07.0404 0408 nvstor - ok
22:20:07.0448 0408 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:20:07.0450 0408 nv_agp - ok
22:20:07.0547 0408 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:20:07.0552 0408 odserv - ok
22:20:07.0584 0408 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:20:07.0587 0408 ohci1394 - ok
22:20:07.0621 0408 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:20:07.0623 0408 ose - ok
22:20:07.0684 0408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:20:07.0690 0408 p2pimsvc - ok
22:20:07.0720 0408 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:20:07.0728 0408 p2psvc - ok
22:20:07.0765 0408 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:20:07.0767 0408 Parport - ok
22:20:07.0797 0408 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:20:07.0799 0408 partmgr - ok
22:20:07.0829 0408 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:20:07.0834 0408 PcaSvc - ok
22:20:07.0886 0408 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:20:07.0889 0408 pci - ok
22:20:07.0910 0408 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:20:07.0911 0408 pciide - ok
22:20:07.0944 0408 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:20:07.0947 0408 pcmcia - ok
22:20:07.0968 0408 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:20:07.0969 0408 pcw - ok
22:20:07.0998 0408 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:20:08.0005 0408 PEAUTH - ok
22:20:08.0061 0408 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:20:08.0065 0408 PerfHost - ok
22:20:08.0133 0408 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:20:08.0150 0408 pla - ok
22:20:08.0211 0408 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:20:08.0218 0408 PlugPlay - ok
22:20:08.0248 0408 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:20:08.0252 0408 PNRPAutoReg - ok
22:20:08.0272 0408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:20:08.0278 0408 PNRPsvc - ok
22:20:08.0327 0408 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:20:08.0334 0408 PolicyAgent - ok
22:20:08.0417 0408 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:20:08.0421 0408 Power - ok
22:20:08.0474 0408 [ 0B6590C8E9B12CD7EDC7BB7311EFBB30 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
22:20:08.0476 0408 Power Manager DBC Service - ok
22:20:08.0523 0408 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:20:08.0525 0408 PptpMiniport - ok
22:20:08.0555 0408 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:20:08.0556 0408 Processor - ok
22:20:08.0597 0408 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:20:08.0602 0408 ProfSvc - ok
22:20:08.0618 0408 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:20:08.0621 0408 ProtectedStorage - ok
22:20:08.0642 0408 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
22:20:08.0643 0408 psadd - ok
22:20:08.0690 0408 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:20:08.0692 0408 Psched - ok
22:20:08.0749 0408 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:20:08.0764 0408 ql2300 - ok
22:20:08.0783 0408 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:20:08.0785 0408 ql40xx - ok
22:20:08.0821 0408 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:20:08.0826 0408 QWAVE - ok
22:20:08.0860 0408 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:20:08.0861 0408 QWAVEdrv - ok
22:20:08.0876 0408 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:20:08.0877 0408 RasAcd - ok
22:20:08.0907 0408 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:20:08.0908 0408 RasAgileVpn - ok
22:20:08.0929 0408 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:20:08.0934 0408 RasAuto - ok
22:20:08.0974 0408 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:20:08.0976 0408 Rasl2tp - ok
22:20:09.0013 0408 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:20:09.0019 0408 RasMan - ok
22:20:09.0047 0408 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:20:09.0049 0408 RasPppoe - ok
22:20:09.0059 0408 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:20:09.0061 0408 RasSstp - ok
22:20:09.0110 0408 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:20:09.0113 0408 rdbss - ok
22:20:09.0123 0408 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:20:09.0125 0408 rdpbus - ok
22:20:09.0140 0408 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:20:09.0142 0408 RDPCDD - ok
22:20:09.0166 0408 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:20:09.0167 0408 RDPENCDD - ok
22:20:09.0193 0408 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:20:09.0195 0408 RDPREFMP - ok
22:20:09.0230 0408 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:20:09.0233 0408 RDPWD - ok
22:20:09.0293 0408 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:20:09.0296 0408 rdyboost - ok
22:20:09.0375 0408 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:20:09.0380 0408 RegSrvc - ok
22:20:09.0411 0408 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:20:09.0414 0408 RemoteAccess - ok
22:20:09.0448 0408 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:20:09.0454 0408 RemoteRegistry - ok
22:20:09.0506 0408 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:20:09.0509 0408 RFCOMM - ok
22:20:09.0542 0408 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:20:09.0545 0408 RpcEptMapper - ok
22:20:09.0564 0408 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:20:09.0567 0408 RpcLocator - ok
22:20:09.0613 0408 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:20:09.0620 0408 RpcSs - ok
22:20:09.0648 0408 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:20:09.0662 0408 rspndr - ok
22:20:09.0735 0408 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:20:09.0737 0408 RSUSBSTOR - ok
22:20:09.0776 0408 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:20:09.0780 0408 RTL8167 - ok
22:20:09.0796 0408 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:20:09.0799 0408 SamSs - ok
22:20:09.0840 0408 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:20:09.0842 0408 sbp2port - ok
22:20:09.0877 0408 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:20:09.0882 0408 SCardSvr - ok
22:20:09.0917 0408 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:20:09.0918 0408 scfilter - ok
22:20:09.0971 0408 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:20:09.0985 0408 Schedule - ok
22:20:10.0022 0408 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:20:10.0023 0408 SCPolicySvc - ok
22:20:10.0070 0408 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
22:20:10.0072 0408 sdbus - ok
22:20:10.0095 0408 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:20:10.0099 0408 SDRSVC - ok
22:20:10.0125 0408 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:20:10.0126 0408 secdrv - ok
22:20:10.0166 0408 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:20:10.0170 0408 seclogon - ok
22:20:10.0190 0408 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:20:10.0194 0408 SENS - ok
22:20:10.0213 0408 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:20:10.0227 0408 SensrSvc - ok
22:20:10.0287 0408 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:20:10.0304 0408 Serenum - ok
22:20:10.0360 0408 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:20:10.0372 0408 Serial - ok
22:20:10.0417 0408 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:20:10.0431 0408 sermouse - ok
22:20:10.0483 0408 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:20:10.0503 0408 SessionEnv - ok
22:20:10.0560 0408 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:20:10.0578 0408 sffdisk - ok
22:20:10.0603 0408 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:20:10.0604 0408 sffp_mmc - ok
22:20:10.0617 0408 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:20:10.0620 0408 sffp_sd - ok
22:20:10.0647 0408 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:20:10.0648 0408 sfloppy - ok
22:20:10.0680 0408 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:20:10.0686 0408 SharedAccess - ok
22:20:10.0733 0408 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:20:10.0740 0408 ShellHWDetection - ok
22:20:10.0782 0408 [ C45942985943FC4AB8A7EA7A92F29C00 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
22:20:10.0784 0408 Shockprf - ok
22:20:10.0820 0408 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:20:10.0822 0408 SiSRaid2 - ok
22:20:10.0841 0408 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:20:10.0843 0408 SiSRaid4 - ok
22:20:10.0905 0408 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:20:10.0908 0408 SkypeUpdate - ok
22:20:10.0932 0408 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:20:10.0943 0408 Smb - ok
22:20:11.0010 0408 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:20:11.0014 0408 SNMPTRAP - ok
22:20:11.0055 0408 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:20:11.0057 0408 spldr - ok
22:20:11.0099 0408 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:20:11.0108 0408 Spooler - ok
22:20:11.0215 0408 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:20:11.0294 0408 sppsvc - ok
22:20:11.0335 0408 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:20:11.0339 0408 sppuinotify - ok
22:20:11.0371 0408 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:20:11.0374 0408 SQLBrowser - ok
22:20:11.0424 0408 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:20:11.0427 0408 SQLWriter - ok
22:20:11.0480 0408 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:20:11.0486 0408 srv - ok
22:20:11.0509 0408 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:20:11.0514 0408 srv2 - ok
22:20:11.0544 0408 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:20:11.0548 0408 SrvHsfHDA - ok
22:20:11.0605 0408 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:20:11.0620 0408 SrvHsfV92 - ok
22:20:11.0651 0408 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:20:11.0660 0408 SrvHsfWinac - ok
22:20:11.0694 0408 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:20:11.0697 0408 srvnet - ok
22:20:11.0734 0408 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:20:11.0739 0408 SSDPSRV - ok
22:20:11.0756 0408 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:20:11.0760 0408 SstpSvc - ok
22:20:11.0795 0408 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:20:11.0796 0408 stexstor - ok
22:20:11.0853 0408 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:20:11.0863 0408 stisvc - ok
22:20:11.0923 0408 [ F3C73E650F1CD3289F38E62CCC325A66 ] SUService c:\Program Files (x86)\Lenovo\System Update\SUService.exe
22:20:11.0924 0408 SUService - ok
22:20:11.0954 0408 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:20:11.0955 0408 swenum - ok
22:20:11.0990 0408 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:20:11.0999 0408 swprv - ok
22:20:12.0039 0408 [ 868DFB220A18312A12CEF01BA9AC069B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:20:12.0042 0408 SynTP - ok
22:20:12.0106 0408 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:20:12.0127 0408 SysMain - ok
22:20:12.0181 0408 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:20:12.0185 0408 TabletInputService - ok
22:20:12.0206 0408 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:20:12.0214 0408 TapiSrv - ok
22:20:12.0250 0408 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:20:12.0255 0408 TBS - ok
22:20:12.0373 0408 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:20:12.0393 0408 Tcpip - ok
22:20:12.0429 0408 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:20:12.0440 0408 TCPIP6 - ok
22:20:12.0481 0408 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:20:12.0482 0408 tcpipreg - ok
22:20:12.0523 0408 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:20:12.0524 0408 TDPIPE - ok
22:20:12.0555 0408 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:20:12.0557 0408 TDTCP - ok
22:20:12.0600 0408 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:20:12.0603 0408 tdx - ok
22:20:12.0644 0408 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:20:12.0646 0408 TermDD - ok
22:20:12.0673 0408 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:20:12.0683 0408 TermService - ok
22:20:12.0715 0408 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:20:12.0720 0408 Themes - ok
22:20:12.0772 0408 [ 39AC444E07FDBD8C2E8E291A65D515D3 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
22:20:12.0779 0408 ThinkVantage Registry Monitor Service - ok
22:20:12.0806 0408 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:20:12.0809 0408 THREADORDER - ok
22:20:12.0819 0408 [ 6DB3FAE611554DC373E266ED50111B1C ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
22:20:12.0820 0408 TPDIGIMN - ok
22:20:12.0858 0408 [ 47D2009FDC682833EE03B6DCBA23FDD2 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
22:20:12.0863 0408 TPHDEXLGSVC - ok
22:20:12.0930 0408 [ 2CF225E19490F499528B926263FE4554 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
22:20:12.0932 0408 TPHKSVC - ok
22:20:12.0967 0408 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
22:20:12.0970 0408 TPM - ok
22:20:13.0019 0408 [ 2C067E01D6BBCCC88B233B868E210907 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
22:20:13.0020 0408 TPPWRIF - ok
22:20:13.0062 0408 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:20:13.0067 0408 TrkWks - ok
22:20:13.0136 0408 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:20:13.0139 0408 TrustedInstaller - ok
22:20:13.0185 0408 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:20:13.0187 0408 tssecsrv - ok
22:20:13.0241 0408 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:20:13.0243 0408 TsUsbFlt - ok
22:20:13.0303 0408 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:20:13.0305 0408 tunnel - ok
22:20:13.0344 0408 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
22:20:13.0345 0408 TurboB - ok
22:20:13.0392 0408 [ B670DF651F00194434ADC6B326743709 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:20:13.0394 0408 TurboBoost - ok
22:20:13.0471 0408 [ B56DA1AA776C15043D10F82B32AA000D ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
22:20:13.0486 0408 TVT Backup Service - ok
22:20:13.0512 0408 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:20:13.0514 0408 uagp35 - ok
22:20:13.0563 0408 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:20:13.0567 0408 udfs - ok
22:20:13.0614 0408 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:20:13.0618 0408 UI0Detect - ok
22:20:13.0636 0408 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:20:13.0638 0408 uliagpkx - ok
22:20:13.0676 0408 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:20:13.0678 0408 umbus - ok
22:20:13.0701 0408 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:20:13.0702 0408 UmPass - ok
22:20:13.0785 0408 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:20:13.0808 0408 UNS - ok
22:20:13.0837 0408 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:20:13.0843 0408 upnphost - ok
22:20:13.0886 0408 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:20:13.0888 0408 usbccgp - ok
22:20:13.0937 0408 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:20:13.0939 0408 usbcir - ok
22:20:13.0978 0408 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:20:13.0979 0408 usbehci - ok
22:20:14.0017 0408 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:20:14.0022 0408 usbhub - ok
22:20:14.0064 0408 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:20:14.0066 0408 usbohci - ok
22:20:14.0089 0408 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:20:14.0091 0408 usbprint - ok
22:20:14.0118 0408 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:20:14.0120 0408 usbscan - ok
22:20:14.0160 0408 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:20:14.0162 0408 USBSTOR - ok
22:20:14.0208 0408 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:20:14.0210 0408 usbuhci - ok
22:20:14.0243 0408 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:20:14.0246 0408 usbvideo - ok
22:20:14.0285 0408 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:20:14.0291 0408 UxSms - ok
22:20:14.0319 0408 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:20:14.0322 0408 VaultSvc - ok
22:20:14.0368 0408 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:20:14.0370 0408 vdrvroot - ok
22:20:14.0423 0408 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:20:14.0431 0408 vds - ok
22:20:14.0463 0408 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:20:14.0464 0408 vga - ok
22:20:14.0488 0408 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:20:14.0490 0408 VgaSave - ok
22:20:14.0549 0408 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:20:14.0552 0408 vhdmp - ok
22:20:14.0580 0408 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:20:14.0582 0408 viaide - ok
22:20:14.0619 0408 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:20:14.0620 0408 volmgr - ok
22:20:14.0664 0408 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:20:14.0668 0408 volmgrx - ok
22:20:14.0694 0408 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:20:14.0698 0408 volsnap - ok
22:20:14.0731 0408 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:20:14.0734 0408 vsmraid - ok
22:20:14.0804 0408 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:20:14.0824 0408 VSS - ok
22:20:14.0868 0408 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:20:14.0869 0408 vwifibus - ok
22:20:14.0902 0408 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:20:14.0904 0408 vwififlt - ok
22:20:14.0930 0408 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:20:14.0945 0408 vwifimp - ok
22:20:14.0986 0408 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:20:14.0994 0408 W32Time - ok

Rike1984 21.02.2013 18:50
Report Teil 2:

22:20:15.0021 0408 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:20:15.0023 0408 WacomPen - ok
22:20:15.0083 0408 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:20:15.0085 0408 WANARP - ok
22:20:15.0114 0408 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:20:15.0116 0408 Wanarpv6 - ok
22:20:15.0198 0408 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:20:15.0212 0408 WatAdminSvc - ok
22:20:15.0265 0408 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:20:15.0284 0408 wbengine - ok
22:20:15.0326 0408 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:20:15.0331 0408 WbioSrvc - ok
22:20:15.0373 0408 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:20:15.0383 0408 wcncsvc - ok
22:20:15.0401 0408 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:20:15.0406 0408 WcsPlugInService - ok
22:20:15.0464 0408 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:20:15.0466 0408 Wd - ok
22:20:15.0523 0408 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:20:15.0531 0408 Wdf01000 - ok
22:20:15.0550 0408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:20:15.0555 0408 WdiServiceHost - ok
22:20:15.0559 0408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:20:15.0564 0408 WdiSystemHost - ok
22:20:15.0607 0408 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:20:15.0614 0408 WebClient - ok
22:20:15.0648 0408 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:20:15.0654 0408 Wecsvc - ok
22:20:15.0687 0408 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:20:15.0693 0408 wercplsupport - ok
22:20:15.0724 0408 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:20:15.0730 0408 WerSvc - ok
22:20:15.0797 0408 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:20:15.0798 0408 WfpLwf - ok
22:20:15.0844 0408 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:20:15.0846 0408 WIMMount - ok
22:20:15.0897 0408 WinDefend - ok
22:20:15.0904 0408 WinHttpAutoProxySvc - ok
22:20:15.0981 0408 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:20:15.0984 0408 Winmgmt - ok
22:20:16.0063 0408 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:20:16.0087 0408 WinRM - ok
22:20:16.0169 0408 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:20:16.0170 0408 WinUsb - ok
22:20:16.0213 0408 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:20:16.0226 0408 Wlansvc - ok
22:20:16.0265 0408 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:20:16.0267 0408 WmiAcpi - ok
22:20:16.0288 0408 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:20:16.0292 0408 wmiApSrv - ok
22:20:16.0348 0408 WMPNetworkSvc - ok
22:20:16.0366 0408 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:20:16.0371 0408 WPCSvc - ok
22:20:16.0418 0408 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:20:16.0423 0408 WPDBusEnum - ok
22:20:16.0448 0408 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:20:16.0450 0408 ws2ifsl - ok
22:20:16.0467 0408 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:20:16.0473 0408 wscsvc - ok
22:20:16.0477 0408 WSearch - ok
22:20:16.0572 0408 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:20:16.0599 0408 wuauserv - ok
22:20:16.0646 0408 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:20:16.0648 0408 WudfPf - ok
22:20:16.0678 0408 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:20:16.0682 0408 WUDFRd - ok
22:20:16.0701 0408 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:20:16.0706 0408 wudfsvc - ok
22:20:16.0747 0408 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:20:16.0753 0408 WwanSvc - ok
22:20:16.0796 0408 ================ Scan global ===============================
22:20:16.0815 0408 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:20:16.0862 0408 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:20:16.0872 0408 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:20:16.0894 0408 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:20:16.0971 0408 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:20:16.0978 0408 [Global] - ok
22:20:16.0979 0408 ================ Scan MBR ==================================
22:20:16.0995 0408 [ 2359660F8D5E1B418E3B1C780E1E0EA3 ] \Device\Harddisk0\DR0
22:20:17.0207 0408 \Device\Harddisk0\DR0 - ok
22:20:17.0208 0408 ================ Scan VBR ==================================
22:20:17.0210 0408 [ D2861C4F45152A3F727966D2D1352AA0 ] \Device\Harddisk0\DR0\Partition1
22:20:17.0212 0408 \Device\Harddisk0\DR0\Partition1 - ok
22:20:17.0234 0408 [ E3A238BFFBBDB1166ED9173CCDC18BA8 ] \Device\Harddisk0\DR0\Partition2
22:20:17.0236 0408 \Device\Harddisk0\DR0\Partition2 - ok
22:20:17.0265 0408 [ EA0CB6B32F3085BAE7E30AE03B4A3C93 ] \Device\Harddisk0\DR0\Partition3
22:20:17.0267 0408 \Device\Harddisk0\DR0\Partition3 - ok
22:20:17.0267 0408 ============================================================
22:20:17.0267 0408 Scan finished
22:20:17.0267 0408 ============================================================
22:20:17.0281 0540 Detected object count: 1
22:20:17.0281 0540 Actual detected object count: 1
22:21:10.0662 0540 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:21:10.0662 0540 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:21:31.0277 4968 ============================================================
22:21:31.0277 4968 Scan started
22:21:31.0277 4968 Mode: Manual;
22:21:31.0277 4968 ============================================================
22:21:31.0511 4968 ================ Scan system memory ========================
22:21:31.0511 4968 System memory - ok
22:21:31.0511 4968 ================ Scan services =============================
22:21:31.0684 4968 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:21:31.0686 4968 1394ohci - ok
22:21:31.0726 4968 [ 7D497701BDA1267AD5F86350925D2F10 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
22:21:31.0727 4968 5U877 - ok
22:21:31.0782 4968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:21:31.0784 4968 ACPI - ok
22:21:31.0815 4968 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:21:31.0816 4968 AcpiPmi - ok
22:21:31.0886 4968 [ CF2D68C16C7BE8D037DDD1BFA6E9C965 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
22:21:31.0887 4968 AcPrfMgrSvc - ok
22:21:31.0917 4968 [ B5060FE4AA0A074779C7B11AE7DB9D48 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
22:21:31.0919 4968 AcSvc - ok
22:21:31.0976 4968 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:21:31.0976 4968 AdobeARMservice - ok
22:21:32.0098 4968 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:21:32.0099 4968 AdobeFlashPlayerUpdateSvc - ok
22:21:32.0151 4968 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:21:32.0154 4968 adp94xx - ok
22:21:32.0175 4968 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:21:32.0178 4968 adpahci - ok
22:21:32.0203 4968 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:21:32.0204 4968 adpu320 - ok
22:21:32.0250 4968 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:21:32.0251 4968 AeLookupSvc - ok
22:21:32.0305 4968 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:21:32.0308 4968 AFD - ok
22:21:32.0350 4968 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:21:32.0351 4968 agp440 - ok
22:21:32.0506 4968 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
22:21:32.0506 4968 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
22:21:32.0513 4968 Akamai ( HiddenFile.Multi.Generic ) - warning
22:21:32.0513 4968 Akamai - detected HiddenFile.Multi.Generic (1)
22:21:32.0549 4968 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:21:32.0550 4968 ALG - ok
22:21:32.0584 4968 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:21:32.0584 4968 aliide - ok
22:21:32.0595 4968 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:21:32.0596 4968 amdide - ok
22:21:32.0623 4968 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:21:32.0624 4968 AmdK8 - ok
22:21:32.0629 4968 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:21:32.0630 4968 AmdPPM - ok
22:21:32.0672 4968 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:21:32.0673 4968 amdsata - ok
22:21:32.0687 4968 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:21:32.0689 4968 amdsbs - ok
22:21:32.0736 4968 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:21:32.0736 4968 amdxata - ok
22:21:32.0754 4968 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
22:21:32.0755 4968 Andbus - ok
22:21:32.0766 4968 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
22:21:32.0767 4968 AndDiag - ok
22:21:32.0792 4968 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
22:21:32.0793 4968 AndGps - ok
22:21:32.0817 4968 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
22:21:32.0818 4968 ANDModem - ok
22:21:32.0847 4968 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:21:32.0847 4968 AppID - ok
22:21:32.0866 4968 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:21:32.0867 4968 AppIDSvc - ok
22:21:32.0911 4968 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:21:32.0912 4968 Appinfo - ok
22:21:32.0936 4968 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:21:32.0937 4968 arc - ok
22:21:32.0948 4968 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:21:32.0949 4968 arcsas - ok
22:21:32.0996 4968 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:21:32.0997 4968 aswFsBlk - ok
22:21:33.0044 4968 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:21:33.0045 4968 aswMonFlt - ok
22:21:33.0065 4968 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:21:33.0066 4968 aswRdr - ok
22:21:33.0107 4968 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:21:33.0112 4968 aswSnx - ok
22:21:33.0139 4968 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:21:33.0142 4968 aswSP - ok
22:21:33.0165 4968 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:21:33.0166 4968 aswTdi - ok
22:21:33.0195 4968 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:21:33.0196 4968 AsyncMac - ok
22:21:33.0229 4968 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:21:33.0229 4968 atapi - ok
22:21:33.0282 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:21:33.0286 4968 AudioEndpointBuilder - ok
22:21:33.0296 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:21:33.0300 4968 AudioSrv - ok
22:21:33.0398 4968 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:21:33.0399 4968 avast! Antivirus - ok
22:21:33.0436 4968 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:21:33.0438 4968 AxInstSV - ok
22:21:33.0471 4968 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:21:33.0473 4968 b06bdrv - ok
22:21:33.0489 4968 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:21:33.0491 4968 b57nd60a - ok
22:21:33.0558 4968 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:21:33.0559 4968 BBSvc - ok
22:21:33.0602 4968 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:21:33.0604 4968 BBUpdate - ok
22:21:33.0654 4968 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
22:21:33.0655 4968 BcmSqlStartupSvc - ok
22:21:33.0690 4968 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:21:33.0691 4968 BDESVC - ok
22:21:33.0718 4968 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:21:33.0718 4968 Beep - ok
22:21:33.0772 4968 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:21:33.0776 4968 BFE - ok
22:21:33.0808 4968 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:21:33.0815 4968 BITS - ok
22:21:33.0844 4968 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:21:33.0845 4968 blbdrive - ok
22:21:33.0870 4968 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:21:33.0870 4968 bowser - ok
22:21:33.0887 4968 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:21:33.0888 4968 BrFiltLo - ok
22:21:33.0914 4968 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:21:33.0915 4968 BrFiltUp - ok
22:21:33.0957 4968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:21:33.0959 4968 Browser - ok
22:21:34.0012 4968 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:21:34.0014 4968 Brserid - ok
22:21:34.0061 4968 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:21:34.0062 4968 BrSerWdm - ok
22:21:34.0070 4968 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:21:34.0070 4968 BrUsbMdm - ok
22:21:34.0074 4968 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:21:34.0075 4968 BrUsbSer - ok
22:21:34.0130 4968 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:21:34.0131 4968 BthEnum - ok
22:21:34.0149 4968 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:21:34.0150 4968 BTHMODEM - ok
22:21:34.0170 4968 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:21:34.0171 4968 BthPan - ok
22:21:34.0198 4968 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:21:34.0201 4968 BTHPORT - ok
22:21:34.0235 4968 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:21:34.0236 4968 bthserv - ok
22:21:34.0266 4968 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:21:34.0266 4968 BTHUSB - ok
22:21:34.0294 4968 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
22:21:34.0295 4968 btusbflt - ok
22:21:34.0311 4968 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:21:34.0312 4968 btwaudio - ok
22:21:34.0317 4968 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:21:34.0319 4968 btwavdt - ok
22:21:34.0382 4968 [ 1BA00F5A3012365CB5B1A5DBABC1943C ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
22:21:34.0387 4968 btwdins - ok
22:21:34.0391 4968 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:21:34.0392 4968 btwl2cap - ok
22:21:34.0406 4968 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:21:34.0406 4968 btwrchid - ok
22:21:34.0419 4968 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:21:34.0420 4968 cdfs - ok
22:21:34.0452 4968 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:21:34.0453 4968 cdrom - ok
22:21:34.0496 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:21:34.0497 4968 CertPropSvc - ok
22:21:34.0521 4968 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:21:34.0522 4968 circlass - ok
22:21:34.0552 4968 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:21:34.0555 4968 CLFS - ok
22:21:34.0623 4968 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:21:34.0624 4968 clr_optimization_v2.0.50727_32 - ok
22:21:34.0689 4968 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:21:34.0690 4968 clr_optimization_v2.0.50727_64 - ok
22:21:34.0765 4968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:21:34.0767 4968 clr_optimization_v4.0.30319_32 - ok
22:21:34.0806 4968 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:21:34.0807 4968 clr_optimization_v4.0.30319_64 - ok
22:21:34.0838 4968 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:21:34.0838 4968 CmBatt - ok
22:21:34.0854 4968 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:21:34.0854 4968 cmdide - ok
22:21:34.0913 4968 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:21:34.0915 4968 CNG - ok
22:21:34.0942 4968 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:21:34.0943 4968 Compbatt - ok
22:21:34.0980 4968 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:21:34.0981 4968 CompositeBus - ok
22:21:34.0986 4968 COMSysApp - ok
22:21:34.0999 4968 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:21:35.0000 4968 crcdisk - ok
22:21:35.0044 4968 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:21:35.0046 4968 CryptSvc - ok
22:21:35.0098 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:21:35.0103 4968 DcomLaunch - ok
22:21:35.0135 4968 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:21:35.0138 4968 defragsvc - ok
22:21:35.0174 4968 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:21:35.0175 4968 DfsC - ok
22:21:35.0188 4968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:21:35.0191 4968 Dhcp - ok
22:21:35.0224 4968 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:21:35.0225 4968 discache - ok
22:21:35.0233 4968 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:21:35.0235 4968 Disk - ok
22:21:35.0268 4968 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:21:35.0270 4968 Dnscache - ok
22:21:35.0318 4968 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:21:35.0320 4968 dot3svc - ok
22:21:35.0349 4968 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:21:35.0351 4968 DPS - ok
22:21:35.0362 4968 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:21:35.0362 4968 drmkaud - ok
22:21:35.0423 4968 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:21:35.0429 4968 DXGKrnl - ok
22:21:35.0457 4968 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:21:35.0459 4968 EapHost - ok
22:21:35.0542 4968 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:21:35.0559 4968 ebdrv - ok
22:21:35.0581 4968 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:21:35.0583 4968 EFS - ok
22:21:35.0644 4968 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:21:35.0648 4968 ehRecvr - ok
22:21:35.0682 4968 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:21:35.0683 4968 ehSched - ok
22:21:35.0714 4968 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:21:35.0717 4968 elxstor - ok
22:21:35.0758 4968 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:21:35.0758 4968 ErrDev - ok
22:21:35.0789 4968 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:21:35.0792 4968 EventSystem - ok
22:21:35.0862 4968 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:21:35.0869 4968 EvtEng - ok
22:21:35.0890 4968 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:21:35.0892 4968 exfat - ok
22:21:35.0945 4968 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:21:35.0946 4968 fastfat - ok
22:21:35.0991 4968 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:21:35.0997 4968 Fax - ok
22:21:36.0012 4968 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:21:36.0013 4968 fdc - ok
22:21:36.0037 4968 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:21:36.0039 4968 fdPHost - ok
22:21:36.0048 4968 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:21:36.0049 4968 FDResPub - ok
22:21:36.0079 4968 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:21:36.0080 4968 FileInfo - ok
22:21:36.0087 4968 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:21:36.0088 4968 Filetrace - ok
22:21:36.0106 4968 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:21:36.0106 4968 flpydisk - ok
22:21:36.0144 4968 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:21:36.0146 4968 FltMgr - ok
22:21:36.0203 4968 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:21:36.0210 4968 FontCache - ok
22:21:36.0268 4968 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:21:36.0269 4968 FontCache3.0.0.0 - ok
22:21:36.0297 4968 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:21:36.0298 4968 FsDepends - ok
22:21:36.0325 4968 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:21:36.0326 4968 Fs_Rec - ok
22:21:36.0372 4968 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:21:36.0373 4968 fvevol - ok
22:21:36.0398 4968 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:21:36.0399 4968 gagp30kx - ok
22:21:36.0455 4968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:21:36.0460 4968 gpsvc - ok
22:21:36.0527 4968 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:21:36.0528 4968 gupdate - ok
22:21:36.0532 4968 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:21:36.0534 4968 gupdatem - ok
22:21:36.0586 4968 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:21:36.0586 4968 hcw85cir - ok
22:21:36.0620 4968 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:21:36.0623 4968 HdAudAddService - ok
22:21:36.0663 4968 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:21:36.0664 4968 HDAudBus - ok
22:21:36.0699 4968 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:21:36.0700 4968 HECIx64 - ok
22:21:36.0704 4968 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:21:36.0705 4968 HidBatt - ok
22:21:36.0733 4968 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:21:36.0734 4968 HidBth - ok
22:21:36.0743 4968 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:21:36.0743 4968 HidIr - ok
22:21:36.0776 4968 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:21:36.0777 4968 hidserv - ok
22:21:36.0798 4968 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:21:36.0799 4968 HidUsb - ok
22:21:36.0839 4968 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:21:36.0842 4968 hkmsvc - ok
22:21:36.0882 4968 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:21:36.0885 4968 HomeGroupListener - ok
22:21:36.0934 4968 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:21:36.0938 4968 HomeGroupProvider - ok
22:21:36.0974 4968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:21:36.0974 4968 HpSAMD - ok
22:21:37.0030 4968 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:21:37.0034 4968 HTTP - ok
22:21:37.0083 4968 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:21:37.0084 4968 hwpolicy - ok
22:21:37.0118 4968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:21:37.0120 4968 i8042prt - ok
22:21:37.0155 4968 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:21:37.0157 4968 iaStor - ok
22:21:37.0180 4968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:21:37.0182 4968 iaStorV - ok
22:21:37.0208 4968 [ 3761FAB385F1C2F51B2FAD48CFABBE9D ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
22:21:37.0209 4968 IBMPMDRV - ok
22:21:37.0223 4968 [ FC22310F3862E2C7C8722EF4778D5CC3 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
22:21:37.0225 4968 IBMPMSVC - ok
22:21:37.0287 4968 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:21:37.0292 4968 idsvc - ok
22:21:37.0546 4968 [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:21:37.0614 4968 igfx - ok
22:21:37.0719 4968 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:21:37.0720 4968 iirsp - ok
22:21:37.0780 4968 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:21:37.0787 4968 IKEEXT - ok
22:21:37.0798 4968 [ C48567D80AD357613CD0EEADE18780AE ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
22:21:37.0799 4968 Impcd - ok
22:21:37.0863 4968 [ 53019327813FF5AB2964B33B2C61307C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:21:37.0876 4968 IntcAzAudAddService - ok
22:21:37.0909 4968 [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:21:37.0911 4968 IntcDAud - ok
22:21:37.0954 4968 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:21:37.0955 4968 intelide - ok
22:21:37.0995 4968 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:21:37.0996 4968 intelppm - ok
22:21:38.0017 4968 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:21:38.0020 4968 IPBusEnum - ok
22:21:38.0068 4968 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:21:38.0069 4968 IpFilterDriver - ok
22:21:38.0118 4968 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:21:38.0122 4968 iphlpsvc - ok
22:21:38.0161 4968 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:21:38.0162 4968 IPMIDRV - ok
22:21:38.0193 4968 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:21:38.0194 4968 IPNAT - ok
22:21:38.0204 4968 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:21:38.0205 4968 IRENUM - ok
22:21:38.0223 4968 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:21:38.0223 4968 isapnp - ok
22:21:38.0249 4968 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:21:38.0251 4968 iScsiPrt - ok
22:21:38.0279 4968 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
22:21:38.0280 4968 IviRegMgr - ok
22:21:38.0319 4968 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:21:38.0320 4968 kbdclass - ok
22:21:38.0374 4968 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:21:38.0375 4968 kbdhid - ok
22:21:38.0404 4968 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:21:38.0406 4968 KeyIso - ok
22:21:38.0439 4968 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:21:38.0441 4968 KSecDD - ok
22:21:38.0476 4968 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:21:38.0478 4968 KSecPkg - ok
22:21:38.0498 4968 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:21:38.0499 4968 ksthunk - ok
22:21:38.0542 4968 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:21:38.0547 4968 KtmRm - ok
22:21:38.0605 4968 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:21:38.0611 4968 LanmanServer - ok
22:21:38.0663 4968 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:21:38.0667 4968 LanmanWorkstation - ok
22:21:38.0750 4968 [ 70481DABD9ADAB51A6933C5893B82925 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
22:21:38.0751 4968 LENOVO.CAMMUTE - ok
22:21:38.0799 4968 [ C88EB33793420A79F601FB5E33E2EDD9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
22:21:38.0800 4968 LENOVO.MICMUTE - ok
22:21:38.0858 4968 [ 5ACFF5823634BC2C4EBF559C3B33E18E ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
22:21:38.0859 4968 lenovo.smi - ok
22:21:38.0874 4968 [ D0DAF6A22037F6DEE706A095C647AA41 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
22:21:38.0875 4968 LENOVO.TPKNRSVC - ok
22:21:38.0883 4968 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:21:38.0884 4968 lltdio - ok
22:21:38.0915 4968 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:21:38.0919 4968 lltdsvc - ok
22:21:38.0931 4968 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:21:38.0934 4968 lmhosts - ok
22:21:38.0972 4968 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:21:38.0973 4968 LMS - ok
22:21:38.0999 4968 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:21:39.0000 4968 LSI_FC - ok
22:21:39.0018 4968 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:21:39.0019 4968 LSI_SAS - ok
22:21:39.0036 4968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:21:39.0037 4968 LSI_SAS2 - ok
22:21:39.0046 4968 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:21:39.0048 4968 LSI_SCSI - ok
22:21:39.0064 4968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:21:39.0066 4968 luafv - ok
22:21:39.0132 4968 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
22:21:39.0134 4968 McComponentHostService - ok
22:21:39.0183 4968 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:21:39.0186 4968 Mcx2Svc - ok
22:21:39.0209 4968 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:21:39.0210 4968 megasas - ok
22:21:39.0232 4968 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:21:39.0235 4968 MegaSR - ok
22:21:39.0269 4968 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:21:39.0271 4968 MMCSS - ok
22:21:39.0284 4968 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:21:39.0284 4968 Modem - ok
22:21:39.0307 4968 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:21:39.0308 4968 monitor - ok
22:21:39.0316 4968 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:21:39.0316 4968 mouclass - ok
22:21:39.0338 4968 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:21:39.0339 4968 mouhid - ok
22:21:39.0379 4968 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:21:39.0380 4968 mountmgr - ok
22:21:39.0412 4968 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:21:39.0413 4968 MozillaMaintenance - ok
22:21:39.0453 4968 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:21:39.0455 4968 mpio - ok
22:21:39.0475 4968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:21:39.0476 4968 mpsdrv - ok
22:21:39.0535 4968 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:21:39.0541 4968 MpsSvc - ok
22:21:39.0581 4968 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:21:39.0583 4968 MRxDAV - ok
22:21:39.0619 4968 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:21:39.0620 4968 mrxsmb - ok
22:21:39.0647 4968 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:21:39.0649 4968 mrxsmb10 - ok
22:21:39.0702 4968 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:21:39.0703 4968 mrxsmb20 - ok
22:21:39.0722 4968 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:21:39.0723 4968 msahci - ok
22:21:39.0762 4968 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:21:39.0763 4968 msdsm - ok
22:21:39.0776 4968 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:21:39.0779 4968 MSDTC - ok
22:21:39.0813 4968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:21:39.0814 4968 Msfs - ok
22:21:39.0830 4968 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:21:39.0831 4968 mshidkmdf - ok
22:21:39.0865 4968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:21:39.0865 4968 msisadrv - ok
22:21:39.0884 4968 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:21:39.0887 4968 MSiSCSI - ok
22:21:39.0891 4968 msiserver - ok
22:21:39.0914 4968 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:21:39.0914 4968 MSKSSRV - ok
22:21:39.0927 4968 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:21:39.0956 4968 MSPCLOCK - ok
22:21:39.0976 4968 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:21:39.0977 4968 MSPQM - ok
22:21:40.0019 4968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:21:40.0022 4968 MsRPC - ok
22:21:40.0060 4968 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:21:40.0061 4968 mssmbios - ok
22:21:40.0108 4968 MSSQL$MSSMLBIZ - ok
22:21:40.0137 4968 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
22:21:40.0138 4968 MSSQLServerADHelper - ok
22:21:40.0166 4968 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:21:40.0167 4968 MSTEE - ok
22:21:40.0181 4968 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:21:40.0182 4968 MTConfig - ok
22:21:40.0192 4968 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:21:40.0193 4968 Mup - ok
22:21:40.0244 4968 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:21:40.0250 4968 napagent - ok
22:21:40.0280 4968 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:21:40.0282 4968 NativeWifiP - ok
22:21:40.0333 4968 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:21:40.0338 4968 NDIS - ok
22:21:40.0365 4968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:21:40.0366 4968 NdisCap - ok
22:21:40.0388 4968 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:21:40.0389 4968 NdisTapi - ok
22:21:40.0429 4968 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:21:40.0430 4968 Ndisuio - ok
22:21:40.0468 4968 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:21:40.0470 4968 NdisWan - ok
22:21:40.0510 4968 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:21:40.0511 4968 NDProxy - ok
22:21:40.0531 4968 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:21:40.0532 4968 NetBIOS - ok
22:21:40.0568 4968 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:21:40.0570 4968 NetBT - ok
22:21:40.0593 4968 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:21:40.0596 4968 Netlogon - ok
22:21:40.0628 4968 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:21:40.0633 4968 Netman - ok
22:21:40.0679 4968 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:21:40.0683 4968 netprofm - ok
22:21:40.0711 4968 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:21:40.0713 4968 NetTcpPortSharing - ok
22:21:40.0861 4968 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
22:21:40.0896 4968 NETw5s64 - ok
22:21:41.0040 4968 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
22:21:41.0066 4968 netw5v64 - ok
22:21:41.0107 4968 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:21:41.0108 4968 nfrd960 - ok
22:21:41.0151 4968 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:21:41.0154 4968 NlaSvc - ok
22:21:41.0170 4968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:21:41.0171 4968 Npfs - ok
22:21:41.0190 4968 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:21:41.0193 4968 nsi - ok
22:21:41.0198 4968 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:21:41.0199 4968 nsiproxy - ok
22:21:41.0273 4968 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:21:41.0282 4968 Ntfs - ok
22:21:41.0310 4968 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:21:41.0311 4968 Null - ok
22:21:41.0366 4968 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:21:41.0367 4968 nvraid - ok
22:21:41.0386 4968 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:21:41.0388 4968 nvstor - ok
22:21:41.0400 4968 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:21:41.0401 4968 nv_agp - ok
22:21:41.0488 4968 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:21:41.0490 4968 odserv - ok
22:21:41.0525 4968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:21:41.0526 4968 ohci1394 - ok
22:21:41.0550 4968 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:21:41.0552 4968 ose - ok
22:21:41.0624 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:21:41.0628 4968 p2pimsvc - ok
22:21:41.0649 4968 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:21:41.0654 4968 p2psvc - ok
22:21:41.0683 4968 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:21:41.0684 4968 Parport - ok
22:21:41.0716 4968 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:21:41.0717 4968 partmgr - ok
22:21:41.0748 4968 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:21:41.0751 4968 PcaSvc - ok
22:21:41.0794 4968 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:21:41.0795 4968 pci - ok
22:21:41.0806 4968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:21:41.0807 4968 pciide - ok
22:21:41.0840 4968 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:21:41.0842 4968 pcmcia - ok
22:21:41.0853 4968 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:21:41.0855 4968 pcw - ok
22:21:41.0872 4968 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:21:41.0876 4968 PEAUTH - ok
22:21:41.0969 4968 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:21:41.0971 4968 PerfHost - ok
22:21:42.0062 4968 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:21:42.0072 4968 pla - ok
22:21:42.0118 4968 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:21:42.0123 4968 PlugPlay - ok
22:21:42.0155 4968 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:21:42.0159 4968 PNRPAutoReg - ok
22:21:42.0213 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:21:42.0219 4968 PNRPsvc - ok
22:21:42.0290 4968 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:21:42.0293 4968 PolicyAgent - ok
22:21:42.0335 4968 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:21:42.0339 4968 Power - ok
22:21:42.0393 4968 [ 0B6590C8E9B12CD7EDC7BB7311EFBB30 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
22:21:42.0394 4968 Power Manager DBC Service - ok
22:21:42.0430 4968 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:21:42.0431 4968 PptpMiniport - ok
22:21:42.0451 4968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:21:42.0452 4968 Processor - ok
22:21:42.0503 4968 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:21:42.0507 4968 ProfSvc - ok
22:21:42.0526 4968 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:21:42.0528 4968 ProtectedStorage - ok
22:21:42.0549 4968 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
22:21:42.0551 4968 psadd - ok
22:21:42.0586 4968 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:21:42.0588 4968 Psched - ok
22:21:42.0667 4968 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:21:42.0675 4968 ql2300 - ok
22:21:42.0701 4968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:21:42.0702 4968 ql40xx - ok
22:21:42.0739 4968 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:21:42.0743 4968 QWAVE - ok
22:21:42.0767 4968 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:21:42.0768 4968 QWAVEdrv - ok
22:21:42.0783 4968 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:21:42.0784 4968 RasAcd - ok
22:21:42.0812 4968 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:21:42.0813 4968 RasAgileVpn - ok
22:21:42.0837 4968 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:21:42.0841 4968 RasAuto - ok
22:21:42.0882 4968 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:21:42.0883 4968 Rasl2tp - ok
22:21:42.0921 4968 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:21:42.0925 4968 RasMan - ok
22:21:42.0954 4968 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:21:42.0956 4968 RasPppoe - ok
22:21:42.0967 4968 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:21:42.0968 4968 RasSstp - ok
22:21:43.0017 4968 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:21:43.0020 4968 rdbss - ok
22:21:43.0031 4968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:21:43.0032 4968 rdpbus - ok
22:21:43.0048 4968 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:21:43.0049 4968 RDPCDD - ok
22:21:43.0062 4968 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:21:43.0063 4968 RDPENCDD - ok
22:21:43.0090 4968 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:21:43.0090 4968 RDPREFMP - ok
22:21:43.0127 4968 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:21:43.0128 4968 RDPWD - ok
22:21:43.0167 4968 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:21:43.0169 4968 rdyboost - ok
22:21:43.0215 4968 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:21:43.0220 4968 RegSrvc - ok
22:21:43.0252 4968 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:21:43.0254 4968 RemoteAccess - ok
22:21:43.0278 4968 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:21:43.0282 4968 RemoteRegistry - ok
22:21:43.0314 4968 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:21:43.0316 4968 RFCOMM - ok
22:21:43.0327 4968 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:21:43.0332 4968 RpcEptMapper - ok
22:21:43.0349 4968 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:21:43.0352 4968 RpcLocator - ok
22:21:43.0398 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:21:43.0404 4968 RpcSs - ok
22:21:43.0433 4968 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:21:43.0435 4968 rspndr - ok
22:21:43.0454 4968 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:21:43.0456 4968 RSUSBSTOR - ok
22:21:43.0494 4968 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:21:43.0498 4968 RTL8167 - ok
22:21:43.0515 4968 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:21:43.0518 4968 SamSs - ok
22:21:43.0559 4968 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:21:43.0560 4968 sbp2port - ok
22:21:43.0595 4968 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:21:43.0599 4968 SCardSvr - ok
22:21:43.0657 4968 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:21:43.0658 4968 scfilter - ok
22:21:43.0712 4968 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:21:43.0721 4968 Schedule - ok
22:21:43.0763 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:21:43.0764 4968 SCPolicySvc - ok
22:21:43.0811 4968 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
22:21:43.0812 4968 sdbus - ok
22:21:43.0836 4968 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:21:43.0840 4968 SDRSVC - ok
22:21:43.0865 4968 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:21:43.0866 4968 secdrv - ok
22:21:43.0907 4968 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:21:43.0911 4968 seclogon - ok
22:21:43.0942 4968 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:21:43.0960 4968 SENS - ok
22:21:43.0998 4968 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:21:44.0001 4968 SensrSvc - ok
22:21:44.0016 4968 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:21:44.0018 4968 Serenum - ok
22:21:44.0034 4968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:21:44.0035 4968 Serial - ok
22:21:44.0080 4968 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:21:44.0083 4968 sermouse - ok
22:21:44.0135 4968 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:21:44.0138 4968 SessionEnv - ok
22:21:44.0179 4968 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:21:44.0180 4968 sffdisk - ok
22:21:44.0209 4968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:21:44.0210 4968 sffp_mmc - ok
22:21:44.0235 4968 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:21:44.0236 4968 sffp_sd - ok
22:21:44.0265 4968 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:21:44.0266 4968 sfloppy - ok
22:21:44.0299 4968 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:21:44.0302 4968 SharedAccess - ok
22:21:44.0362 4968 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:21:44.0368 4968 ShellHWDetection - ok
22:21:44.0411 4968 [ C45942985943FC4AB8A7EA7A92F29C00 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
22:21:44.0413 4968 Shockprf - ok
22:21:44.0427 4968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:21:44.0428 4968 SiSRaid2 - ok
22:21:44.0448 4968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:21:44.0449 4968 SiSRaid4 - ok
22:21:44.0502 4968 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:21:44.0503 4968 SkypeUpdate - ok
22:21:44.0528 4968 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:21:44.0529 4968 Smb - ok
22:21:44.0562 4968 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:21:44.0565 4968 SNMPTRAP - ok
22:21:44.0585 4968 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:21:44.0586 4968 spldr - ok
22:21:44.0628 4968 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:21:44.0634 4968 Spooler - ok
22:21:44.0733 4968 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:21:44.0753 4968 sppsvc - ok
22:21:44.0799 4968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:21:44.0802 4968 sppuinotify - ok
22:21:44.0834 4968 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:21:44.0836 4968 SQLBrowser - ok
22:21:44.0876 4968 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:21:44.0878 4968 SQLWriter - ok
22:21:44.0921 4968 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:21:44.0924 4968 srv - ok
22:21:44.0939 4968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:21:44.0941 4968 srv2 - ok
22:21:44.0996 4968 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:21:44.0998 4968 SrvHsfHDA - ok
22:21:45.0046 4968 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:21:45.0055 4968 SrvHsfV92 - ok
22:21:45.0092 4968 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:21:45.0096 4968 SrvHsfWinac - ok
22:21:45.0135 4968 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:21:45.0137 4968 srvnet - ok
22:21:45.0164 4968 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:21:45.0169 4968 SSDPSRV - ok
22:21:45.0197 4968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:21:45.0200 4968 SstpSvc - ok
22:21:45.0236 4968 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:21:45.0237 4968 stexstor - ok
22:21:45.0283 4968 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:21:45.0289 4968 stisvc - ok
22:21:45.0342 4968 [ F3C73E650F1CD3289F38E62CCC325A66 ] SUService c:\Program Files (x86)\Lenovo\System Update\SUService.exe
22:21:45.0342 4968 SUService - ok
22:21:45.0373 4968 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:21:45.0373 4968 swenum - ok
22:21:45.0408 4968 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:21:45.0414 4968 swprv - ok
22:21:45.0447 4968 [ 868DFB220A18312A12CEF01BA9AC069B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:21:45.0449 4968 SynTP - ok
22:21:45.0513 4968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:21:45.0526 4968 SysMain - ok
22:21:45.0655 4968 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:21:45.0658 4968 TabletInputService - ok
22:21:45.0680 4968 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:21:45.0684 4968 TapiSrv - ok
22:21:45.0724 4968 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:21:45.0728 4968 TBS - ok
22:21:45.0813 4968 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:21:45.0823 4968 Tcpip - ok
22:21:45.0850 4968 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:21:45.0860 4968 TCPIP6 - ok
22:21:45.0899 4968 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:21:45.0900 4968 tcpipreg - ok
22:21:45.0941 4968 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:21:45.0943 4968 TDPIPE - ok
22:21:45.0974 4968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:21:45.0975 4968 TDTCP - ok
22:21:46.0019 4968 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:21:46.0020 4968 tdx - ok
22:21:46.0052 4968 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:21:46.0053 4968 TermDD - ok
22:21:46.0081 4968 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:21:46.0088 4968 TermService - ok
22:21:46.0123 4968 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:21:46.0126 4968 Themes - ok
22:21:46.0190 4968 [ 39AC444E07FDBD8C2E8E291A65D515D3 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
22:21:46.0196 4968 ThinkVantage Registry Monitor Service - ok
22:21:46.0224 4968 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:21:46.0227 4968 THREADORDER - ok
22:21:46.0238 4968 [ 6DB3FAE611554DC373E266ED50111B1C ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
22:21:46.0239 4968 TPDIGIMN - ok
22:21:46.0277 4968 [ 47D2009FDC682833EE03B6DCBA23FDD2 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
22:21:46.0280 4968 TPHDEXLGSVC - ok
22:21:46.0349 4968 [ 2CF225E19490F499528B926263FE4554 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
22:21:46.0350 4968 TPHKSVC - ok
22:21:46.0375 4968 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
22:21:46.0376 4968 TPM - ok
22:21:46.0404 4968 [ 2C067E01D6BBCCC88B233B868E210907 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
22:21:46.0405 4968 TPPWRIF - ok
22:21:46.0425 4968 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:21:46.0429 4968 TrkWks - ok
22:21:46.0489 4968 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:21:46.0491 4968 TrustedInstaller - ok
22:21:46.0538 4968 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:21:46.0539 4968 tssecsrv - ok
22:21:46.0583 4968 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:21:46.0584 4968 TsUsbFlt - ok
22:21:46.0622 4968 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:21:46.0624 4968 tunnel - ok
22:21:46.0641 4968 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
22:21:46.0642 4968 TurboB - ok
22:21:46.0689 4968 [ B670DF651F00194434ADC6B326743709 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:21:46.0690 4968 TurboBoost - ok
22:21:46.0768 4968 [ B56DA1AA776C15043D10F82B32AA000D ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
22:21:46.0776 4968 TVT Backup Service - ok
22:21:46.0799 4968 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:21:46.0800 4968 uagp35 - ok
22:21:46.0848 4968 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:21:46.0851 4968 udfs - ok
22:21:46.0889 4968 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:21:46.0893 4968 UI0Detect - ok
22:21:46.0911 4968 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:21:46.0912 4968 uliagpkx - ok
22:21:46.0940 4968 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:21:46.0941 4968 umbus - ok
22:21:46.0965 4968 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:21:46.0966 4968 UmPass - ok
22:21:47.0049 4968 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:21:47.0060 4968 UNS - ok
22:21:47.0089 4968 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:21:47.0094 4968 upnphost - ok
22:21:47.0127 4968 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:21:47.0129 4968 usbccgp - ok
22:21:47.0168 4968 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:21:47.0169 4968 usbcir - ok
22:21:47.0208 4968 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:21:47.0209 4968 usbehci - ok
22:21:47.0225 4968 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:21:47.0228 4968 usbhub - ok
22:21:47.0284 4968 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:21:47.0285 4968 usbohci - ok
22:21:47.0309 4968 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:21:47.0310 4968 usbprint - ok
22:21:47.0338 4968 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:21:47.0339 4968 usbscan - ok
22:21:47.0401 4968 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:21:47.0403 4968 USBSTOR - ok
22:21:47.0428 4968 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:21:47.0429 4968 usbuhci - ok
22:21:47.0451 4968 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:21:47.0453 4968 usbvideo - ok
22:21:47.0516 4968 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:21:47.0519 4968 UxSms - ok
22:21:47.0560 4968 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:21:47.0562 4968 VaultSvc - ok
22:21:47.0577 4968 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:21:47.0578 4968 vdrvroot - ok
22:21:47.0620 4968 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:21:47.0627 4968 vds - ok
22:21:47.0671 4968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:21:47.0672 4968 vga - ok
22:21:47.0685 4968 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:21:47.0686 4968 VgaSave - ok
22:21:47.0724 4968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:21:47.0726 4968 vhdmp - ok
22:21:47.0789 4968 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:21:47.0790 4968 viaide - ok
22:21:47.0805 4968 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:21:47.0806 4968 volmgr - ok
22:21:47.0851 4968 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:21:47.0853 4968 volmgrx - ok
22:21:47.0891 4968 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:21:47.0894 4968 volsnap - ok
22:21:47.0939 4968 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:21:47.0941 4968 vsmraid - ok
22:21:48.0001 4968 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:21:48.0012 4968 VSS - ok
22:21:48.0032 4968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:21:48.0033 4968 vwifibus - ok
22:21:48.0066 4968 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:21:48.0067 4968 vwififlt - ok
22:21:48.0094 4968 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:21:48.0095 4968 vwifimp - ok
22:21:48.0127 4968 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:21:48.0133 4968 W32Time - ok
22:21:48.0152 4968 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:21:48.0153 4968 WacomPen - ok
22:21:48.0214 4968 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:21:48.0215 4968 WANARP - ok
22:21:48.0219 4968 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:21:48.0221 4968 Wanarpv6 - ok
22:21:48.0297 4968 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:21:48.0304 4968 WatAdminSvc - ok
22:21:48.0362 4968 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:21:48.0373 4968 wbengine - ok
22:21:48.0412 4968 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:21:48.0417 4968 WbioSrvc - ok
22:21:48.0459 4968 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:21:48.0466 4968 wcncsvc - ok
22:21:48.0487 4968 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:21:48.0490 4968 WcsPlugInService - ok
22:21:48.0528 4968 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:21:48.0529 4968 Wd - ok
22:21:48.0587 4968 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:21:48.0592 4968 Wdf01000 - ok
22:21:48.0603 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:21:48.0607 4968 WdiServiceHost - ok
22:21:48.0610 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:21:48.0616 4968 WdiSystemHost - ok
22:21:48.0660 4968 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:21:48.0665 4968 WebClient - ok
22:21:48.0734 4968 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:21:48.0739 4968 Wecsvc - ok
22:21:48.0762 4968 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:21:48.0766 4968 wercplsupport - ok
22:21:48.0777 4968 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:21:48.0781 4968 WerSvc - ok
22:21:48.0805 4968 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:21:48.0806 4968 WfpLwf - ok
22:21:48.0820 4968 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:21:48.0821 4968 WIMMount - ok
22:21:48.0839 4968 WinDefend - ok
22:21:48.0845 4968 WinHttpAutoProxySvc - ok
22:21:48.0900 4968 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:21:48.0901 4968 Winmgmt - ok
22:21:48.0982 4968 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:21:48.0996 4968 WinRM - ok
22:21:49.0033 4968 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:21:49.0034 4968 WinUsb - ok
22:21:49.0076 4968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:21:49.0084 4968 Wlansvc - ok
22:21:49.0096 4968 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:21:49.0097 4968 WmiAcpi - ok
22:21:49.0119 4968 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:21:49.0121 4968 wmiApSrv - ok
22:21:49.0146 4968 WMPNetworkSvc - ok
22:21:49.0163 4968 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:21:49.0168 4968 WPCSvc - ok
22:21:49.0204 4968 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:21:49.0209 4968 WPDBusEnum - ok
22:21:49.0234 4968 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:21:49.0235 4968 ws2ifsl - ok
22:21:49.0253 4968 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:21:49.0257 4968 wscsvc - ok
22:21:49.0261 4968 WSearch - ok
22:21:49.0346 4968 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:21:49.0361 4968 wuauserv - ok
22:21:49.0399 4968 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:21:49.0400 4968 WudfPf - ok
22:21:49.0420 4968 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:21:49.0422 4968 WUDFRd - ok
22:21:49.0465 4968 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:21:49.0468 4968 wudfsvc - ok
22:21:49.0511 4968 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:21:49.0516 4968 WwanSvc - ok
22:21:49.0537 4968 ================ Scan global ===============================
22:21:49.0579 4968 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:21:49.0626 4968 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:21:49.0634 4968 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:21:49.0658 4968 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:21:49.0689 4968 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:21:49.0694 4968 [Global] - ok
22:21:49.0695 4968 ================ Scan MBR ==================================
22:21:49.0704 4968 [ 2359660F8D5E1B418E3B1C780E1E0EA3 ] \Device\Harddisk0\DR0
22:21:49.0880 4968 \Device\Harddisk0\DR0 - ok
22:21:49.0880 4968 ================ Scan VBR ==================================
22:21:49.0883 4968 [ D2861C4F45152A3F727966D2D1352AA0 ] \Device\Harddisk0\DR0\Partition1
22:21:49.0884 4968 \Device\Harddisk0\DR0\Partition1 - ok
22:21:49.0898 4968 [ E3A238BFFBBDB1166ED9173CCDC18BA8 ] \Device\Harddisk0\DR0\Partition2
22:21:49.0900 4968 \Device\Harddisk0\DR0\Partition2 - ok
22:21:49.0930 4968 [ EA0CB6B32F3085BAE7E30AE03B4A3C93 ] \Device\Harddisk0\DR0\Partition3
22:21:49.0958 4968 \Device\Harddisk0\DR0\Partition3 - ok
22:21:49.0960 4968 ============================================================
22:21:49.0960 4968 Scan finished
22:21:49.0960 4968 ============================================================
22:21:49.0972 1296 Detected object count: 1
22:21:49.0972 1296 Actual detected object count: 1
22:22:10.0714 1296 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:22:10.0714 1296 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:23:42.0766 6100 Deinitialize success

markusg 21.02.2013 19:08
hi
anleitung noch mal lesen, die Konfiguration war falsch.

Rike1984 21.02.2013 19:28
Die Konfiguration von TDSS? Wo könnte ich denn einen Fehler gemacht haben, ich musste doch bei TDSS gar nichts konfigurieren oder?

markusg 21.02.2013 19:47
doch, klick doch mal auf die anleitung, da sind bilder, wo du zb sigcheck, tdss file system etc aktivieren sollst

Rike1984 21.02.2013 20:34
Hi,

oh tatsächlich, diese Bilder hatte ich nicht gesehen, war wohl zu schnell...

Der neue Bericht:

20:24:26.0528 5820 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:24:26.0965 5820 ============================================================
20:24:26.0965 5820 Current date / time: 2013/02/21 20:24:26.0965
20:24:26.0965 5820 SystemInfo:
20:24:26.0965 5820
20:24:26.0965 5820 OS Version: 6.1.7601 ServicePack: 1.0
20:24:26.0965 5820 Product type: Workstation
20:24:26.0965 5820 ComputerName: RIKE-THINK
20:24:26.0965 5820 UserName: Rike
20:24:26.0965 5820 Windows directory: C:\Windows
20:24:26.0965 5820 System windows directory: C:\Windows
20:24:26.0965 5820 Running under WOW64
20:24:26.0965 5820 Processor architecture: Intel x64
20:24:26.0965 5820 Number of processors: 4
20:24:26.0965 5820 Page size: 0x1000
20:24:26.0965 5820 Boot type: Normal boot
20:24:26.0965 5820 ============================================================
20:24:27.0839 5820 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:24:27.0854 5820 ============================================================
20:24:27.0854 5820 \Device\Harddisk0\DR0:
20:24:27.0854 5820 MBR partitions:
20:24:27.0854 5820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
20:24:27.0854 5820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x23E4D7F8
20:24:27.0854 5820 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
20:24:27.0854 5820 ============================================================
20:24:27.0932 5820 C: <-> \Device\Harddisk0\DR0\Partition2
20:24:28.0041 5820 Q: <-> \Device\Harddisk0\DR0\Partition3
20:24:28.0041 5820 ============================================================
20:24:28.0041 5820 Initialize success
20:24:28.0041 5820 ============================================================
20:24:40.0865 5964 ============================================================
20:24:40.0865 5964 Scan started
20:24:40.0865 5964 Mode: Manual; SigCheck; TDLFS;
20:24:40.0865 5964 ============================================================
20:24:41.0286 5964 ================ Scan system memory ========================
20:24:41.0286 5964 System memory - ok
20:24:41.0286 5964 ================ Scan services =============================
20:24:41.0535 5964 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:24:41.0754 5964 1394ohci - ok
20:24:41.0785 5964 [ 7D497701BDA1267AD5F86350925D2F10 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
20:24:41.0863 5964 5U877 - ok
20:24:41.0910 5964 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:24:41.0972 5964 ACPI - ok
20:24:42.0019 5964 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:24:42.0081 5964 AcpiPmi - ok
20:24:42.0191 5964 [ CF2D68C16C7BE8D037DDD1BFA6E9C965 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
20:24:42.0206 5964 AcPrfMgrSvc - ok
20:24:42.0237 5964 [ B5060FE4AA0A074779C7B11AE7DB9D48 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
20:24:42.0269 5964 AcSvc - ok
20:24:42.0362 5964 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:42.0393 5964 AdobeARMservice - ok
20:24:42.0518 5964 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:42.0549 5964 AdobeFlashPlayerUpdateSvc - ok
20:24:42.0612 5964 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:24:42.0659 5964 adp94xx - ok
20:24:42.0721 5964 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:24:42.0752 5964 adpahci - ok
20:24:42.0783 5964 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:24:42.0830 5964 adpu320 - ok
20:24:42.0861 5964 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:24:43.0002 5964 AeLookupSvc - ok
20:24:43.0064 5964 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:24:43.0142 5964 AFD - ok
20:24:43.0189 5964 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:24:43.0220 5964 agp440 - ok
20:24:43.0423 5964 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
20:24:43.0423 5964 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
20:24:43.0439 5964 Akamai ( HiddenFile.Multi.Generic ) - warning
20:24:43.0439 5964 Akamai - detected HiddenFile.Multi.Generic (1)
20:24:43.0485 5964 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:24:43.0548 5964 ALG - ok
20:24:43.0626 5964 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:24:43.0657 5964 aliide - ok
20:24:43.0673 5964 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:24:43.0704 5964 amdide - ok
20:24:43.0719 5964 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:24:43.0782 5964 AmdK8 - ok
20:24:43.0797 5964 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:24:43.0860 5964 AmdPPM - ok
20:24:43.0875 5964 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:24:43.0922 5964 amdsata - ok
20:24:43.0938 5964 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:24:43.0985 5964 amdsbs - ok
20:24:44.0031 5964 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:24:44.0063 5964 amdxata - ok
20:24:44.0094 5964 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
20:24:44.0156 5964 Andbus - ok
20:24:44.0172 5964 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
20:24:44.0219 5964 AndDiag - ok
20:24:44.0265 5964 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
20:24:44.0312 5964 AndGps - ok
20:24:44.0343 5964 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
20:24:44.0406 5964 ANDModem - ok
20:24:44.0468 5964 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:24:44.0577 5964 AppID - ok
20:24:44.0624 5964 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:24:44.0749 5964 AppIDSvc - ok
20:24:44.0780 5964 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:24:44.0889 5964 Appinfo - ok
20:24:44.0936 5964 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:24:44.0967 5964 arc - ok
20:24:44.0983 5964 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:24:45.0030 5964 arcsas - ok
20:24:45.0077 5964 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:24:45.0170 5964 aswFsBlk - ok
20:24:45.0233 5964 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:24:45.0248 5964 aswMonFlt - ok
20:24:45.0311 5964 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:24:45.0342 5964 aswRdr - ok
20:24:45.0404 5964 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:24:45.0498 5964 aswSnx - ok
20:24:45.0545 5964 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:24:45.0576 5964 aswSP - ok
20:24:45.0623 5964 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:24:45.0670 5964 aswTdi - ok
20:24:45.0701 5964 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:45.0794 5964 AsyncMac - ok
20:24:45.0841 5964 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:24:45.0872 5964 atapi - ok
20:24:45.0935 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:46.0060 5964 AudioEndpointBuilder - ok
20:24:46.0075 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:46.0184 5964 AudioSrv - ok
20:24:46.0325 5964 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:24:46.0340 5964 avast! Antivirus - ok
20:24:46.0387 5964 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:46.0465 5964 AxInstSV - ok
20:24:46.0528 5964 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:24:46.0590 5964 b06bdrv - ok
20:24:46.0637 5964 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:46.0715 5964 b57nd60a - ok
20:24:46.0840 5964 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:24:46.0886 5964 BBSvc - ok
20:24:46.0933 5964 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:24:46.0980 5964 BBUpdate - ok
20:24:47.0027 5964 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
20:24:47.0058 5964 BcmSqlStartupSvc - ok
20:24:47.0089 5964 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:47.0136 5964 BDESVC - ok
20:24:47.0183 5964 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:47.0308 5964 Beep - ok
20:24:47.0401 5964 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:24:47.0510 5964 BFE - ok
20:24:47.0635 5964 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:24:47.0776 5964 BITS - ok
20:24:47.0838 5964 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:24:47.0885 5964 blbdrive - ok
20:24:47.0932 5964 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:47.0994 5964 bowser - ok
20:24:48.0025 5964 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:24:48.0088 5964 BrFiltLo - ok
20:24:48.0103 5964 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:24:48.0166 5964 BrFiltUp - ok
20:24:48.0212 5964 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:24:48.0259 5964 Browser - ok
20:24:48.0322 5964 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:48.0400 5964 Brserid - ok
20:24:48.0431 5964 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:48.0478 5964 BrSerWdm - ok
20:24:48.0524 5964 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:48.0587 5964 BrUsbMdm - ok
20:24:48.0602 5964 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:48.0665 5964 BrUsbSer - ok
20:24:48.0743 5964 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:24:48.0821 5964 BthEnum - ok
20:24:48.0868 5964 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:24:48.0899 5964 BTHMODEM - ok
20:24:48.0930 5964 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:24:48.0977 5964 BthPan - ok
20:24:49.0008 5964 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:24:49.0086 5964 BTHPORT - ok
20:24:49.0148 5964 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:24:49.0273 5964 bthserv - ok
20:24:49.0304 5964 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:24:49.0320 5964 BTHUSB - ok
20:24:49.0351 5964 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
20:24:49.0382 5964 btusbflt - ok
20:24:49.0414 5964 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:24:49.0445 5964 btwaudio - ok
20:24:49.0460 5964 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
20:24:49.0476 5964 btwavdt - ok
20:24:49.0538 5964 [ 1BA00F5A3012365CB5B1A5DBABC1943C ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
20:24:49.0585 5964 btwdins - ok
20:24:49.0632 5964 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:24:49.0648 5964 btwl2cap - ok
20:24:49.0663 5964 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:24:49.0694 5964 btwrchid - ok
20:24:49.0726 5964 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:49.0835 5964 cdfs - ok
20:24:49.0913 5964 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:24:49.0960 5964 cdrom - ok
20:24:50.0006 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:50.0116 5964 CertPropSvc - ok
20:24:50.0147 5964 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:24:50.0240 5964 circlass - ok
20:24:50.0303 5964 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:24:50.0334 5964 CLFS - ok
20:24:50.0412 5964 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:50.0443 5964 clr_optimization_v2.0.50727_32 - ok
20:24:50.0490 5964 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:50.0521 5964 clr_optimization_v2.0.50727_64 - ok
20:24:50.0599 5964 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:50.0630 5964 clr_optimization_v4.0.30319_32 - ok
20:24:50.0677 5964 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:50.0708 5964 clr_optimization_v4.0.30319_64 - ok
20:24:50.0740 5964 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:24:50.0786 5964 CmBatt - ok
20:24:50.0818 5964 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:50.0849 5964 cmdide - ok
20:24:50.0896 5964 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:50.0958 5964 CNG - ok
20:24:51.0005 5964 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:24:51.0036 5964 Compbatt - ok
20:24:51.0083 5964 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:51.0130 5964 CompositeBus - ok
20:24:51.0161 5964 COMSysApp - ok
20:24:51.0192 5964 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:24:51.0239 5964 crcdisk - ok
20:24:51.0286 5964 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:51.0332 5964 CryptSvc - ok
20:24:51.0379 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:51.0520 5964 DcomLaunch - ok
20:24:51.0582 5964 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:51.0691 5964 defragsvc - ok
20:24:51.0769 5964 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:51.0863 5964 DfsC - ok
20:24:51.0925 5964 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:51.0972 5964 Dhcp - ok
20:24:52.0019 5964 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:24:52.0112 5964 discache - ok
20:24:52.0128 5964 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:24:52.0159 5964 Disk - ok
20:24:52.0206 5964 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:52.0253 5964 Dnscache - ok
20:24:52.0331 5964 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:52.0440 5964 dot3svc - ok
20:24:52.0487 5964 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:24:52.0596 5964 DPS - ok
20:24:52.0643 5964 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:52.0705 5964 drmkaud - ok
20:24:52.0799 5964 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:52.0861 5964 DXGKrnl - ok
20:24:52.0892 5964 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:53.0002 5964 EapHost - ok
20:24:53.0126 5964 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:24:53.0298 5964 ebdrv - ok
20:24:53.0329 5964 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:24:53.0392 5964 EFS - ok
20:24:53.0454 5964 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:53.0532 5964 ehRecvr - ok
20:24:53.0563 5964 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:24:53.0626 5964 ehSched - ok
20:24:53.0704 5964 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:24:53.0766 5964 elxstor - ok
20:24:53.0797 5964 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:53.0844 5964 ErrDev - ok
20:24:53.0906 5964 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:24:54.0031 5964 EventSystem - ok
20:24:54.0140 5964 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:24:54.0218 5964 EvtEng - ok
20:24:54.0234 5964 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:54.0343 5964 exfat - ok
20:24:54.0390 5964 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:54.0499 5964 fastfat - ok
20:24:54.0577 5964 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:24:54.0640 5964 Fax - ok
20:24:54.0671 5964 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:24:54.0733 5964 fdc - ok
20:24:54.0764 5964 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:54.0905 5964 fdPHost - ok
20:24:54.0920 5964 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:55.0030 5964 FDResPub - ok
20:24:55.0061 5964 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:55.0092 5964 FileInfo - ok
20:24:55.0123 5964 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:55.0248 5964 Filetrace - ok
20:24:55.0264 5964 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:24:55.0310 5964 flpydisk - ok
20:24:55.0373 5964 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:55.0404 5964 FltMgr - ok
20:24:55.0466 5964 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:24:55.0560 5964 FontCache - ok
20:24:55.0638 5964 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:55.0654 5964 FontCache3.0.0.0 - ok
20:24:55.0700 5964 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:55.0732 5964 FsDepends - ok
20:24:55.0763 5964 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:55.0778 5964 Fs_Rec - ok
20:24:55.0856 5964 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:55.0888 5964 fvevol - ok
20:24:55.0903 5964 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:24:55.0934 5964 gagp30kx - ok
20:24:55.0997 5964 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:56.0153 5964 gpsvc - ok
20:24:56.0231 5964 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:56.0262 5964 gupdate - ok
20:24:56.0293 5964 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:56.0309 5964 gupdatem - ok
20:24:56.0340 5964 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:56.0387 5964 hcw85cir - ok
20:24:56.0480 5964 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:24:56.0543 5964 HdAudAddService - ok
20:24:56.0574 5964 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:56.0621 5964 HDAudBus - ok
20:24:56.0652 5964 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:24:56.0683 5964 HECIx64 - ok
20:24:56.0699 5964 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:24:56.0761 5964 HidBatt - ok
20:24:56.0792 5964 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:24:56.0839 5964 HidBth - ok
20:24:56.0855 5964 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:24:56.0886 5964 HidIr - ok
20:24:56.0933 5964 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:24:57.0042 5964 hidserv - ok
20:24:57.0104 5964 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:24:57.0136 5964 HidUsb - ok
20:24:57.0167 5964 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:57.0292 5964 hkmsvc - ok
20:24:57.0338 5964 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:57.0416 5964 HomeGroupListener - ok
20:24:57.0463 5964 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:57.0510 5964 HomeGroupProvider - ok
20:24:57.0557 5964 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:57.0588 5964 HpSAMD - ok
20:24:57.0650 5964 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:57.0806 5964 HTTP - ok
20:24:57.0838 5964 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:57.0869 5964 hwpolicy - ok
20:24:57.0916 5964 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:24:57.0947 5964 i8042prt - ok
20:24:57.0994 5964 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:24:58.0025 5964 iaStor - ok
20:24:58.0056 5964 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:58.0103 5964 iaStorV - ok
20:24:58.0150 5964 [ 3761FAB385F1C2F51B2FAD48CFABBE9D ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
20:24:58.0181 5964 IBMPMDRV - ok
20:24:58.0181 5964 [ FC22310F3862E2C7C8722EF4778D5CC3 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
20:24:58.0212 5964 IBMPMSVC - ok
20:24:58.0274 5964 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:58.0352 5964 idsvc - ok
20:24:58.0680 5964 [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:59.0164 5964 igfx - ok
20:24:59.0210 5964 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:24:59.0242 5964 iirsp - ok
20:24:59.0320 5964 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:59.0460 5964 IKEEXT - ok
20:24:59.0507 5964 [ C48567D80AD357613CD0EEADE18780AE ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:24:59.0569 5964 Impcd - ok
20:24:59.0663 5964 [ 53019327813FF5AB2964B33B2C61307C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:59.0788 5964 IntcAzAudAddService - ok
20:24:59.0866 5964 [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:24:59.0912 5964 IntcDAud - ok
20:24:59.0959 5964 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:59.0975 5964 intelide - ok
20:25:00.0022 5964 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:25:00.0084 5964 intelppm - ok
20:25:00.0100 5964 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:25:00.0224 5964 IPBusEnum - ok
20:25:00.0271 5964 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:25:00.0412 5964 IpFilterDriver - ok
20:25:00.0458 5964 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:25:00.0521 5964 iphlpsvc - ok
20:25:00.0568 5964 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:25:00.0630 5964 IPMIDRV - ok
20:25:00.0661 5964 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:25:00.0770 5964 IPNAT - ok
20:25:00.0802 5964 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:25:00.0864 5964 IRENUM - ok
20:25:00.0895 5964 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:25:00.0926 5964 isapnp - ok
20:25:00.0942 5964 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:25:00.0989 5964 iScsiPrt - ok
20:25:01.0036 5964 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:25:01.0067 5964 IviRegMgr - ok
20:25:01.0098 5964 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:25:01.0129 5964 kbdclass - ok
20:25:01.0192 5964 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:25:01.0238 5964 kbdhid - ok
20:25:01.0270 5964 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:25:01.0301 5964 KeyIso - ok
20:25:01.0348 5964 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:25:01.0394 5964 KSecDD - ok
20:25:01.0441 5964 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:25:01.0488 5964 KSecPkg - ok
20:25:01.0504 5964 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:25:01.0628 5964 ksthunk - ok
20:25:01.0675 5964 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:25:01.0816 5964 KtmRm - ok
20:25:01.0878 5964 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:25:02.0018 5964 LanmanServer - ok
20:25:02.0050 5964 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:25:02.0190 5964 LanmanWorkstation - ok
20:25:02.0268 5964 [ 70481DABD9ADAB51A6933C5893B82925 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
20:25:02.0284 5964 LENOVO.CAMMUTE - ok
20:25:02.0346 5964 [ C88EB33793420A79F601FB5E33E2EDD9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
20:25:02.0377 5964 LENOVO.MICMUTE - ok
20:25:02.0393 5964 [ 5ACFF5823634BC2C4EBF559C3B33E18E ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
20:25:02.0408 5964 lenovo.smi - ok
20:25:02.0455 5964 [ D0DAF6A22037F6DEE706A095C647AA41 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
20:25:02.0486 5964 LENOVO.TPKNRSVC - ok
20:25:02.0518 5964 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:25:02.0627 5964 lltdio - ok
20:25:02.0674 5964 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:25:02.0767 5964 lltdsvc - ok
20:25:02.0783 5964 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:25:02.0908 5964 lmhosts - ok
20:25:02.0954 5964 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:25:02.0986 5964 LMS - ok
20:25:03.0048 5964 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:25:03.0079 5964 LSI_FC - ok
20:25:03.0095 5964 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:25:03.0142 5964 LSI_SAS - ok
20:25:03.0157 5964 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:25:03.0188 5964 LSI_SAS2 - ok
20:25:03.0220 5964 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:25:03.0251 5964 LSI_SCSI - ok
20:25:03.0282 5964 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:25:03.0391 5964 luafv - ok
20:25:03.0516 5964 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
20:25:03.0547 5964 McComponentHostService - ok
20:25:03.0594 5964 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:25:03.0656 5964 Mcx2Svc - ok
20:25:03.0703 5964 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:25:03.0734 5964 megasas - ok
20:25:03.0750 5964 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:25:03.0797 5964 MegaSR - ok
20:25:03.0828 5964 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:25:03.0953 5964 MMCSS - ok
20:25:03.0984 5964 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:25:04.0109 5964 Modem - ok
20:25:04.0156 5964 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:25:04.0218 5964 monitor - ok
20:25:04.0265 5964 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:25:04.0296 5964 mouclass - ok
20:25:04.0343 5964 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:25:04.0390 5964 mouhid - ok
20:25:04.0452 5964 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:25:04.0468 5964 mountmgr - ok
20:25:04.0530 5964 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:25:04.0577 5964 MozillaMaintenance - ok
20:25:04.0608 5964 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:25:04.0655 5964 mpio - ok
20:25:04.0686 5964 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:25:04.0780 5964 mpsdrv - ok
20:25:04.0842 5964 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:25:04.0967 5964 MpsSvc - ok
20:25:05.0029 5964 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:25:05.0092 5964 MRxDAV - ok
20:25:05.0138 5964 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:25:05.0185 5964 mrxsmb - ok
20:25:05.0232 5964 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:25:05.0294 5964 mrxsmb10 - ok
20:25:05.0326 5964 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:25:05.0388 5964 mrxsmb20 - ok
20:25:05.0404 5964 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:25:05.0435 5964 msahci - ok
20:25:05.0482 5964 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:25:05.0513 5964 msdsm - ok
20:25:05.0560 5964 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:25:05.0638 5964 MSDTC - ok
20:25:05.0700 5964 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:25:05.0794 5964 Msfs - ok
20:25:05.0825 5964 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:25:05.0934 5964 mshidkmdf - ok
20:25:05.0981 5964 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:25:06.0012 5964 msisadrv - ok
20:25:06.0059 5964 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:25:06.0168 5964 MSiSCSI - ok
20:25:06.0168 5964 msiserver - ok
20:25:06.0215 5964 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:25:06.0308 5964 MSKSSRV - ok
20:25:06.0324 5964 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:25:06.0433 5964 MSPCLOCK - ok
20:25:06.0464 5964 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:25:06.0574 5964 MSPQM - ok
20:25:06.0636 5964 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:25:06.0667 5964 MsRPC - ok
20:25:06.0714 5964 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:25:06.0745 5964 mssmbios - ok
20:25:06.0792 5964 MSSQL$MSSMLBIZ - ok
20:25:06.0823 5964 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:25:06.0854 5964 MSSQLServerADHelper - ok
20:25:06.0901 5964 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:25:07.0010 5964 MSTEE - ok
20:25:07.0120 5964 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:25:07.0166 5964 MTConfig - ok
20:25:07.0229 5964 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:25:07.0260 5964 Mup - ok
20:25:07.0322 5964 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:25:07.0463 5964 napagent - ok
20:25:07.0525 5964 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:25:07.0603 5964 NativeWifiP - ok
20:25:07.0666 5964 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:25:07.0744 5964 NDIS - ok
20:25:07.0775 5964 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:25:07.0868 5964 NdisCap - ok
20:25:07.0884 5964 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:25:08.0009 5964 NdisTapi - ok
20:25:08.0040 5964 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:25:08.0165 5964 Ndisuio - ok
20:25:08.0196 5964 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:25:08.0321 5964 NdisWan - ok
20:25:08.0368 5964 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:25:08.0477 5964 NDProxy - ok
20:25:08.0524 5964 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:25:08.0633 5964 NetBIOS - ok
20:25:08.0680 5964 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:25:08.0804 5964 NetBT - ok
20:25:08.0820 5964 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:25:08.0867 5964 Netlogon - ok
20:25:08.0898 5964 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:25:09.0038 5964 Netman - ok
20:25:09.0070 5964 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:25:09.0194 5964 netprofm - ok
20:25:09.0226 5964 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:25:09.0257 5964 NetTcpPortSharing - ok
20:25:09.0460 5964 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
20:25:09.0834 5964 NETw5s64 - ok
20:25:10.0021 5964 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
20:25:10.0349 5964 netw5v64 - ok
20:25:10.0380 5964 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:25:10.0411 5964 nfrd960 - ok
20:25:10.0458 5964 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:25:10.0536 5964 NlaSvc - ok
20:25:10.0552 5964 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:25:10.0661 5964 Npfs - ok
20:25:10.0708 5964 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:25:10.0817 5964 nsi - ok
20:25:10.0848 5964 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:25:10.0973 5964 nsiproxy - ok
20:25:11.0051 5964 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:25:11.0144 5964 Ntfs - ok
20:25:11.0176 5964 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:25:11.0300 5964 Null - ok
20:25:11.0347 5964 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:25:11.0378 5964 nvraid - ok
20:25:11.0410 5964 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:25:11.0441 5964 nvstor - ok
20:25:11.0472 5964 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:25:11.0503 5964 nv_agp - ok
20:25:11.0597 5964 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:25:11.0659 5964 odserv - ok
20:25:11.0690 5964 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:25:11.0753 5964 ohci1394 - ok
20:25:11.0800 5964 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:25:11.0831 5964 ose - ok
20:25:11.0893 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:25:11.0940 5964 p2pimsvc - ok
20:25:11.0956 5964 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:25:12.0018 5964 p2psvc - ok
20:25:12.0065 5964 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:25:12.0127 5964 Parport - ok
20:25:12.0158 5964 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:25:12.0190 5964 partmgr - ok
20:25:12.0221 5964 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:25:12.0299 5964 PcaSvc - ok
20:25:12.0346 5964 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:25:12.0392 5964 pci - ok
20:25:12.0408 5964 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:25:12.0439 5964 pciide - ok
20:25:12.0486 5964 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:25:12.0533 5964 pcmcia - ok
20:25:12.0548 5964 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:25:12.0564 5964 pcw - ok
20:25:12.0595 5964 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:25:12.0704 5964 PEAUTH - ok
20:25:12.0876 5964 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:25:12.0907 5964 PerfHost - ok
20:25:12.0985 5964 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:25:13.0126 5964 pla - ok
20:25:13.0250 5964 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:25:13.0328 5964 PlugPlay - ok
20:25:13.0360 5964 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:25:13.0406 5964 PNRPAutoReg - ok
20:25:13.0422 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:25:13.0469 5964 PNRPsvc - ok
20:25:13.0531 5964 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:25:13.0672 5964 PolicyAgent - ok
20:25:13.0734 5964 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:25:13.0890 5964 Power - ok
20:25:13.0937 5964 [ 0B6590C8E9B12CD7EDC7BB7311EFBB30 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
20:25:13.0968 5964 Power Manager DBC Service - ok
20:25:14.0015 5964 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:25:14.0155 5964 PptpMiniport - ok
20:25:14.0202 5964 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:25:14.0249 5964 Processor - ok
20:25:14.0311 5964 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:25:14.0358 5964 ProfSvc - ok
20:25:14.0405 5964 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:25:14.0436 5964 ProtectedStorage - ok
20:25:14.0467 5964 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
20:25:14.0498 5964 psadd - ok
20:25:14.0545 5964 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:25:14.0654 5964 Psched - ok
20:25:14.0732 5964 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:25:14.0842 5964 ql2300 - ok
20:25:14.0873 5964 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:25:14.0904 5964 ql40xx - ok
20:25:14.0935 5964 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:25:14.0982 5964 QWAVE - ok
20:25:15.0029 5964 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:25:15.0076 5964 QWAVEdrv - ok
20:25:15.0122 5964 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:25:15.0232 5964 RasAcd - ok
20:25:15.0278 5964 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:25:15.0419 5964 RasAgileVpn - ok
20:25:15.0528 5964 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:25:15.0653 5964 RasAuto - ok
20:25:15.0980 5964 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:25:16.0199 5964 Rasl2tp - ok
20:25:16.0526 5964 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:25:16.0807 5964 RasMan - ok
20:25:16.0870 5964 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:25:17.0010 5964 RasPppoe - ok
20:25:17.0041 5964 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:25:17.0182 5964 RasSstp - ok
20:25:17.0228 5964 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:25:17.0353 5964 rdbss - ok
20:25:17.0384 5964 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:25:17.0490 5964 rdpbus - ok
20:25:17.0536 5964 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:25:17.0769 5964 RDPCDD - ok
20:25:17.0848 5964 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:25:18.0044 5964 RDPENCDD - ok
20:25:18.0109 5964 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:25:18.0256 5964 RDPREFMP - ok
20:25:18.0335 5964 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:25:18.0378 5964 RDPWD - ok
20:25:18.0487 5964 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:25:18.0537 5964 rdyboost - ok
20:25:18.0628 5964 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:25:18.0715 5964 RegSrvc - ok
20:25:18.0771 5964 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:25:18.0951 5964 RemoteAccess - ok
20:25:19.0030 5964 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:25:19.0340 5964 RemoteRegistry - ok
20:25:19.0439 5964 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:25:19.0579 5964 RFCOMM - ok
20:25:19.0624 5964 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:25:19.0815 5964 RpcEptMapper - ok
20:25:19.0924 5964 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:25:20.0029 5964 RpcLocator - ok
20:25:20.0086 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:25:20.0344 5964 RpcSs - ok
20:25:20.0408 5964 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:25:20.0658 5964 rspndr - ok
20:25:20.0753 5964 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:25:20.0797 5964 RSUSBSTOR - ok
20:25:20.0861 5964 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:25:20.0975 5964 RTL8167 - ok
20:25:21.0020 5964 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:25:21.0104 5964 SamSs - ok
20:25:21.0148 5964 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:25:21.0213 5964 sbp2port - ok
20:25:21.0291 5964 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:25:21.0420 5964 SCardSvr - ok
20:25:21.0465 5964 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:25:21.0588 5964 scfilter - ok
20:25:21.0669 5964 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:25:21.0792 5964 Schedule - ok
20:25:21.0837 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:25:21.0944 5964 SCPolicySvc - ok
20:25:22.0008 5964 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:25:22.0074 5964 sdbus - ok
20:25:22.0128 5964 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:25:22.0207 5964 SDRSVC - ok
20:25:22.0250 5964 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:25:22.0360 5964 secdrv - ok
20:25:22.0404 5964 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:25:22.0566 5964 seclogon - ok
20:25:22.0617 5964 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:25:22.0762 5964 SENS - ok
20:25:22.0784 5964 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:25:22.0838 5964 SensrSvc - ok
20:25:22.0869 5964 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:25:22.0934 5964 Serenum - ok
20:25:22.0986 5964 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:25:23.0053 5964 Serial - ok
20:25:23.0099 5964 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:25:23.0163 5964 sermouse - ok
20:25:23.0288 5964 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:25:23.0463 5964 SessionEnv - ok
20:25:23.0498 5964 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:25:23.0563 5964 sffdisk - ok
20:25:23.0606 5964 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:25:23.0708 5964 sffp_mmc - ok
20:25:23.0747 5964 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:25:23.0861 5964 sffp_sd - ok
20:25:23.0929 5964 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:25:24.0016 5964 sfloppy - ok
20:25:24.0086 5964 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:25:24.0233 5964 SharedAccess - ok
20:25:24.0372 5964 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:25:24.0575 5964 ShellHWDetection - ok
20:25:24.0715 5964 [ C45942985943FC4AB8A7EA7A92F29C00 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
20:25:24.0782 5964 Shockprf - ok
20:25:24.0858 5964 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:25:24.0908 5964 SiSRaid2 - ok
20:25:24.0935 5964 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:25:24.0979 5964 SiSRaid4 - ok
20:25:25.0043 5964 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:25:25.0086 5964 SkypeUpdate - ok
20:25:25.0136 5964 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:25:25.0300 5964 Smb - ok
20:25:25.0414 5964 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:25:25.0491 5964 SNMPTRAP - ok
20:25:25.0526 5964 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:25:25.0568 5964 spldr - ok
20:25:25.0617 5964 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:25:25.0738 5964 Spooler - ok
20:25:25.0933 5964 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:25:26.0308 5964 sppsvc - ok
20:25:26.0362 5964 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:25:26.0486 5964 sppuinotify - ok
20:25:26.0521 5964 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:25:26.0565 5964 SQLBrowser - ok
20:25:26.0629 5964 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:25:26.0672 5964 SQLWriter - ok
20:25:26.0721 5964 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:25:26.0799 5964 srv - ok
20:25:26.0862 5964 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:25:26.0963 5964 srv2 - ok
20:25:27.0027 5964 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:25:27.0136 5964 SrvHsfHDA - ok
20:25:27.0206 5964 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:25:27.0297 5964 SrvHsfV92 - ok
20:25:27.0337 5964 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:25:27.0402 5964 SrvHsfWinac - ok
20:25:27.0443 5964 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:25:27.0483 5964 srvnet - ok
20:25:27.0528 5964 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:25:27.0695 5964 SSDPSRV - ok
20:25:27.0727 5964 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:25:27.0849 5964 SstpSvc - ok
20:25:27.0899 5964 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:25:27.0941 5964 stexstor - ok
20:25:28.0015 5964 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:25:28.0107 5964 stisvc - ok
20:25:28.0172 5964 [ F3C73E650F1CD3289F38E62CCC325A66 ] SUService c:\Program Files (x86)\Lenovo\System Update\SUService.exe
20:25:28.0203 5964 SUService ( UnsignedFile.Multi.Generic ) - warning
20:25:28.0203 5964 SUService - detected UnsignedFile.Multi.Generic (1)
20:25:28.0247 5964 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:25:28.0280 5964 swenum - ok
20:25:28.0330 5964 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:25:28.0500 5964 swprv - ok
20:25:28.0544 5964 [ 868DFB220A18312A12CEF01BA9AC069B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:25:28.0588 5964 SynTP - ok
20:25:28.0687 5964 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:25:28.0814 5964 SysMain - ok
20:25:28.0863 5964 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:25:28.0948 5964 TabletInputService - ok
20:25:28.0992 5964 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:25:29.0157 5964 TapiSrv - ok
20:25:29.0199 5964 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:25:29.0318 5964 TBS - ok
20:25:29.0419 5964 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:25:29.0577 5964 Tcpip - ok
20:25:30.0415 5964 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:25:30.0533 5964 TCPIP6 - ok
20:25:30.0610 5964 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:25:30.0674 5964 tcpipreg - ok
20:25:30.0739 5964 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:25:30.0791 5964 TDPIPE - ok
20:25:30.0843 5964 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:25:30.0913 5964 TDTCP - ok
20:25:30.0985 5964 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:25:31.0128 5964 tdx - ok
20:25:31.0450 5964 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:25:31.0500 5964 TermDD - ok
20:25:31.0637 5964 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:25:31.0814 5964 TermService - ok
20:25:32.0066 5964 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:25:32.0181 5964 Themes - ok
20:25:32.0248 5964 [ 39AC444E07FDBD8C2E8E291A65D515D3 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
20:25:32.0505 5964 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - warning
20:25:32.0505 5964 ThinkVantage Registry Monitor Service - detected UnsignedFile.Multi.Generic (1)
20:25:32.0700 5964 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:25:32.0824 5964 THREADORDER - ok
20:25:32.0869 5964 [ 6DB3FAE611554DC373E266ED50111B1C ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
20:25:32.0900 5964 TPDIGIMN - ok
20:25:32.0941 5964 [ 47D2009FDC682833EE03B6DCBA23FDD2 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
20:25:32.0980 5964 TPHDEXLGSVC - ok
20:25:33.0036 5964 [ 2CF225E19490F499528B926263FE4554 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
20:25:33.0065 5964 TPHKSVC - ok
20:25:33.0095 5964 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
20:25:33.0163 5964 TPM - ok
20:25:33.0224 5964 [ 2C067E01D6BBCCC88B233B868E210907 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
20:25:33.0262 5964 TPPWRIF - ok
20:25:33.0301 5964 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:25:33.0429 5964 TrkWks - ok
20:25:33.0498 5964 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:25:33.0621 5964 TrustedInstaller - ok
20:25:33.0669 5964 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:25:33.0819 5964 tssecsrv - ok
20:25:33.0880 5964 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:25:33.0918 5964 TsUsbFlt - ok
20:25:33.0998 5964 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:25:34.0101 5964 tunnel - ok
20:25:34.0138 5964 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:25:34.0163 5964 TurboB - ok
20:25:34.0220 5964 [ B670DF651F00194434ADC6B326743709 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:25:34.0248 5964 TurboBoost - ok
20:25:34.0338 5964 [ B56DA1AA776C15043D10F82B32AA000D ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
20:25:34.0387 5964 TVT Backup Service ( UnsignedFile.Multi.Generic ) - warning
20:25:34.0387 5964 TVT Backup Service - detected UnsignedFile.Multi.Generic (1)
20:25:34.0418 5964 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:25:34.0448 5964 uagp35 - ok
20:25:34.0503 5964 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:25:34.0629 5964 udfs - ok
20:25:34.0742 5964 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:25:34.0796 5964 UI0Detect - ok
20:25:34.0830 5964 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:25:34.0880 5964 uliagpkx - ok
20:25:34.0948 5964 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:25:35.0008 5964 umbus - ok
20:25:35.0051 5964 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:25:35.0091 5964 UmPass - ok
20:25:35.0190 5964 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:25:35.0323 5964 UNS - ok
20:25:35.0432 5964 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:25:35.0624 5964 upnphost - ok
20:25:35.0670 5964 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:25:35.0740 5964 usbccgp - ok
20:25:35.0821 5964 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:25:35.0884 5964 usbcir - ok
20:25:35.0939 5964 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:25:35.0991 5964 usbehci - ok
20:25:36.0046 5964 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:25:36.0110 5964 usbhub - ok
20:25:36.0148 5964 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:25:36.0190 5964 usbohci - ok
20:25:36.0217 5964 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:25:36.0285 5964 usbprint - ok
20:25:36.0335 5964 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:25:36.0389 5964 usbscan - ok
20:25:36.0443 5964 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:25:36.0514 5964 USBSTOR - ok
20:25:36.0569 5964 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:25:36.0608 5964 usbuhci - ok
20:25:36.0666 5964 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:25:36.0755 5964 usbvideo - ok
20:25:36.0802 5964 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:25:36.0934 5964 UxSms - ok
20:25:37.0024 5964 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:25:37.0063 5964 VaultSvc - ok
20:25:37.0107 5964 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:25:37.0142 5964 vdrvroot - ok
20:25:37.0197 5964 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:25:37.0369 5964 vds - ok
20:25:37.0413 5964 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:25:37.0469 5964 vga - ok
20:25:37.0494 5964 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:25:37.0648 5964 VgaSave - ok
20:25:37.0699 5964 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:25:37.0733 5964 vhdmp - ok
20:25:37.0764 5964 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:25:37.0800 5964 viaide - ok
20:25:37.0883 5964 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:25:37.0931 5964 volmgr - ok
20:25:38.0027 5964 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:25:38.0100 5964 volmgrx - ok
20:25:38.0134 5964 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:25:38.0189 5964 volsnap - ok
20:25:38.0270 5964 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:25:38.0318 5964 vsmraid - ok
20:25:38.0443 5964 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:25:38.0707 5964 VSS - ok
20:25:38.0740 5964 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:25:38.0832 5964 vwifibus - ok
20:25:38.0898 5964 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:25:39.0020 5964 vwififlt - ok
20:25:39.0102 5964 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:25:39.0320 5964 vwifimp - ok
20:25:39.0406 5964 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:25:39.0617 5964 W32Time - ok
20:25:39.0660 5964 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:25:39.0707 5964 WacomPen - ok
20:25:39.0800 5964 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:25:39.0936 5964 WANARP - ok
20:25:39.0955 5964 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:25:40.0076 5964 Wanarpv6 - ok
20:25:40.0165 5964 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:25:40.0289 5964 WatAdminSvc - ok
20:25:40.0407 5964 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:25:40.0544 5964 wbengine - ok
20:25:40.0610 5964 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:25:40.0710 5964 WbioSrvc - ok
20:25:40.0770 5964 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:25:40.0879 5964 wcncsvc - ok
20:25:40.0918 5964 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:25:40.0971 5964 WcsPlugInService - ok
20:25:41.0003 5964 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:25:41.0043 5964 Wd - ok
20:25:41.0133 5964 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:25:41.0208 5964 Wdf01000 - ok
20:25:41.0245 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:25:41.0343 5964 WdiServiceHost - ok
20:25:41.0368 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:25:41.0433 5964 WdiSystemHost - ok
20:25:41.0496 5964 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:25:41.0589 5964 WebClient - ok
20:25:41.0632 5964 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:25:41.0855 5964 Wecsvc - ok
20:25:41.0912 5964 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:25:42.0104 5964 wercplsupport - ok
20:25:42.0257 5964 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:25:42.0412 5964 WerSvc - ok
20:25:42.0458 5964 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:25:42.0590 5964 WfpLwf - ok
20:25:42.0628 5964 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:25:42.0661 5964 WIMMount - ok
20:25:42.0692 5964 WinDefend - ok
20:25:42.0702 5964 WinHttpAutoProxySvc - ok
20:25:42.0764 5964 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:25:42.0871 5964 Winmgmt - ok
20:25:42.0977 5964 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:25:43.0227 5964 WinRM - ok
20:25:43.0319 5964 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:25:43.0364 5964 WinUsb - ok
20:25:43.0411 5964 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:25:43.0506 5964 Wlansvc - ok
20:25:43.0626 5964 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:25:43.0677 5964 WmiAcpi - ok
20:25:43.0728 5964 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:25:43.0799 5964 wmiApSrv - ok
20:25:43.0843 5964 WMPNetworkSvc - ok
20:25:43.0893 5964 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:25:43.0931 5964 WPCSvc - ok
20:25:44.0001 5964 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:25:44.0094 5964 WPDBusEnum - ok
20:25:44.0154 5964 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:25:44.0368 5964 ws2ifsl - ok
20:25:44.0450 5964 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:25:44.0538 5964 wscsvc - ok
20:25:44.0547 5964 WSearch - ok
20:25:44.0681 5964 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:25:44.0910 5964 wuauserv - ok
20:25:44.0952 5964 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:25:44.0985 5964 WudfPf - ok
20:25:45.0007 5964 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:25:45.0066 5964 WUDFRd - ok
20:25:45.0095 5964 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:25:45.0147 5964 wudfsvc - ok
20:25:45.0220 5964 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:25:45.0342 5964 WwanSvc - ok
20:25:45.0485 5964 ================ Scan global ===============================
20:25:45.0555 5964 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:25:45.0624 5964 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:25:45.0658 5964 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:25:45.0721 5964 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:25:45.0788 5964 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:25:45.0805 5964 [Global] - ok
20:25:45.0817 5964 ================ Scan MBR ==================================
20:25:45.0846 5964 [ 2359660F8D5E1B418E3B1C780E1E0EA3 ] \Device\Harddisk0\DR0
20:25:46.0323 5964 \Device\Harddisk0\DR0 - ok
20:25:46.0324 5964 ================ Scan VBR ==================================
20:25:46.0331 5964 [ D2861C4F45152A3F727966D2D1352AA0 ] \Device\Harddisk0\DR0\Partition1
20:25:46.0334 5964 \Device\Harddisk0\DR0\Partition1 - ok
20:25:46.0373 5964 [ E3A238BFFBBDB1166ED9173CCDC18BA8 ] \Device\Harddisk0\DR0\Partition2
20:25:46.0377 5964 \Device\Harddisk0\DR0\Partition2 - ok
20:25:46.0415 5964 [ EA0CB6B32F3085BAE7E30AE03B4A3C93 ] \Device\Harddisk0\DR0\Partition3
20:25:46.0419 5964 \Device\Harddisk0\DR0\Partition3 - ok
20:25:46.0420 5964 ============================================================
20:25:46.0420 5964 Scan finished
20:25:46.0420 5964 ============================================================
20:25:46.0452 6056 Detected object count: 4
20:25:46.0452 6056 Actual detected object count: 4
20:26:43.0674 6056 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
20:26:43.0674 6056 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
20:26:43.0674 6056 SUService ( UnsignedFile.Multi.Generic ) - skipped by user
20:26:43.0674 6056 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:26:43.0674 6056 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:26:43.0674 6056 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:26:43.0689 6056 TVT Backup Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:26:43.0689 6056 TVT Backup Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:26:53.0393 3636 Deinitialize success

markusg 22.02.2013 15:10
Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Rike1984 26.02.2013 19:28
Hallo, sorry, war ein paar tage unterwegs, aber bin heute zum scan gekommen. hier ist der logfile:

Combofix Logfile:
Code:
ComboFix 13-02-26.01 - Rike 26.02.2013  18:23:47.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3893.2436 [GMT 1:00]
ausgeführt von:: c:\users\Rike\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
Q:\Autorun.inf
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-01-26 bis 2013-02-26  ))))))))))))))))))))))))))))))
.
.
2013-02-26 16:10 . 2013-02-08 00:28        9162192        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B22E52A-AF83-475D-B224-BBC7DCA82AB3}\mpengine.dll
2013-02-20 21:02 . 2013-02-20 21:02        --------        d-----w-        C:\_OTL
2013-02-19 16:48 . 2013-02-19 16:48        --------        d-----w-        C:\escan
2013-02-19 13:54 . 2013-02-19 13:54        --------        d---a-w-        c:\windows\VDLL.DLL
2013-02-19 13:54 . 2013-02-19 13:54        --------        d---a-w-        c:\windows\SysWow64\runouce.exe
2013-02-19 13:54 . 2013-02-19 13:54        --------        d---a-w-        c:\windows\rundll16.exe
2013-02-19 13:54 . 2013-02-19 13:54        --------        d---a-w-        c:\windows\RUNDL132.EXE
2013-02-19 13:54 . 2013-02-19 13:54        --------        d---a-w-        c:\windows\logo1_.exe
2013-02-19 13:54 . 2013-02-19 13:54        --------        d---a-w-        c:\windows\logo_1.exe
2013-02-19 13:42 . 2013-02-19 13:42        632064        ----a-w-        c:\windows\SysWow64\msvcr80.dll
2013-02-19 13:42 . 2013-02-19 13:42        554240        ----a-w-        c:\windows\SysWow64\msvcp80.dll
2013-02-19 13:42 . 2013-02-19 13:42        34048        ----a-w-        c:\windows\SysWow64\eEmpty.exe
2013-02-19 13:42 . 2013-02-19 13:42        --------        d-----w-        c:\program files (x86)\Common Files\MicroWorld
2013-02-19 13:42 . 2013-02-19 13:42        --------        d-----w-        c:\programdata\MicroWorld
2013-02-19 11:03 . 2013-02-19 11:07        --------        d-----w-        c:\users\Rike\AppData\Local\Google
2013-02-19 11:03 . 2013-02-19 11:04        --------        d-----w-        c:\program files (x86)\Google
2013-02-19 11:03 . 2012-10-30 22:50        285328        ----a-w-        c:\windows\system32\aswBoot.exe
2013-02-19 11:01 . 2013-02-26 17:32        --------        d-----w-        c:\programdata\AVAST Software
2013-02-19 11:01 . 2013-02-19 11:01        --------        d-----w-        c:\program files\AVAST Software
2013-02-13 17:08 . 2012-12-20 13:59        1492992        ----a-w-        c:\windows\system32\urlmon.dll
2013-02-12 21:52 . 2013-02-12 21:52        --------        d-----w-        c:\program files (x86)\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-19 10:42 . 2012-04-20 08:54        691568        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-19 10:42 . 2011-06-11 22:05        71024        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-13 23:06 . 2010-07-11 21:33        70004024        ----a-w-        c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2010-07-08 12:30        273840        ------w-        c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 17:08        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-22 02:00        46080        ----a-w-        c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:00        367616        ----a-w-        c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00        295424        ----a-w-        c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 22:49        441856        ----a-w-        c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 22:49        2746368        ----a-w-        c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 22:49        308736        ----a-w-        c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 22:49        2576384        ----a-w-        c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 22:49        30720        ----a-w-        c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 22:49        43520        ----a-w-        c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 22:49        23552        ----a-w-        c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 22:49        45568        ----a-w-        c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 22:49        44544        ----a-w-        c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 22:49        20480        ----a-w-        c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 22:49        20480        ----a-w-        c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 22:49        20480        ----a-w-        c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 22:49        46592        ----a-w-        c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 22:49        40960        ----a-w-        c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 22:49        21504        ----a-w-        c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 22:49        15360        ----a-w-        c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 22:49        55296        ----a-w-        c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 22:49        51712        ----a-w-        c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 22:49        43520        ----a-w-        c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 22:49        30720        ----a-w-        c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 22:49        45568        ----a-w-        c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 22:49        44544        ----a-w-        c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 22:49        20480        ----a-w-        c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 22:49        23552        ----a-w-        c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 22:49        20480        ----a-w-        c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 22:49        46592        ----a-w-        c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 22:49        20480        ----a-w-        c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 22:49        21504        ----a-w-        c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 22:49        40960        ----a-w-        c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 22:49        15360        ----a-w-        c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 22:49        55296        ----a-w-        c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 22:49        51712        ----a-w-        c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 22:48        362496        ----a-w-        c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 22:48        243200        ----a-w-        c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 22:48        13312        ----a-w-        c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 22:48        16384        ----a-w-        c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 22:48        424448        ----a-w-        c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 22:48        1161216        ----a-w-        c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        6144        ---ha-w-        c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        4608        ---ha-w-        c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        5120        ---ha-w-        c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 22:48        274944        ----a-w-        c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 22:48        4608        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        5120        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 22:48        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        129272        ----a-w-        c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        129272        ----a-w-        c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        129272        ----a-w-        c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Rike\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Spotify"="c:\users\Rike\AppData\Roaming\Spotify\Spotify.exe" [2012-12-01 7880664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Message Center Plus"="c:\program files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
.
c:\users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2010-2-17 1083680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-30 53800]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-05 75112]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-08 239136]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-29 126392]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-03 1255736]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2009-10-09 23592]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2008-05-12 15400]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-04-20 50536]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-04-20 74088]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-09-29 12728]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2009-06-18 161024]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-01-06 158848]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-07 271872]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-23 11:18        1629648        ----a-w-        c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 10:42]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19 11:03]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19 11:03]
.
2013-02-26 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
2013-02-26 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        162552        ----a-w-        c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        162552        ----a-w-        c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        162552        ----a-w-        c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        162552        ----a-w-        c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-12-21 69568]
"TpShocks"="TpShocks.exe" [2009-12-11 380776]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-13 36864]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-08-26 5879608]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2010-04-20 62312]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-29 417304]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.hiergehtslos.de
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Rike\AppData\Roaming\Mozilla\Firefox\Profiles\scz0zwuv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.gmx.net/
FF - ExtSQL: 2013-02-19 12:06; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Lenovo\System Update\SUService.exe
c:\program files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-26  18:38:35 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-02-26 17:38
.
Vor Suchlauf: 18 Verzeichnis(se), 187.816.308.736 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 187.122.016.256 Bytes frei
.
- - End Of File - - 2E114B03FB9A7C1F055B2C9C196D63AA
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:47 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131